|
|
|
You cannot use the Salesforce.com connector to delete a Salesforce.com user, as Salesforce.com does not support account deletion.
In CA Identity Manager 12.5 SP1, CA Identity Manager was configured to suspend the account on the Salesforce.com endpoint and place the account in a DeletePending state when any operation that attempted to delete a Salesforce.com account directly or indirectly occurred.
In CA Identity Manager 12.5 SP2, account deletion and suspension behavior has changed.
CA Identity Manager now simulates account deletion when any operation that attempts to delete a Salesforce.com account directly or indirectly occurs, for example, removing the role that created that account.
When the option Account Options on Delete Accounts will be deleted from both the provisioning directory and the managed endpoint (not supported by Salesforce) is selected on the Endpoint Settings tab in the User Console, the account is deactivated and placed in a group called CA ILM SFDC Connector Suspended on the Salesforce.com endpoint.
During an add operation, the Salesforce.com connector verifies that the account exists on the Salesforce.com endpoint and checks to see if the account is in the CA ILM SFDC Connector Suspended group.
If the account is in the CA ILM SFDC Connector Suspended group, CA Identity Manager removes the Suspended membership and modifies the account, instead of adding a new account.
During an explore and correlate, CA Identity Manager ignores all accounts in the CA ILM SFDC Connector Suspended group.
The Salesforce.com connector creates the CA ILM SFDC Connector Suspended group as required.
Note: For more information about suspending and resuming a user account, see the User Console online help.
| Copyright © 2011 CA. All rights reserved. | Email CA Technologies about this topic |