000039267 - MAEDC grants Entitlements to all Accounts with the same name regardless of Application in RSA Identity Governance & Lifecycle

Document created by RSA Customer Support Employee on Aug 28, 2020
Version 1Show Document
  • View in full screen mode

Article Content

Article Number000039267
Applies ToRSA Product Set: RSA Identity Governance & Lifecycle
RSA Version/Condition: 7.0.0
IssueWhen an MAADC collects multiple accounts with the same name in different applications, the associated MAEDC grants entitlements to all accounts with the same name regardless of what application they are associated with.

Consider the following example where account AdminAccount is collected into three different applications:
Application: Perforce
Account: AdminAccount

Application: FileSystem
Account: AdminAccount

Application: Bugzilla
Account: AdminAccount
AppRole: ManageBugzillaJiras  

After the three AdminAccounts are collected by an MAADC, the associated MAEDC grants application role ManageBugzillaJiras to all three accounts in all three applications instead of Bugzilla only.

This issue can be observed by going to Resources > Directories/Applications > {Directory/Application name} > Accounts tab. The same account name will appear once for every directory/application that has that account name.
CauseThis is a known issue reported in engineering ticket ACM-58274.
ResolutionThis issue is resolved in the following RSA Identity Governance & Lifecycle versions and/or patch levels: 
  • RSA Identity Governance & Lifecycle 7.0.0 P01
  • RSA Identity Governance & Lifecycle 7.0.1