RSA Identity Governance & Lifecycle 7.0.x provisioning termination rule is not creating a change request to disable the manually linked accounts
3 years ago
Originally Published: 2018-06-26
Article Number
000042152
Applies To
RSA Product Set: RSA Identity Governance & Lifecycle
RSA Version/Condition: 7.0.1, 7.0.2
 
Issue
The provisioning termination rule is creating a change request to disable only the collected accounts, leaving behind the manually linked accounts in RSA Identity Governance & Lifecycle. FOr example,
  1. Create a termination rule to generate change request to disable the accounts when the user is deleted. 
User-added image
  1. In this example, we have picked a user who has two accounts (one is a collected account and the other one is a manually linked account): 
User-added image
 
User-added image
  1. Delete the user from the source and run the corresponding Identity data collector to collect the deleted user. 
    User-added image
 
  1. Now run the rule and it will be able to pick the deleted user. The rule will create a change request to disable the collected account but doesn't create a change request to disable the manually linked account.
  2. User-added image
Cause
This is a bug in the product and has been reported to our engineering team. 
Resolution
Upgrading to version 7.0.2 P05 or 7.1.0 will fix this issue. 

NOTE: If you are seeing this issue for a specific application/directory or post upgrading to V7.0.2 P05+, please verify if the allow account disabling flag is set to Yes. If this is set to No,
  1. Navigate to Resources > Applications/Directories
  2. Select the application/directory and click Edit
  3. Enable the flag and click OK
User-added image

Related Articles

Trending Articles

Don't see what you're looking for?