revoke cross domain group from Active Directory

Regular Contributor
Regular Contributor

Hi Team ,

We have created Deprovision access / revoke access rules on termination, but if user group  is not from same AD Domain , it will not remove the groups and be their in PENDING tasks and after 10 tries it is moving to completed tasks with DISCONTINUED/ERROR tasks .


Can we either stop creating tasks only if cross domain or by any chance is it possible to remove cross domain groups as well ( within forest like ABC.ANKIT.COM and other AD is XYZ.ANKIT.COM) , group removal should happen .

@rushikeshvartak @sahajranajee @ashisht @Harish_Yara @avinashchhetri 


Please advise . Thanks


Saviynt Employee
Saviynt Employee


Can you please let us know if you are using AD connector or ADSI,as this use case will be supported in ADSI, Please refer the documentation as well