000034931 - RSA Identity Governance and Lifecycle users do not match the membership rule once removed from the role

Document created by RSA Customer Support Employee on Mar 20, 2017
Version 1Show Document
  • View in full screen mode

Article Content

Article Number000034931
Applies ToRSA Product Set: RSA Identity Governance and Lifecycle
RSA Version/Condition: 6.8.1+
 
IssueWhen a user is removed from a role and then the user attempts to add the same user back to the role, the membership rule marks the user as FALSE which is incorrect and the user is not added back to the role. 
For example:
  1. Create a role with some membership rule. In this example we are using "users."Is Terminated"=0 or users.Department='Finance'" as the membership rule.
  2. Add users to the role matching the membership rule and apply the changes.
User-added image

 

  1. Remove a user from the role and commit the changes.
User-added image

  1. Try to add the same user back to the role by filtering with matching items and that user is not seen in the list. If we try to search manually with a filter set to All Members, we will be able to see that the user does not match the membership rule. The membership rule condition shows as false rather than true.
User-added image


 
ResolutionUpgrading to one of these versions will resolve the issue:
  • V6.8.1 P25,
  • V6.9.1 P18,
  • V7.0.0 P05,
  • V7.0.1 P01,
  • V7.0.2 

Attachments

    Outcomes