000035352 - Provisioning Termination rule is not generating change requests to disable accounts in RSA Identity Governance and Lifecycle

Document created by RSA Customer Support Employee on Sep 15, 2017Last modified by RSA Customer Support Employee on Sep 15, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000035352
Applies ToRSA Product Set: RSA Identity Governance and Lifecycle
RSA Version/Condition: 7.0.1
IssueChange requests are not generated to disable accounts for users when the Is Deleted and Is Terminated fields are set to true in provisioning termination rule.
For example, 
  1. Create a Provisioning Termination Rule to disable accounts.
User-added image

  1. Pick any user who has accounts under the User >Access tab.
User-added image

  1. Now delete that user from the system.
User-added image

  1. Process the rule and you will see that no change requests were generated to disable the accounts.
User-added image


  1. The User's access tab shows that all the accounts are removed from that user.
User-added image
CauseThis is a known issue reported in ACM-70087 where Identity Data Collectors mark all entitlements belonging to the deleted user as deleted. This should be done through change requests and verified through collections.
ResolutionUpgrading to V7.0.1 P04 or V7.0.2 P02 will fix this issue.