Global Security Forum

I am creating a rule with a final life cycle process that I need to remove the accounts associated with an identity (example Active Directory account)  and I cannot find a way to do this.
Has anyone made this type of rule to guide me?

------------------------------
Fabio Lutfi Machado
------------------------------

Hi Fabio,

Have you checked Setup > Settings > User Settings > Basic?
If you have CE User Visibility, you can have this option to automate the user cleanup from both MaaS360 and LDAP/AD.

Hope this helps.


------------------------------
ETHAN
------------------------------

Original Message:
Sent: Wed July 29, 2020 12:23 PM
From: Fabio Lutfi Machado
Subject: IGI 5.2.6.1 How i remove an Account (ex. Active Directory) of the identitity in a process of the life cicle.

I am creating a rule with a final life cycle process that I need to remove the accounts associated with an identity (example Active Directory account)  and I cannot find a way to do this.
Has anyone made this type of rule to guide me?

------------------------------
Fabio Lutfi Machado
------------------------------

Hi Fabio
Please have a look at the document below which takes you through this process. 
https://www.ibm.com/support/knowledgecenter/SS8H2S/com.ibm.mc.doc/pag_source/tasks/pag_users_bulk_delete.htm

For additional training please go to our Security Learning Academy:
https://www.securitylearningacademy.com/enrol/index.php?id=3047

Best

------------------------------
Eamonn O'Mahony
Technical Client Success Manager
IBM
Dublin
------------------------------

Original Message:
Sent: Wed July 29, 2020 12:23 PM
From: Fabio Lutfi Machado
Subject: IGI 5.2.6.1 How i remove an Account (ex. Active Directory) of the identitity in a process of the life cicle.

I am creating a rule with a final life cycle process that I need to remove the accounts associated with an identity (example Active Directory account)  and I cannot find a way to do this.
Has anyone made this type of rule to guide me?

------------------------------
Fabio Lutfi Machado
------------------------------

Fabio, 

Hi.  I am a consultant with IBM Security Expert Labs.  I am not sure i understand the use case.  Usually the reconciliation with AD will remove any accounts that have been deleted.  Why do you need to remove the AD accounts in IGI?  Have they been delete in AD?  Do you need to remove the account in IGI or Unmatch/Orphan the accounts? 

David

------------------------------
[David] [Kuehr-McLaren] [
Security Expert Labs]
[Senior Security Architect - STSM]
[IBM]
[dkuehrmc@us.ibm.com]
------------------------------

Original Message:
Sent: Wed July 29, 2020 12:23 PM
From: Fabio Lutfi Machado
Subject: IGI 5.2.6.1 How i remove an Account (ex. Active Directory) of the identitity in a process of the life cicle.

I am creating a rule with a final life cycle process that I need to remove the accounts associated with an identity (example Active Directory account)  and I cannot find a way to do this.
Has anyone made this type of rule to guide me?

------------------------------
Fabio Lutfi Machado
------------------------------