000030627 - Access policy is not enforced for some users in RSA SecurID Access

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 4Show Document
  • View in full screen mode

Article Content

Article Number000030627
Applies ToRSA Product Set: Via Access
RSA Product/Service Type: Access Policy
IssueAn access policy based on active directory group is not enforced on one or more users from this group.
ResolutionPlease ensure that the user is synchronized between RSA Via Access and the LDAP directory server.
Synchronization ensures that the RSA Via Access hosted service reflects any updates made to your LDAP directory server.
  1. In the Administration Console, click Users > Identity Sources.
  2. Click the triangle icon next to Edit for the Identity Source that contains the user(s) in question.  Choose Synchronization.
  3. Click Synchronize Now.
  4. Click Refresh to check the synchronization status.
  5. Once the synchronization is completed, the page displays the job status, and the number of users added, updated, and not synchronized.
  6. Ask the user to login and check if the policy is now enforced.
  7. If the policy is still not enforced to the user, check If the user is included in the "users not synchronized", check the reason (e.g. missing email address, ..), correct the active directory record and start Sync again.
  8. Ask the user to login and check if the policy is now enforced.

Attachments

    Outcomes