Which IIQ version are you inquiring about?
8.4p2
Share all details about your problem, including any error messages you may have received.
Hello,
We recently implemented a change to when a user terminates via the RapidSetup Leaver workflow, their AD account is moved to a specific disabled users OU. The process appears to work fine (I can verify the account was actually moved) but we see an error each time:
Errors: sailpoint.connector.ObjectNotFoundException: [ ObjectNotFoundException ] [ Possible suggestions ] Ensure that Account - --------- exists. [ Error details ] ObjectNotFound [LDAP: error code 32 - 0000208D: NameErr: DSID-03100245, problem 2001 (NO_OBJECT), data 0, best match of: ‘OU=Disabled,DC=dnanico1,DC=aniconet,DC=com’ ]
This event is “disable” and is when the error occurs. Is there some other configuration that we need in conjunction with the ‘Move Account’ option on the RapidSetup configuration? I read somewhere about a before provisioning rule, but that was for ISC so I’m not sure how relevant that would be to us as we use an on-prem IIQ instance. Advice? If we do need to employ some logic in the before provisioning rule for AD, that should be easy to implement, I just need to know if that’s the direction we would need to take for the process to discontinue failing.