Use the following steps to create a workflow that will do the following:
- Trigger upon deprovision of a user account in the source domain.
- Search for the user account with the same samAccountName in the target domain.
- Deprovision the user account in the target domain, allowing for both to be deprovisioned without having to deprovision both manually.
Please note that this assumes both domains are added as Managed Domains within Active Roles.
STEPS TO CREATE WORKFLOW
- Create a new workflow and set it to start Upon a request to change data in the directory.
- Open the new workflow for editing.
- Under the Workflow options and start conditions, click the Configure... button.
- Click the Select operation... buttons.
- Select Deprovision and click Finish.
- Under Initiator Conditions, click the Add button.
- Click the Add... button and select Any User.
- Click the Browse... button and select the top level of the source domain that you want to be the trigger, and click OK.
- Click Finish.
- Now that you have 2 items listed, remove the entry for Any User - Active Directory, leaving only the entry you just added.
- Click OK to set the start conditions.
- Drag over a Search activity and place it under Operation Execution: Deprovision User.
- Double-click the Search for objects to configure the search activity.
- Click the Scope and filter tab on the left.
- Next to Find:, select Users from the drop down.
- Next to In:, select Fixed container or directory... and select the target domain, and click OK.
- Select the option Retrieve any objects held in the Organizational Unit or container.
- Under Filter: at the bottom, click the green + button to add a blank condition.
- Click the Configure condition to evaluate and select More choices... at the bottom.
- Search for samaccountname, select it and click OK.
- Click the Define value to compare to... and select Property of workflow target object....
- Click Click to choose and select More choices... at the bottom.
- Search for samaccountname, select it and click OK.
- Click OK.
- Click OK again.
- Drag over a Deprovision activity and place it inside the Search for objects search activity that you just configured.
- Double-click the Deprovision activity to configure it.
- Click the Activity target tab on the left.
- Click the Workflow Target drop-down and select Object found by search activity from the list.
- Click OK.
- Click Save Changes.