IMPORTANT:The User Synchronization Options policy is not available in Advanced Authentication as a Service (SaaS) version.
In this policy, you can configure the settings to retain the users or groups for the required number of days, who are deleted from an LDAP or SQL repository. The authenticators of these users are retained in the Advanced Authentication server based on the period specified. Users need not re-enroll the authenticators, if the user accounts are restored in the repository.
The authenticators are restored automatically, if the users are restored in their repository. Administrators or Helpdesk need not manage the deleted users or the authenticators.
NOTE:
The authenticators are not retained for the users who are not deleted from the repository, but just removed from a group assigned in the used chains.
The user deleted from a repository after full synchronization is not counted in the used licenses, though the user is retained in the Advanced Authentication database.
Specify the number of days till when you want to retain the users or groups who have been deleted from the repository in Retain the deleted users or groups (days). The default value is 60.
For example, if you specify 30 in Retain the deleted users or groups (days), then the authenticators of the deleted users or groups are retained for a period of 30 days in the Advanced Authentication server and after 30 days, the authenticators are deleted.