This issue is resolved in the following RSA Identity Governance & Lifecycle versions and patch levels:
- RSA Identity Governance & Lifecycle 7.0.2 P14
- RSA Identity Governance & Lifecycle 7.1.0 P08
- RSA Identity Governance & Lifecycle 7.1.1 P02
- RSA Identity Governance & Lifecycle 7.2.0
To determine if you have this issue, run the following SQL script as
avuser. The script identifies if there are any duplicates but does not uniquely identify the type of a duplicate. If the script returns a count greater than zero, the issue exists and patching to one of the above versions is required.
SELECT *
FROM t_ce_explicit_relations
WHERE
( entitled_id, entitled_type, entitlement_id, entitlement_type ) IN (
SELECT
entitled_id, entitled_type, entitlement_id, entitlement_type
FROM t_ce_explicit_relations
GROUP BY
entitled_id, entitled_type, entitlement_id, entitlement_type
HAVING COUNT(1) > 1
);
SELECT COUNT(1)
FROM t_ce_explicit_relations
WHERE
dc_id IN (
SELECT id
FROM t_data_collectors
WHERE is_deleted = 'TRUE'
);
SELECT *
FROM t_group_memberships
WHERE
( dc_id, group_id, member_id, member_type, member_derived_from_type, member_derived_from_id, member_path ) IN (
SELECT
dc_id, group_id, member_id, member_type, member_derived_from_type, member_derived_from_id, member_path
FROM t_group_memberships
GROUP BY
dc_id, group_id, member_id, member_type, member_derived_from_type, member_derived_from_id, member_path
HAVING COUNT(1) > 1
);