000037490 - Pending accounts are not deleted after canceling the change request in RSA Identity Governance & Lifecycle

Document created by RSA Customer Support Employee on Jun 5, 2019
Version 1Show Document
  • View in full screen mode

Article Content

Article Number000037490
Applies ToRSA Product Set: Identity Governance & Lifecycle
RSA Version/Condition: 7.0.2 P11, 7.1.0 P04
IssuePending accounts which are created automatically when a request contains a Create Account change item are not deleted from the system when the change request is cancelled.

For example,

  1. Create a Directory/Application and collect any entitlements into it.
  2. Create a very basic Account Template with one pending account parameter: Name set to ${User.User_ID}.
  3. Link the account template to the Directory/Application and set Entitlements require accounts to Yes.
  4. Create a change request for any user to add any entitlement from this directory.

Notice this change request contains a dependent change item for Create Account with the user's User_ID as the account name.

  1.  Cancel this change request.
  2. The account will not be seen on the user's access tab since the user-account mapping gets removed. However, if you check the Directory/Application and go to the Accounts tab you will see this account still exists.

User-added image

User-added image

User-added image

User-added image

User-added image
CauseThis is a known defect reported in ACM-96141 and ACM-94080.
ResolutionThis issue is resolved in the following RSA Identity Governance & Lifecycle patches:
  • RSA Identity Governance & Lifecycle 7.0.2 P12
  • RSA Identity Governance & Lifecycle 7.1.0 P05