Move user to correct OU

Hello everyone

I have a problem

I need that when a user is in a disabled OU and when they become active, they are moved to the active OU, but the user is becoming active and is not moved.

I have created provisioning policies to disable account, update account and enable account, but none of them have moved the user to the OU when the user was active

{
“name”: “DISABLE”,
“description”: null,
“usageType”: “DISABLE”,
“fields”: [
{
“name”: “AC_NewParent”,
“transform”: {
“type”: “lookup”,
“attributes”: {
“input”: {
“type”: “identityAttribute”,
“attributes”: {
“name”: “cloudLifecycleState”
}
},
“table”: {
“ativo”: “OU=Funcionario,OU=Colaboradores,DC=gds,DC=local”,
“vacation”: “OU=Ferias,DC=gds,DC=local”,
“terminated”: “OU=Desligados,DC=gds,DC=local”,
“default”: “OU=Desligados,DC=gds,DC=local”
}
}
},
“attributes”: {},
“isRequired”: false,
“type”: “string”,
“isMultiValued”: false
}
]
}

{
“name”: “Enable account”,
“description”: null,
“usageType”: “ENABLE”,
“fields”: [
{
“name”: “AC_NewParent”,
“transform”: {
“type”: “lookup”,
“attributes”: {
“input”: {
“type”: “identityAttribute”,
“attributes”: {
“name”: “cloudLifecycleState”
}
},
“table”: {
“ativo”: “OU=Funcionario,OU=Colaboradores,DC=gds,DC=local”,
“vacation”: “OU=Ferias,DC=gds,DC=local”,
“terminated”: “OU=Desligados,DC=gds,DC=local”,
“default”: “OU=Funcionario,OU=Colaboradores,DC=gds,DC=local”
}
}
},
“attributes”: {},
“isRequired”: false,
“type”: “string”,
“isMultiValued”: false
}
]
}

{
“name”: “Update Account”,
“description”: null,
“usageType”: “UPDATE”,
“fields”: [
{
“name”: “AC_NewParent”,
“transform”: {
“type”: “lookup”,
“attributes”: {
“input”: {
“type”: “identityAttribute”,
“attributes”: {
“name”: “cloudLifecycleState”
}
},
“table”: {
“ativo”: “OU=Funcionario,OU=Colaboradores,DC=gds,DC=local”,
“vacation”: “OU=Ferias,DC=gds,DC=local”,
“terminated”: “OU=Desligados,DC=gds,DC=local”,
“default”: “OU=Funcionario,OU=Colaboradores,DC=gds,DC=local”
}
}
},
“attributes”: {},
“isRequired”: false,
“type”: “string”,
“isMultiValued”: false
}
]
}

This scenario is OK

This Scenario is not OK

Account is enabled, but in the wrong OU

I need the account to be moved to OU Employee

Hi @guilherme_sec

Did you get chance to look at below topic, it seems relevant to your scenario’s:

Move OU Active Directory - Identity Security Cloud (ISC) / ISC Discussion and Questions - SailPoint Developer Community

@guilherme_sec May we know what was the issue finally in case you fixed it?