ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Home directory deletion issue in ACC (PIM) connector

book

Article ID: 241649

calendar_today

Updated On:

Products

CA Identity Manager

Issue/Introduction

When deleting a Unix account of the ACC (PIM) target system in Identity Manager, the home directory is deleted.

Users do not want their home directory to be silently deleted.

A method is required so that the home directory is not deleted when the account is deleted.

Note: ACC = Access Control Connector. Formerly CA Access Control product is now Symantec Privileged Identity Manager product.

Environment

Release : 14.3, 14.4

Component : IdentityMinder(Identity Manager)

Resolution

Hotfix HF-DE523312 provides a new ACC connector feature

The idea is to modify the behavior on the endpoint level.

New endpoint attribute eTACCRetainUnixHomeDir is introduced by this hotfix. Default value (empty or 0) means to keep current behavior and delete home directory.
Changing it to 1 will keep user home directory when a user is removed.

Provisioning Manager and IM User Console UIs support this new attribute.

This feature will be available in the future IM releases.