000038470 - Segregation of Duties rule returns unwanted violations if the same entitlement definition exists in both entitlement sets in RSA Identity Governance & Lifecycle

Document created by RSA Customer Support Employee on Feb 12, 2020Last modified by RSA Customer Support Employee on Mar 11, 2020
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000038470
Applies ToRSA Product Set: RSA Identity Governance & Lifecycle
RSA Version/Condition: 7.x
IssueWhen a Segregation of Duties (SOD) Rule is defined to identify users with two or more entitlements in the same category, the SOD rule returns a violation even when a user only has a single entitlement.

For example, in the SOD rule definition below, the intent is to find any user with two or more Aveksa entitlements. However, processing this rule returns users with single Aveksa entitlements as well. 
User-added image
CauseThis is the current functionality of the product.
ResolutionOur Professional Services organization can assist with a resolution to this issue. Please open a case with RSA Identity Governance & Lifecycle Support and request the case be moved to Professional Services. Please mention this RSA Knowledge Base Article ID 000038470 for reference.
WorkaroundProduct enhancements may be requested by going to RSA Ideas for RSA Identity Governance & Lifecycle to submit and/or vote on an enhancement request. For more information, please see RSA Knowledge Base Article 000036416 -- How to log a request for enhancement (RFE) for RSA Identity Governance & Lifecycle.