What capability of the AFX is to be enabled to auto fulfill these Map & UnMap operations. As it is always going for a manual fulfillment.
Did you ever get a response to this? We've noticed the same behavior.
In the Unmap operation , RSA creating the 'Delete' operation instead of 'Remove' operation. We need to remove the account mapping from user. Is there any issue with Unmap webservice?
That is the default behavior for Accounts after the last mapping has been removed.
This is documented on page 201 of the Administrators Guide in the section "Account Management Terminology".
RSA Identity Governance and Lifecycle 7.2 Administrator's Guide
What we get here is we are trying to remove a user from account (computer based Account) using post webservice call.
This can be done only via unmap request in webservice call , but whenever we trigger an unmap request Rather then taking the operation as 'RemoveUserFromAccount' but it is triggering it as Implicit Account Removal Which if seen correctly checks wheter there is some access being removed from the account but we are not removing access from the account which would trigger system to check if the account needs to be there.
The situation is if a user leaves and you want to unmap that user from an Computer account he was using so that particular Desktop can be assigned to someone else(computer accounts needs reassign or change of users frequently) and you trigger an Unmap call you end up deleting the whole account from the source which should be the case
Please let me know how can this be resolved
I see that you have a Support Case open for this issue. I will wait for the case to be resolved and then update the issue here with the resolution.
Retrieving data ...