Share all details related to your problem, including any error messages you may have received.
Hi All
We just upgraded our IdentityIQ from 8.2p2 to 8.2p6. Since then our leaver workflow is throwing errors for disabling Salesforce accounts where we set the profileid to “loginless”
The error is “Validation rule preventing activation of Loginless and ReadOnly users”. We did not have these errors with 8.2p2.
Has anybody seen similar error before? Any hint where to look?
Hi @pasha,
Is this a salesforce error ? Please provide more details on the error
Did you had a chat with salesforce app team to understand if this is at app end.
The error is from Salesforce when I try to disable AND set profileid to loginless
Is there way to make the connector to do the disable first then set the profileid?
Our salesforce team has this policy that the user has to be disabled before it can get Loginless. 8.2p2 did it in the right order. 8.2p6 connector does not
I know. Active users have only one role which could be sales, marketing, …
When the user leaves the company I need to disable their account AND set their profile to be “Loginless”. I do that in the beforeprovisioning rule and 8.2p2 did the right thing. But 8.2p6 is not.
Next reply has a sample plan that fails. 00eG000dfj0cLsDIAU is the profileid for “loginless”:
Just to update this case. The Salesforce connector has changed between 8.2p2 and 8.2p6. What used to be done in one call for setting the profileid and disable, now is done in two separate API calls.
I ended up changing my beforeprovisioning rule to add disable modify as a separate accountrequest first.