User provisioning skipped when removing user's attributes

Nikola Grkavac 26 Reputation points

Whenever we remove a single user's attribute provisioning user is skipped - i.e. setting the manager or phone number to null, after synchronisation action gets completed we get the message in the logs that the state of the user in both the source and target systems already match, all though this is clearly not the case. Looking at the documentation does not give any clues about what might be the cause of this behaviour; we do not set scope filters, and all the attributes do get updated for both add and replace actions.

Target object actions are required for all actions: create, update and delete. Both delete and disable user works for us.

Is there anything in the setup that might be causing this kind of behaviour?

Azure Active Directory
Azure Active Directory
An Azure enterprise identity service that provides single sign-on and multi-factor authentication.
14,843 questions
0 comments No comments
{count} vote

Accepted answer
  1. Danny Zollner 7,016 Reputation points Microsoft Employee

    Presently, Azure AD Provisioning does not flow null/empty values into target directories. This means that an attribute that has a value will not have that value removed, even if the value is removed in Azure AD. This will be possible in the future, but I don't have an ETA that I can share unfortunately.

1 additional answer

Sort by: Most helpful
  1. Alfredo Revilla (MSFT) 18,766 Reputation points Microsoft Employee

    Hello, please Create a support request a properly address this issue or let us know if you need assistance doing so.

    1 person found this answer helpful.
    0 comments No comments