Why IM Admin Task submission is triggering Provisioning attribute modification while mapped attribute has not been changed.
This is the expected behavior of CA Identity Manager Outbound Synchronization feature.
When an CA Identity Manager Admin Task is configured with "Account Synchronization" (not 'OFF'), then CA Identity Manager makes sure that the users for the CA Identity Manager corporate user store and the Provisioning directory have matching data.
Outbound Synchronization feature is based on the Outbound Events and Attribute Mapping configuration in a manner than if mapped attributes values are different between IM User Store directory and IM Provisioning Store directory then values from IM User Store are propagated to Provisioning.
So in situation where submitted CA Identity Manager Admin Task enables Account Synchronization and the corporate User Store attribute data is different of its mapped Provisioning attribute then the Outbound Synchronization triggers modification of the Provisioning one.
Steps to reproduce :
1- From CA Identity Manager Management Console, an Identity Manager Environment / Advanced Settings / Provisioning is configured with Attribute Mappings.
As sample, Corporate User Store "title" Attribute is mapped with Provisioning "eTTitle" Attribute.
2- Verify the "Modify User" Identity Manager Admin Task is defined with "Account Synchronization" set to "On task completion" and that "title" is not defined within the User Profile tab screen.
3- Modify a User's "title" Attribute (any value else its current "eTTitle" one) directly within the Corporate User Store (out side CA Identity Manager).
4- Submit the "Modify User" Identity Manager Admin Task to change any of the User's attributes.
As result, the User's Provisioning "eTTitle" attribute has been changed to the "title" 's value set directly within the Corporate User Store (step -3).