Hi all,
We have a scenario where when we refresh an identity, the end date is sent to an AD attribute.
This is not happening for an identity even when we check the option to Synchronize attributes.
Is there something that we are missing?
Thanks in advance
Assuming you have target mapping configured for AD. What attribute are you trying to set on AD. Some attributes like accountExpires require you to format it to Active Directory timestamp. You can use a Transformation Rule for your target mapping to do this.
@SanjeevIAM We already have a transformation rule in place. The issue is that the provisioning does not seem to trigger from SailPoint. There is no provisioning transaction in the admin console on refresh
What attribute are you trying to update on AD and if you can add your transformation rule here we can check why it is not getting triggered.
@SanjeevIAM we see that the accountexpires attribute is being provisioned to AD for most identities. Its a few for whom we see no provisioning transactions
Hi @rishavghoshacc , maybe those identities are not refreshed yet, or some of the account aggregation may be setting the needRefresh flag as false for those identities. Please investigate on lead.
I see similar issues with my cases; we fixed this by making sure none of the processes are not setting the needRefresh flag as false.
Thanks
@SivaLankapalli
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.