When attempting to execute the "Synchronize User with Roles" task via a TEWS SOAP call in Broadcom Identity Manager 14.5.1 CHF1, the addMissing and deleteExtra parameters (As in example provided from Article 97740 "How to use TEWS to execute the "Synchronize User With Roles" task" link: How to use TEWS to execute the "Synchronize User With Roles" task) specified in the SOAP request are ignored. The synchronization only executes if the corresponding "Add missing accounts" and "Remove extra accounts" settings are manually set to true within the administrative task definition in the Identity Manager UI. The SOAP call returns a transaction ID, but no synchronization activity is observed in the Provisioning Server logs if the UI settings are false

Product: Broadcom Identity Manager

Version: 14.5.1 CHF1 (also applicable to R15 with fix pack)
Component: TEWS (Task Execution Web Services)

.
Steps to Implement the Workaround Solution:

1. Log in to the Identity Manager User Console with an administrator account.
2. Navigate to the "Synchronize User with Roles" administrative task definition.
3. Locate the "Add missing accounts" and "Remove extra accounts" properties.
4. Change the value of both properties to true
5. Save the changes to the task definition.

Once these UI settings are updated, subsequent TEWS SOAP calls with addMissing and deleteExtra set to true will successfully execute the user role synchronization.

Hotfix Availability:

A hotfix (e.g., HF_IMS-14.5.1-20250911111050-DE645744.tgz.gpg) has been provided for Identity Manager 14.5.1 CHF1. This fix is also planned to be included in an upcoming R15 fix pack . Customers on R15 can expect this resolution to be part of their regular fix pack updates.

Note: The hotfix can be deployed in a Production environment after successful validation in a QA environment when requesting opening a Support case with Broadcom.