We are disabling the AD account when the user Account attribute Ad value is changed from FALSE to TRUE i.e., the user gets promoted. In the workflow, every step is exited as expected but finally, the user account is not disabled. Can anyone help me to resolve this issue?
For the Manage Accounts Node, can you select Choose variable instead of Value and re-try.
1 Like
Hi @polaraojalligampala , To disable the account you need to pass the Account ID of the account in your case the account id of the Active directory. From the Get Accounts output get the Account ID of the AD and pass that in the Manage Accounts step.
Thank you. It’s working. but account is not disabled in SailPoint
Do you see the disable event under the user’s event tab.?
I saw this in the events
["sailpoint.connector.ConnectorException: java.lang.InterruptedException: Timeout waiting for response to message
If you are seeing the disable event, then the workflow issue is resolved.
You will need to figure out why the actual disable is not working. Do you get the same error when you try to disable the account manually from the UI.?
Sorry for the late reply. I tried to disable the account manually from the UI, but it failed and showed an error. However, the error message did not display any specific details.
Yeah, so it’s no more a workflow issue.
You may want to look at the IQ service logs to see more details about the error. Also make sure that your service account has the capabilities to disable the particular account.
You can also try out disabling the account from outside of IDN using the same service account to see how it behaves.
If you still can’t find out the issue, I would suggest to open a new thread as the original topic is resolved.
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.