Active Directory User Target Delete Recon with ST (Sync Token) Fail When UPN (userPrincipalName) Database field is NULL

(Doc ID 2277656.1)

Last updated on JUNE 20, 2017

Applies to:

Identity Manager Connector - Version 11.1.1.6.0 and later
Information in this document applies to any platform.

Symptoms

Using 11.1.1.6.0 AD UM Connector: Around 10,000 External User AD Accounts were deleted from the AD Server (those accounts were no longer needed). However, "Active Directory User Target Delete Recon Schedule Job with Sync Token Attribute did not work right and following error is seen in the log:


ERROR
-----------------------


STEPS
-----------------------
1. Use the Access Policy to create a new account for Test User
2. In OIM, the Account Tab will show a Provisioned AD account
3. Log into AD Server and delete the account ( Test User)
4. Run the "Active Directory Delete User Target Recon" Schedule Job and it will show a successful run
5. Verify the Recon Events (event for Test User deletion) with the errors as before.



Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms