Issue Summary

Atlassian Access subscription expiration causes removal of Identity provider directory, and as a result - deletion of existing User Provisioning directory. Re-activation of Atlassian Access subscription allows to configure SCIM user provisioning again, however the newly created provisioning directory encounters sync issues resulting from the system still taking the old (removed) provisioning directory into account.

Steps to Reproduce

1. Subscribe to Atlassian Access in organization, configure user provisioning, sync users and groups.
2. Let Atlassian Access subscription expire, which will automatically remove previously created Identity provider directory (including SCIM provisioning directory).
3. Re-subscribe to Atlassian Access, create new Identity provider directory, configure SCIM provisioning.
4. Sync the same users/groups that used to be synced to the previously deleted directory

Expected Results

User Provisioning should behave as normal, accepting all users/groups to be written into SCIM directory, and propagating the corresponding status changes further into cloud site(s) linked to Atlassian organization.

Actual Results

User Provisioning encounters issues:
1. Groups fail to be written to SCIM directory because the system considers that groups with the same names already exist in the Atlassian organization, and logs the error in Atlassian organization's provisioning Troubleshooting log.

Failed to create group of name group_name for OrgId orgId due to existing group with same name in organization

2. Deactivation of provisioned users as well as other attribute modifications aren't propagated further onto corresponding managed Atlassian accounts.

Workaround

For issue #1, the workaround is to sync a group with a different name.
For issue #2, there's no workaround available.