Not able to delete an unavailable endpoint account through IM User Console
search cancel

Not able to delete an unavailable endpoint account through IM User Console


Article ID: 270517


Updated On:


CA Identity Suite CA Identity Manager


An account has been deleted on the endpoint itself but there is still a reference to that account within the IM/Provisioning application. Attempting to delete this non-existing/unreachable account completes successfully if done via the Provisioning Manager but the same cannot be done with the IM User Console and the message that account is unreachable is returned.


All Identity Manager


Using the Provisioning manager I can confirm that trying to delete the account which no longer exists on the endpoint does complete successfully.

Using the IM User Console I can confirm that if you use Modify User's Endpoint Accounts and search for the accounts and then select an account and click the Delete button before there is any attempt to read data from the accounts (i.e. while the Suspended/Locked columns still show as Refresh Account) that you will be able to delete the non-existing account successfully from the IM User Console.

However once IM performs a search to read the data from the accounts and determines that the account is not reachable (i.e. after the Suspended/Locked columns show as Unavailable) then you will not be able to delete the non-existing account because IM now knows the account is not reachable and no attempt is even sent to the Provisioning Server.

So you will want to first make sure that the UserAccounts screen configured on the Modify User's Endpoint Accounts task does not have the Load Status checkbox enabled. This way doing the search for accounts will not automatically try to read the Suspended/Locked values of the accounts and will leave the account's in the initial Refresh Account state. After that you can mark the account and click Delete.