After adding or removing a Provisioning Role the Global User is updated but the account associate it not being associate or the value of Account Template is not being pushed to the account.

For example, Title, Department, Skype attributes are not being updated in the account

Identity Manager 12.6.x and 14.x

The Provisioning Server only updates Capability Attributes, when you change capability attributes in an account template, the corresponding attribute on the accounts change.

To know what ADS capability attributes are, you can run the command dumpptt

In Virtual Appliance environment: 

- Login to vApp console as config user
- Do a su to imps to be able to access the folder below 
su - imps 

- Navigate to /opt/CA/IdentityManager/ProvisioningServer/bin 

- Run the command: 
./dumpptt -c -t adsparse.ptt > eTADSCapability.txt 

In Standard version the dumpptt.exe command is located under folder:
X:\...\CA\Identity Manager\Provisioning Server\bin

- Run the command: 
dumpptt -c -t adsparse.ptt > eTADSCapability.txt 

- It'll dump all Capability attributes from Active Directory. 

If you would like to dump a different endpoint, see the list under folder:

D:\Program Files (x86)\CA\Identity Manager\Provisioning Server\data
 

To create a PX which will be fired when you add or remove a Role, and it will set the required attributes.

For that, you need to map the attributes in the endpoint Properties, Custom Attributes, to some CustomField, and after that, map them in your IdM Environment.