000031619 - When using RSA Via Lifecycle and Governance (L&G), what happens to an Active Directory group belonging to a role if the AD group is removed from AD?

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 3Show Document
  • View in full screen mode

Article Content

Article Number000031619
Applies ToRSA Product Set: RSA Via Lifecycle & Governance
RSA Product/Service Type: All
RSA Version/Condition: 6.9.1
IssueWhat happens to an Active Directory (AD) group belonging to a role in Via L&G if the AD group is removed from the Active Directory data source?
 
ResolutionThe behavior in Via L&G is as follows:
  1. The AD group is removed from Via L&G in the UI  under Users > Groups.
  2. The AD group is removed from the associated role in the UI under Role > Roles > Role name > Entitlements.
  3. The AD group is removed from the user’s access in the UI under Users > Users > User name > Access tab.
  4. The AD group is removed from the role entitlement count in the UI under Role > Roles
NOTE: There is a bug in 6.9.1 prior to Patch 7 where the role entitlement count is not updated correctly when the AD group is removed. However, this is fixed in 6.9.1 P07.

Attachments

    Outcomes