Azure AD enterprise application: Clear "caches the target system's ID"

Gherson Horna Borda 1 Reputation point
2021-09-29T14:13:40.41+00:00

In the target system the user was delete and we try to syncronize the user again from azure AD but the process failed because is using the user target system's ID that was delete, we need to clear/delete that user target system's ID to send the user again.

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
22,896 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Danny Zollner 10,496 Reputation points Microsoft Employee
    2021-10-04T17:38:59.927+00:00

    AAD Provisioning isn't built to expect deletion of users it manages from other sources - this is why you're seeing this problem. Ideally, you should be leaving management of these users, especially of deletions, up to Azure AD if it is managing creation/updates as well.

    To break the links established between AAD and your connected target system, you'll need to restart the job via MS Graph API using this API call:

    https://learn.microsoft.com/en-us/graph/api/synchronization-synchronizationjob-restart?view=graph-rest-beta&tabs=http

    You'll need to use a body with a resetScope value of "Full" rather than the one provided in the example on that page. Be warned that this will break the links between all users in that provisioning job, and they will then be reconnected based upon current matching criteria set in the mappings for that provisioning job.

    1 person found this answer helpful.
    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.