Hello
I have a script in before provisioning rule to remove some groups form AD accountRequest.add(new AttributeRequest("memberOf",ProvisioningPlan.Operation.Remove,group_to_remove));
But the groups is removed from AD but it still appears in Sailpoint with a red triangle with message “Entitlement does not exist in Sailpoit”
This is typically because there is still AttributeAssignment for that entitlement, so SailPoint expects it to be assigned to the account, but you have removed it with your script. You need to remove the assignment as well. Here is an example:
ProvisioningPlan.AttributeRequest entAttrReq = new ProvisioningPlan.AttributeRequest();
entAttrReq.setOp(ProvisioningPlan.Operation.Remove);
entAttrReq.setName(idenEnt.getName());
entAttrReq.setValue(idenEnt.getValue());
//Add preferRemoveOverRetain argument to prevent filtering from happening
entAttrReq.put("preferRemoveOverRetain","true");
//Add assignment argument to remove the attributeAssignment from the identity
entAttrReq.put("assignment","true");