Traditionally PAM LDAP Groups are sync'd by the following setting in the UI:
PAM UI >> Configuration >> 3rd Party >> LDAP >> LDAP Domains.
Here once you select Update -> you have a setting called Update Interval, which should keep all users and groups updated.
Release : 3.1.x, 3.2.x, 3.3.x
Component : PRIVILEGED ACCESS MANAGEMENT
We cannot automatically delete an LDAP user if they have a:
If either of these scenarios happen, we cannot delete that LDAP user and/or the LDAP Group they are apart of.
Please remove that user from the PVP and/or remove the custom report.
Note: if you cannot determine this information, please open up a support case and we can SSH into the backend of the server and take a look at the uag.custom_reports table for more detailed information.