Answered

Azure AD Sync, Offboarding without block the Azure Login

  • 9 August 2023
  • 1 reply
  • 68 views
T
Rank

For some reason, we don’t want to automatically block the Azure AD login and email from offboarded employees. Is there a way to avoid this?

icon

Best answer by International Support Team 11 August 2023, 14:36

View original

1 reply

I
Rank
Userlevel 5

Hi @ThomasK,

Welcome to the Personio Community, we are thrilled to see you here :confetti_ball: :partying_face:
I’ve checked with my colleagues and they have shared that, currently, if you use the Azure AD integration, there is no currently way of avoiding this altogether. The deprovisioning workflow is triggered once an employee profile is set to inactive and/or the Termination date passes.You can manually enable the user in Azure AD again, but because the profile would still be linked to the Personio one, it would just get deactivated again with the next deprovisioning workflow. What you can do is:

  • Once the Personio profile is set to Inactive and the Azure AD profile was deactivated, you need to delete the employee ID in the Azure AD profile. That way, the sync is broken.
  • You can then re-activate/enable the account in Azure AD.

That way, the profile in Personio is Inactive, but the Azure AD profile is still enabled.

I hope this helps Thomas! Please let me know if you have any specific question related to it and I can check it out for you! 😃

I wish you a lovely weekend! 🙌🏼

Best,

Zulema

Was the answer helpful? Please mark a comment as "Best Answer"! Please beware that moderators may modify the title of your posts to make them easier to find for other users

Your reply


Terms & Conditions of the Personio Voyager Community