Hi Experts,
We’ve rehired a user who was terminated less than 90 days ago, the user lifecycle state was showing “inactive”. I manually updated their lifecycle state to “active” to enabling their AD account, but I’ve noticed the AD account still isn’t activating.
Requirement : If we manually change the lifecycle state to active, the AD account needs to be enabled.
Hi @Kamlesh9923
Are you seeing any error when AD is not getting enabled ?
Hi Manish,
Thanks for your response, no error is coming
What have you configured to enable AD account when lifecycle changes to active?
Hi @Kamlesh9923
You need to configure to enable account option for Active Directory source for Active lifecycle state on the identity profile.
As mentioned earlier, you need to configure the “enable account” option for your Active Directory source within the Active lifecycle state settings on your identity profile. This is the correct approach.
When you manually change a lifecycle state in ISC, it doesn’t automatically trigger provisioning actions unless those actions are explicitly configured in the identity profile for that specific lifecycle state. Simply changing the lifecycle state from “inactive” to “active” in the UI won’t enable the AD account unless you’ve set up the proper configuration.
Go to your identity profile configuration and look for the lifecycle states section. For the “Active” lifecycle state, you need to specify which sources should have their accounts enabled. Add Active Directory to the list of sources that should enable accounts when an identity enters the “Active” state. You can find this in the lifecycle state configuration documentation.
Once configured, any future lifecycle state changes to “active” should automatically enable the associated AD accounts. For the current rehired user, you may need to either trigger an identity refresh or manually provision the account enable action after configuring this setting.
Go to Identity Profile → Provisioning → Active (Lifecyclestate) → Add your Active Directory Account in Enable state and click on save and apply changes
Go to the Identity → Change the Lifecyclestate to Inactive → Once done change it back to Active. It should Enable the account now.
Let us know if you are still facing issues related to the same.
Hello Everyone,
Thanks for your reply.
Is there a method to activate a rehired user’s AD account prior to eight days before their start date without changing the lifecycle state?
Hi @Kamlesh9923
You can achieve it via workflow.
Use the Identity Attributes Changed trigger. Whenever this attribute is changed, add a step to compare this value and if the condition matched, then enable the Account.
Thanks
Thanks for your response. it will effect JML process if we add AD in active lifecycle state?
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.