I have created a rule to pick up terminated users and disable their AD Accounts. The rule is processed successfully and it is disabled in AD, Although the same is not getting reflected under my AD Application in RSA, even after running IDC and ADC
Is the account disabled in AD?
If it the account is disabled, does G&L show a line across the the account entitlement in your Active Directory ADC collector?
The Account is disabled in AD but is not striked out in RSA IGL.
Make Sure, below Settings are configured.
Open AD Application on Aveksa, Click Edit and select 'Allow Account Disabling'
as per below Under Account Data Collector Configuration,
Re-run the account collectors and check if shows properly now.
I have already ensured these checkboxes were ticked. Could there be any other reason for this behavior?
Can you provide your 'Account Search Filter' that you are using in AD collector.
I have seen this before where the AFX server is provisioning to on AD server, while the collectors are collecting from another one. Assuming you use AFX, make sure you have not AD sync issues in your domain and try to change the collector to collect from the exact same server IP address which AFX is pointed to?
If not try changing the hostname/IP address of your AD collector to exactly the AD server you are checking the accounts from.
Retrieving data ...