Currently, any change which affects the Common Name or Distinguished Name of an object will be performed, but the SPML Provider will lose track of the changed object and return an error. This includes the actions performed by the default User Deprovisioning policy.
This has been identified as product defect 452404.
In the case of Deprovisioning a User object, you may choose to modify the Deprovisioning policy so that the Distinguished Name of the target object is not changed.
In the case of Deprovisioning a User object, it is possible to change the default Suspend action for the SPML Provider so that it performs a Deprovision instead.
On the machine hosting the SPML Provider, edit the SPML.config file. By default, this is located in C:\Program Files\Quest Software\SPML Provider\Web
Find the following section:
Change to match the following:
Now, instead of the actions taken previously, send a Suspend command to a User object when a Deprovisioning is needed. For more information, please reference the documentation included with the SPML Provider.WORKAROUND 3
It is possible to include a flag with the SPML command so that it does not wait for the results of the request, but instead will return a success as long as the command is received by the SPML Provider.
The SPML command will contain a line similar to this:
<spml:modifyRequest xmlns:spml="urn:oasis:names:tc:SPML:2:0">Modify it to match the following:
<spml:modifyRequest xmlns:spml="urn:oasis:names:tc:SPML:2:0" returnData="nothing">
An Enhancement Request has been created to enhance/improve this behavior. There is no guarantee that a specific enhancement request will be implemented in a future release of the product.