Hi @vsekar7
The reason AD isn’t getting cleared is that your “null” is coming from a transform in the AD provisioning policy, not from an Identity Attribute mapped in the Identity Profile. In that setup, null often means “no attribute request sent,” so AD retains the existing value. 
The most reliable fix is to move the transform into an Identity Attribute mapping (Identity Profile), map that Identity Attribute directly in the AD Create Account definition, enable Attribute Sync for the AD attribute, then run a one-time bulk Sync. Attribute Sync explicitly supports propagating null values when the Identity Attribute is set to null by the profile mapping. 
If you must keep the logic only in provisioning policy, then you’ll need a Before Provisioning Rule to force a “clear” operation into the provisioning plan when the computed value is null.
Check please those