Hi,
We have a scenario where Java AS installations primary datasource is Active Directory (LDAP connector). This is also the leading datasource for our IDM installation.
Occasionally users are removed from the AD. When this happens were are unable to terminate the Java AS user from IdM because the account no longer exists in the backend Java AS and therefore the SPML call in the standard "SetJavaGroupForUser" pass fails.
I have tried adding a version of "Apply Pending" to the result handling actions (for failed result) on the task but this doesn't work.
If the Identity has already been removed from the AD, it no longer exists in the AS Java either, and therefore all I am looking for is to remove the privileges and account privilege from the Identity in IdM to reconcile everything.
Any ideas?
Thanks in advance,
Craig.