返回
-
标题
Person record not deleted after linked Active Directory account is deleted in the target system -
说明
After an Active Directory user is deleted in the target system, a synchronization to Identity Manager takes place. The ADSAccount is successfully deleted in Identity Manager but the Person record remains.
In the scenario above account definitions are not being used. Person record updates are done via the ADSAccount that is linked and the following configuration parameter is enabled in Designer:
TargetSystem\ADS\PersonUpdate -
原因
Expected behavior -
解决办法
This is expected behavior. The configuration parameter TargetSystem\ADS\PersonUpdate only allows employee records to be updated when the linked ADSAccount is updated. A deletion to the ADSAccount will not trigger a delete to the Person record.
Only managed accounts with an assigned account definition for the Active Directory target system will delete the Person record if the linked ADSAccount is deleted in the target system.