I’ve been trying to fix an issue where duplicate AD accounts are being created for certain identities randomly as described in this post
After several weeks of internal investigation and working with SailPoint support, the recommended fix—based on similar reports from others—appears to be increasing the provisioningTimeout and IQServiceResponseTimeout values.
While I understand how increasing timeouts might help in some scenarios, I’m struggling to see how they directly relate to this specific issue. In many cases, the duplicate AD account is created just seconds after the first, so it’s unclear how simply increasing these timeout values would prevent that.
Of course, I want to resolve the issue, but I also want to fully understand the reasoning behind this recommendation—both to validate the fix and for my own clarity.
For those who have implemented this fix, could you please help me understand the reasoning behind it?