OCI Identity Cloud Service (IDCS) - Microsoft Active Directory (AD) Bridge Sync Does not Terminate/ Revoke Deleted AD Users in IDCS (Doc ID 2514748.1)

Last updated on OCTOBER 30, 2024

Applies to:

Identity Cloud Service (IDCS) - Version N/A and later
Information in this document applies to any platform.

Symptoms

AD Bridge sync does not terminate deleted AD users in IDCS

A user is synced into IDCS from AD via the AD Bridge and later terminated/deleted on the AD side. The user is put into the deleted objects container on the AD side, but later imports / syncs via the Bridge fails to remove the user on the IDCS side.

The issue can be reproduced at will with the following steps:

User is a member of a group and imported into IDCS from the AD Bridge
User is terminated and thus moved into the deleted objects container on the AD side
Run an Import sync from the AD Integration on the IDCS Admin Console
Check and see that the user is still listed on the Users page as a Federated user
Check one of the Groups on the IDCS side and find the terminated user is still shown as a member

Changes

Cause

	To view full details, sign in with your My Oracle Support account.
	Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.

OCI Identity Cloud Service (IDCS) - Microsoft Active Directory (AD) Bridge Sync Does not Terminate/ Revoke Deleted AD Users in IDCS (Doc ID 2514748.1)

Applies to:

Symptoms

Changes

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!