000037852 - In RSA Identity Governance & Lifecycle, duplicate entries are created when a user switches between two Identity Data Collectors multiple times

Document created by RSA Customer Support Employee on Sep 19, 2019Last modified by RSA Customer Support Employee on Oct 7, 2019
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000037852
Applies ToRSA Product Set: Identity Governance & Lifecycle
RSA Version/Condition: 7.0.2,7.1.0,7.1.1
 
IssueIn RSA Identity Governance & Lifecycle, when a user is switched between two Identity Data Collectors (IDCs) multiple times, it creates duplicate entries for the user.

The example below illustrates this issue.



  • There are two IDCs: ActiveUsers and DeletedUsers. When a user is terminated, they are moved to the DeletedUsers data source. If they are reactivated, they are moved back to the ActiveUsers data source.
 

User-added image


  • Source Data for the ActiveUsers IDC:

User-added image


  • Source Data for the DeletedUsers IDC:

User-added image


  • After the first Collection, there is one entry for user Sunshine, Melody which is expected.

User-added image


  • User Sunshine, Melody is terminated and moved to the DeletedUsers data source:

User-added image


  • After the second collection, there is one entry for Sunshine, Melody as expected. This user is terminated:

User-added image


  • Next the user is reinstated by adding them back to the ActiveUsers data source and removing the entry from the DeletedUsers data source. 

User-added image


  • After the third collection, there is one entry for user Sunshine, Melody showing the user is no longer terminated. This is as expected.

User-added image


  • The user is subsequently terminated again for the second time and the user record is moved to DeletedUsers:

User-added image

 

  • After the fourth collection, a second identity is created for user Sunshine, Melody. This behavior is not expected and is a defect.

User-added image
CauseWhen a user is switched between two IDCs multiple times, the RSA Identity Governance & Lifecycle application code does not picking up the that fact that the IDC was previously linked to a unified user.
ResolutionThis issue is resolved in the following RSA Identity Governance & Lifecycle patches:
  • RSA Identity Governance & Lifecycle 7.0.2 P15
  • RSA Identity Governance & Lifecycle 7.1.0 P08
  • RSA Identity Governance & Lifecycle 7.1.1 P03

Attachments

    Outcomes