02/20/2023 06:12 AM
We have a requirement for leaver scenario like -Removes account from all security distribution groups except for Azure AD licenses along with others like- Disable Saviynt user identity, -Remove all access, groups. We are trying to implement it through user update rule but for the exception case of Azure AD licenses we are not sure how to proceed. Any information regarding this is highly appreciated.
Regards,
Soumya Muni
02/20/2023 10:53 PM - edited 02/21/2023 09:49 AM
There is no direct way from user update rule but you can explore the actionable analytics option for that specific endpoint to create tasks only for specific entitlement types
02/21/2023 08:17 AM
From User Update rule, you can only deprovision accounts and access for an endpoint. There is no way to exclude certain entitlements. But you can use actionable analytics report to revoke only certain entitlements. Please refer below link: