We have IGL 7.0.2 installed with an Unauthorized (Rogue) Change Detection rule running after every account or entitlement collection. We recently made a change to one of our AD Account and Group collectors to exclude a certain OU. After implementing this change over 1,100 new UCD were detected by IGL, which of course is not normal. Upon analysis we found that the unauthorized changes had previously been detected by IGL. It appears that the update to the AD Account and Group collector caused IGL to "forget" that it had already detected these unauthorized changes previously.
Has anyone had this happen and if so, is there a solution to prevent this from happening again? We soon will be implementing another change to the same collector and do not want a repeat of the re-detection.
Also, we now have 1,100 UCDs that need to be "cleaned up". Any suggestions on how to do this without manually canceling them?unauthorized change