Deleted in AD message show up in the policy user\group object.


Article ID: 220706


Updated On:


Web Security Service - WSS


There is a message “Deleted in AD” on all the users\groups used in the WSS portal policies. Authentication is working as expected however this message is indicating the user or group is deleted from the AD.

The same message also show up Identity > Users & Groups > Active Directory > Users (or Groups)


When the Auth Connector is installed, it will sync all the AD usernames and group names with the WSS portal. This can be used while creating rules for users\groups.

In case if the Auth connector goes down or the update fails then this message would show up in the policy objects and also under Identity > Users & Groups > Active Directory > Users (or Groups).

This can also happen in case if the Auth Connector is unable to find the specific user or groups from the AD.


Clicking on the “Sync with AD” option from Identity > Users & Groups > Active Directory > would force the Auth Connector to re-sync the data from AD.

If there is a connectivity issue at Auth Connector server, you have to fix that and that will address this issue.