We are using User Provisioning. So upon termination the standard security rules that are assigned at hire are removed upon termination.
But here is a challenge I'm having and curious how others are addressing.
For core users of the system (finance user for example) we have internal process where access rules are requested.
But when they are terminated, their actors are disabled and our other internal processes disable their AD account so they can't sign in. But when I'm doing security audits to see who has security rules, those rules are still assigned.
I need to figure out a process to handle this.. unassign all rules upon termination.
How are others doing this? IPA? Internal Process?
Thanks
