Chat now with support
Chat with Support

Identity Manager 8.1.5 - Administration Guide for Active Roles Integration

Displaying information about deprovisioning Active Directory user accounts and Active Directory groups

The following properties are displayed for deprovisioning Active Directory user accounts and Active Directory groups:

Table 9: Deprovisioning data
Property Description

Deprovisioning status

Status of deprovisioning sequence through Active Roles when an object is deleted. The data is loaded from Active Roles on synchronization.

Status Description

No deprovisioning

The Active Directory object is enabled.

Deprovisioning successful

The Active Directory object was successfully deprovisioned

Deprovisioning failed

An error occurred deprovisioning the Active Directory object.

Deprovisioning date

Status of deprovisioning sequence through an Active Roles when a object is deleted. The information is loaded from the Active Roles during synchronization.

To display master data for deprovisioning an Active Directory user account

  1. Select the Active Directory | User accounts category.
  2. Select the user account in the result list.

  3. Select the Change master data task.

  4. Select the Active Roles tab.

To display master data for deprovisioning an Active Directory group

  1. Select the Active Directory | Groups category.
  2. Select the group in the result list.

  3. Select the Change master data task.

  4. Select the Active Roles tab.
Related topics

Restoring deprovisioned Active Directory user accounts and Active Directory groups in the One Identity Manager

You can restore deprovisioned Active Directory user account and Active Directory groups using One Identity Manager if required. The following methods are used to do this:

  • Undo deprovisioning
  • Restoring deleted objects

Both methods initiate a process for deprovisioning Active Directory objects in Active Roles. The process finds the deprovisioning status, updates some of the Active Directory object properties, like the name and the One Identity Manager container and in the Active Directory database, and sets the Active Directory object status to "changed". All the Active Directory object properties are loaded in the One Identity Manager database by the next synchronization and changed to "published".

Detailed information about this topic

Undoing deprovisioning

Use this method to undo Active Directory user account and Active Directory group deprovisioning. You can use this method independent of the deprovisioning method implemented.

To undo Active Directory user account deprovisioning

  1. Select the Active Directory | User accounts | Deprovisioned accounts category.
  2. Select the user account in the result list.
  3. Select the Undo deprovisioning task.
  4. Confirm the security prompt with Yes.
  5. Confirm with OK.

To undo Active Directory group deprovisioning

  1. Select the Active Directory | Groups | Deprovisioned groups category.
  2. Select the group in the result list.
  3. Select the Undo deprovisioning task.
  4. Confirm the security prompt with Yes.
  5. Confirm with OK.
Related topics

Restoring deleted objects

You can use this method as an alternative for Active Directory user accounts and Active Directory groups you have deprovisioned using the method "Deprovision not delete". You find the deprovisioned Active Directory object, in this case, in the One Identity Manager database with status "Deleted".

To restore a user account

  1. Select the Active Directory | User accounts category.
  2. Select the user account in the result list.
  3. Click Undo delete in the result list toolbar.

To restore a group

  1. Select the Active Directory | Groups category.
  2. Select the group in the result list.
  3. Click Undo delete in the result list toolbar.
Related topics
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating