Pending accounts are not deleted after canceling the change request in RSA Identity Governance & Lifecycle
2 years ago
Originally Published: 2019-05-14
Article Number
000042111
Applies To
RSA Product Set: Identity Governance & Lifecycle
RSA Version/Condition: 7.0.2 P11, 7.1.0 P04
 
Issue
Pending accounts which are created automatically when a request contains a Create Account change item are not deleted from the system when the change request is cancelled.

For example,

  1. Create a Directory/Application and collect any entitlements into it.
  2. Create a very basic Account Template with one pending account parameter: Name set to ${User.User_ID}.
  3. Link the account template to the Directory/Application and set Entitlements require accounts to Yes.
  4. Create a change request for any user to add any entitlement from this directory.

Notice this change request contains a dependent change item for Create Account with the user's User_ID as the account name.

  1.  Cancel this change request.
  2. The account will not be seen on the user's access tab since the user-account mapping gets removed. However, if you check the Directory/Application and go to the Accounts tab you will see this account still exists.
User-added image
 
User-added image
 
User-added image
 
User-added image
 
User-added image
Cause
This is a known defect reported in ACM-96141 and ACM-94080.
 
Resolution
This issue is resolved in the following RSA Identity Governance & Lifecycle patches:
  • RSA Identity Governance & Lifecycle 7.0.2 P12
  • RSA Identity Governance & Lifecycle 7.1.0 P05

 

Related Articles

Trending Articles

Don't see what you're looking for?