Just to confirm, they are no way to do a compliance on AD Attribute ?
To explain more the situation, we are migrating Microsoft FIM in RSA IGL. On FIM, where an attribute was changed on AD but does not equal the value on FIM, FIM push the correction. Like that, FIM is the authority source which depend on HR data by the way.
If I understand, RSA IGL do only push forward so for example if one attribute is modified on the identity, it's pushed to the target. It does not correct attribute on target if someone has changed it and it's not done on the RSA identity. right ?