RSA Identity Governance & Lifecycle

Tilsim Geldisen in RSA Identity Governance & Lifecycle7 months ago (Show more)

Why this type of Rule causes duplicated Requests?

Hi All, We have defined below rule that analyzes missing entitlements of accounts inside business roles. When it finds a missing entitlement, it creates a request about that missing entitlement and tries to assign it to its user/account. But unfortunately, this rule schedully works and it creates duplicated requests without looking at… (Show more)

2 repliesShow more activity

Jennifer Britton (to Tilsim Geldisen) 4 hours ago (Show more Show less)

Hi, Tilsim! Did this answer your question or did you get resolution elsewhere? I have a similar question because we are running in to a similar issue, and simply NOT having the rule scheduled would miss the entire point of creating it. Also, from your screenshot these are also all on different days, so it doesn't look like you ran it multiple…

Actions

RSA Link Team

in RSA Identity Governance & Lifecycle2 years ago (Show more)

Recently Published Knowledge Base Articles for RSA® Identity Governance & Lifecycle

Date Range: Sunday, December 2nd -- Saturday, December 8th Article Title Author Last Published Date 000036992 - Collector reports ORA-12805: parallel query server died unexpectedly, in RSA Identity Governance & Lifecycle Andrew Wilson 07 Dec 2018 000036952 - After updating the certificates for RSA Identity Governance & Lifecycle, WildFly…

Modified by RSA Link Team • 13 hours ago

John Cairns in RSA Identity Governance & Lifecycle4 days ago (Show more)

AD Account disable @5pm

Hi there, We have a requirement to disable accounts for leavers at 5pm on the day that they leave. Are we able to meet this requirement using RSA? if we can get the "leave date" from our HR Data source can we trigger a workflow/rule to only invoke at the end of the working day that will send the command to disable the account at 5pm Kind… (Show more)

2 repliesShow more activity

Pradeep Kadambar

(to John Cairns) 23 hours ago (Show more Show less)

How about setting the accountExpires attribute in AD? You don't have to have a workflow waiting for the due date. During identity collection, if you know the user is to be terminated today and a future date, you can just update a custom attribute, which can trigger attribute change rule. This rule in turn can update AD with expiration.

Actions

Philip Martinez in RSA Identity Governance & Lifecycle3 days ago (Show more)

JSP and Password Validation Help

Hi, We are trying to add password validation to our Reset Password form. Our specific use case is fairly common for many companies I imagine. Use Case: I logon to IGL with my standard AD account as I've forgotten what my firefight or admin account password is. I access a reset password form where the User Account Table pulls back any… (Show more)

2 repliesShow more activity

Philip Martinez (to Philip Martinez) 1 day ago (Show more Show less)

Any ideas Mostafa Helmy or Boris Lekumovich? What jar is com.aveksa.gui found in?

Actions

Yogesh Mishra in RSA Identity Governance & Lifecycle3 days ago (Show more)

Facing Issue in Provisioning Command Node

Hi All, We are facing very weird issue in Provisioning Command Node in Aveksa Version 7.0.2 P 06 When we create new variables using select query. These variables are not available in Provisioning Command Node while they are available in email and other nodes. We tried same thing in Aveksa Version 7.0.2 P 09 and there was no issue. 1.… (Show more)

2 repliesShow more activity

Boris Lekumovich

(to Mostafa Helmy) 1 day ago (Show more Show less)

As Mostafa mentioned, it was fixed in 7.0.2 P07. Reference number: ACM-84016 RSA Identity Governance and Lifecycle 7.0.2 Patch 7 Release Notes

Actions

Zoltan Izsak in RSA Identity Governance & Lifecycle4 days ago (Show more)

password for new account

In many cases with creating a new account a password setting is also required. My workflow uses a manual account fulfillment node with "default manual account fulfillment" form. Account creation with password set is properly assigned to an operator but after completing the tasks and collecting back data the change request is completed but no… (Show more)

Jamie Pryer

in RSA Identity Governance & Lifecycle4 days ago (Show more)

Reporting on Reports....

A common question we get asked... "How many reports are there within RSA IGL" The answer: LOADS! Within RSA IGL we have a LOAD of out the box (OTB) reports included and shipped as standard. All these reports can be found in the UI, by going to “Reports/Tabular” then “Create Report” button at the top. From here you can find a lot of OTB… (Show more)

Steve Fuson in RSA Identity Governance & Lifecycle5 days ago (Show more)

Request button to form to AFX

We have applications which are contolled out of Active Directory groups. Meaning: AD groups Application_1_Modify and Application_1_Read give access to Application 1 AD groups Application_2_Modify and Application_2_Read give access to Application 2 I'm trying to set up Request Buttons/Forms specific to those groups which will then go through… (Show more)

4 repliesShow more activity

Steve Fuson (to Mostafa Helmy) 4 days ago (Show more Show less)

That sounds great. Can you elaborate on how I would configure the Provisioning Command node?

Actions

Nasreen Mathias

in RSA Identity Governance & Lifecycle5 days ago (Show more)

Is there a way to change the Common, Uncommon, and Privileged % in the new User Access Review Result?

Version 7.1.0 Patch 4 Appliance R730, OS SuSE 11 SP 3 Customer is asking if there is a way to changed the percentage of user population/scope for User Access Result for Common, Uncommon, and Privileged queues in the UI(User Interface). See below screenshot for clarification. Thanks for your feedback in advance!! Nasreen

3 repliesShow more activity

Nasreen Mathias

(to Aaron Beaudoin) 4 days ago (Show more Show less)

I would think it would be based on (change in user-population)/(total user-population). Assuming the rate of change in user-population is sustainable. sustainable rate of user-population change = (change in user-population) / (total user-population)

Actions

Louise Van Alstyne in RSA Identity Governance & Lifecycle4 days ago (Show more)

App Roles for 3rd party app based on AD accounts and groups

I'm attempting to create a review based on an ldap integrated application that grants App Roles to Active Directory accounts and groups. I have built a collector that pulls in the entitlements and assigns them to AD users and groups using the AD account collector in the mapping section, and it works great. The accounts show up under the 3rd party… (Show more)

1 replyShow more activity

Louise Van Alstyne (to Louise Van Alstyne) 4 days ago (Show more Show less)

Screenshot showing non disabled account in 3rd party application: Screenshot from review where this account is nowhere to be found: Screenshot from Applications > 3rd Party App > Who Has Access > click on one of the groups. You can see that members are populated and the group is assigned App Roles.

Actions

RSA Identity Governance & Lifecycle

Manage

Recent Activity