Skip navigation

Log in to create and rate content, and to follow, bookmark, and share content with other members.

000037841 - RSA Identity Governance & Lifecycle Create Account fails if previous Create Account is pending

Document created by RSA Customer Support

on Aug 14, 2019

Version 1Show Document

Like • Show 0 Likes0
Comment • 0
View in full screen mode

Article Content

Article Number	000037841
Applies To	RSA Product Set: Identity Governance & Lifecycle RSA Version/Condition: 7.0.2, 7.1.0, 7.1.1
Issue	The RSA Identity Governance & Lifecyle Entitlement Requires Account feature is a feature that automatically creates an account when adding an entitlement related to the account and the account does not exist. For example, when adding a User to a Group, this feature will create the account for the user before adding the account to the group. The first time an entitlement is requested, the system will identify that an account does not exist and will automatically create the account. For subsequent entitlements there is no need to create the account. If there is a problem with the initial request that creates the account, subsequent change requests for entitlements that require that account may fail.
Cause	This issue can occur if, during the process of requesting access, an entitlement is selected from an application that has entitlements require accounts enabled and: before clicking on the Finish button, the requester closes out of the browser or navigates away from the submission page through anything other than the Cancel or Back buttons, or the browser times out before the request has been completed (i.e before the Finish button has been pressed.) In both cases, the change request is not created but the account is created in the background and is basically pending as there is no associated change request to fulfill the creation of the account. The existence of this pending account prevents future entitlement requests because the account is required and yet does not actually exist but looks like it exists due to its pending status. This is a known issue reported in engineering ticket ACM-89679.
Resolution	This issue is resolved in the following RSA Identity Governance & Lifecycle patches: RSA Identity Governance & Lifecycle 7.0.2 P14 RSA Identity Governance & Lifecycle 7.1.0 P07 RSA Identity Governance & Lifecycle 7.1.1 P02 To handle this issue, a new section in the RSA Identity Governance & Lifecycle user interface has been added called Pending Submissions under Requests > Requests, which will display the change requests which were left in the Pending Submission State. New change requests for access are prevented from being generated if requests already exist in the Pending Submission State for the account associated with the requested access. The Request Form will not allow the user to submit the request and instead will display the following warning message under Dependencies: The changes for the account ##### depends on the request XXXXX which was not successfully submitted. Please cancel the request before taking further actions by navigating to Pending Submissions tab.

Attachments

Outcomes

0 Comments

Recommended Content