[ tldr: is it possible to disable the account collection with the IDM AE permission collector? I only found the option to disable the whole collector]
We are using the Identity Manager AE Permission Collector as collector to get permissions/accounts from the IDM. Everything is working, accounts and permissions are mapped to the matching user/identity. The most import "accounts" for us (/the customer) are the Active-Directory accounts, because we want to do reviews for those accounts. The reviews are mostly based on different attributes which are only available in the Active Directory (Last Login, Password Expire, 'manager/responsible person reference', etc.). As I understand it, it is not possible to import additional attributes from specific target systems (since the collector doesn't import from the AD directly).
So we need to collect accounts directly from the AD with the according collector. But now we don't need the accounts from the IDM AE Permission Collector, we need the permissions, but not the accounts. The accounts don't have any value for us, since the information stored for this accounts isn't something the users can work with.(for example to use those accounts in a review) We are using the IDM automated fulfillment configuration, I think for this we need this specific collector.
So, is it possible to disable the account import for this collector? If there is a specific need why I should keep those accounts -I would love to hear it. However, I have not seen any need for it in the documentation, or in my use cases so far.