I am not sure if I really understand the question. You would need to perform an Explore of the acquired AD endpoint to see if accounts are created/deleted from the AD side so that the reference account objects stored in the Provisioning Repository can be updated with the same.
Configuring the Endpoint Attribute Mappings would determine what attributes are retrieved and stored within the Provisioning Repository and applied to the mapped Provisioning User attributes.
Running a Correlate would associate accounts to a Provisioning User, orphan account would mean that the accounts did not correlate to a specific user based on the correlation rules so it becomes associated to [default user]. You would need to do a List Accounts of [default user] in the Provisioning Manager or use the Manage Orphan Accounts task found in the IM User Console.
Original Message:
Sent: 05-21-2020 09:38 AM
From: sudip karmacharya
Subject: Reconciliation query
. Reconciliation query
- Clear Visibility of reconciliation
- What are the attributes that are pulled from AD while doing reconciliation?
- How to identity an orphan account?
For e.g.: Someone creates a user from the backend (AD) and after doing reconciliation how can the IDM identify such users.
- What will happen if the user is Deleted in AD from Backend?
- Report for reconciliation
- Report for orphan account
Thank you
------------------------------
Network and security Engineer technical associative
Cas Trading House
Putalisadak, KTM
------------------------------