When a Provisioning Role mapped to an Azure Administrative Unit (AU) is removed from a user in Identity Manager, the AU membership is not revoked in Azure. The Azure Rest Connector fails to issue the necessary DELETE call to the Microsoft Graph for AU membership removal. This results in access governance inconsistency, compliance risk, and the need for manual cleanup in Azure.

Product: Identity Manager
Affected Version: 14.5.1 + CHF1
Component: Azure Rest Connector

This issue is caused by a product defect where the Azure connector did not correctly handle the DELETE operation for Administrative Units.

Open a Suppot case an refer to Hotfix: HF_DE664431.zip, providing your versions and details.