Hello,
do you use "Active Directory User Target Delete Recon" job to reconcile deleted AD acounts from AD to corresponding accounts? Recently I have tried to configure and use this job, but without success - job starts and ends immediately. According to diagnostic log, only the configuration lookup values (Lookup.Configuration.ActiveDirectory) are read and the job immediately finishes successfully (without doing anything - no recon events are generated).
On the other hand, job "Active Directory User Target Recon" is working as expected, so there is no global recon config problem.
"Active Directory User Target Delete Recon" parameters config:
- Delete Recon = yes (default)
- IT resource name = <exactly as in "Active Directory User Target Recon">
- Resource Object Name = AD User
- Scheduled Task Name = Active Directory User Target Delete Recon (default)
- Sync token = <empty - I want a full recon>
There is no error in the logs.
Do you please have any idea what could be wrong? I have prepared a scenario, where I created an account through OIM in AD and consequently deleted (directly in AD) the account. After running the Delete recon job, I am expecting to have an OIM AD account in status = "Revoked" - but the status stays "Provisioned".
Peter