000033963 - Unable to create attribute change rule with condition using "Is Deleted" or "Deleted Date" with RSA  Identity Governance and Lifecycle 6.9.1P08 or later

Document created by RSA Customer Support Employee on Sep 22, 2016Last modified by RSA Customer Support Employee on Apr 22, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000033963
Applies ToRSA Product Set: RSA Identity Governance and Lifecycle (G&L)
RSA Version/Condition: 6.9.1 P08 or later
 
IssueUnable to create a new rule of the Attribute Change type that is looking for a condition of a deleted attribute (that is, 'Is Deleted' or 'Deleted Date').
  1. Go to Rules > Create Rule.  
  2. Select Type: "Attribute Type" with the Condition: "When change is detected for existing users" and "Users with the following attribute changes."  
  3. You cannot select "Is Deleted" or "Deleted Date" from the drop down list.
CauseAs part of a fix that prevents issues related to the use of the "Is Deleted" and "Deleted Date" attributes, these are no longer available on the drop down menu.
"Is Deleted" and "Deleted Date" attributes are only populated for deleted user identities. In the attribute change rule we are comparing two user entities:  the previous entity versus the new entity. If there is any change in any of these attributes for newly/latest collected user identities, we capture them as attribute changes. But in the case of deletion, there is no previous entry in the table for the collected user; therefore, there is no way to compare the values so they will never be flagged by an attribute change rule. These columns were removed from the drop-down menu since their existence makes no sense for this rule type and causes confusion to the end-user.
 
ResolutionThis is intended behavior and working as designed.  Use the Provisioning Termination rule to detect changes to terminated and/or deleted users.
NotesAttribute Change Rule are designed to detect changes to EXISTING users. It will not detect changes made to deleted users.

Attachments

    Outcomes