IDN delete accounts on connected systems?

Hi all! I have a demand for account deletion on sources (if I a wrong in something please feel free to correct me).

I know that Sailpoint recommends disabling account on target systems, rather than delete accounts, something reasonable, I have some experience of massive account deletion with other idm tools triggered by errors in configurations.

Also, I also know that account deletion is possible in some sources, with some workarounds (like AD with its powershell after rule, jdbc statements in db sources, etc).

I am actually trying to argue this point in a design document I am building, but I am not actually finding where I saw this Sailpoint recommedation (I think it was on University). If someone has it bookmarked or has fresh in memory where it is, can share some link to complement document? Thanks!

Hi @jsosa

At the moment, IDN doesn’t have OOTB functionality for account deletion even through workflows.

You can make use of Native Rules for Microsoft related products like AD, JDBC Rules for DB, Web service before operation Rules. For other connectors only workaround is change the account request operation to delete in Before Provisioning Rule which is a cloud Rule.

Thanks
Krish

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.