How to stop preserving user accounts which were imported/provisioned on the inSync admin via SCIM app configured on the Azure

Last updated
Save as PDF
Share
1. Share

Heads up!

We've transitioned to a new documentation portal to serve you better. Access the latest content by clicking here.

Problem description

If the user account was provisioned on inSync admin via SCIM app configured on the Azure side.How to prevent the SCIM app from preserving the user account on the inSync admin console.

Cause

Automatic preserving of user accounts on the inSync side imported via SCIM happens in the following scenario.

If the user account has been deleted from the Azure side,
If the user account has been disabled from the Azure side.
If the user account has been unassigned from the SCIM app (removed within the scope of SCIM app)

Resolution

Go to the inSync SCIM app configured under Enterprise applications on the Azure
Click on the “Provisioning”

Click on “Edit provisioning”

Here Under the Mappings click on the blue hyperlink text “Provision Azure Active Directory users”

Here under the Attribute mapping click on Not([IsSoftDeleted]) Azure Active Directory Attribute

Here Not([IsSoftDeleted]) attribute is responsible for triggering the API call to disable the user accounts on insync admin if disabled, deleted or unassigned from the Azure side.

Note : Before altering the changes to stop SCIM app from preserving the user accounts on the inSync admin console. Make sure to take a screenshot of the current settings seen under the “Edit Attribute view opened on the right side of the page. So that in future if you want to enable automatic preserving of user accounts you can reconfigure this attribute value looking at the screenshot.

Under Edit Attribute settings for Not([IsSoftDeleted]), change the following

Change Mapping type to None from the drop down box.Once done you will see the edit attribute as below

SUPPORT community

support Resources

More links

Support Contacts