Skip navigation

Log in to create and rate content, and to follow, bookmark, and share content with other members.

000036303 - Entitlements are removed or added to a role when role set is changed in RSA Identity Governance & Lifecycle

Document created by RSA Customer Support

on May 1, 2018•Last modified by RSA Customer Support

on Oct 23, 2018

Version 2Show Document

Like • Show 1 Like1
Comment • 0
View in full screen mode

Article Content

Article Number	000036303
Applies To	RSA Product Set: Identity Governance & Lifecycle RSA Version/Condition: 7.0.2
Issue	This is an intermittent issue where in certain scenarios after an unrelated role commit, change requests are generated for adding or removing entitlements for a role that were already committed previously. Example Create a role with a few entitlements and set the role set to Admin Roles. Wait for the role to move to committed state. Edit the role and change the role set to a different role set. Click Apply Changes and we can see that a change request gets generated to remove the entitlements from the role. Wait for the role to move to a committed state. Check the entitlements in the role and we can find there are few entitlements missing in the role.
Cause	This is a known issue in the following versions: RSA Identity Governance & Lifecycle 7.0.1 P04 RSA Identity Governance & Lifecycle 7.0.2 P02 RSA Identity Governance & Lifecycle 7.1.0 GA (note that current shipping version of 7.1.0 is 7.1.0 P01) An issue may occur if a Role is moved from one Role set to another. Although the Role is moved correctly, any change requests pending for the Role at the time the Role is moved may not be updated correctly. This can cause those change requests to become orphaned and these may not be correctly deleted once the Role commits have been completed. This can cause a variety of symptoms such as change requests being processed multiple times for a Role.
Resolution	This issue has been resolved in the following version and patches. Patch to the following version as soon as practicable. RSA Identity Governance & Lifecycle 7.0.1. Please upgrade to a 7.0.2 or later version. RSA Identity Governance & Lifecycle 7.0.2 P07 RSA Identity Governance & Lifecycle 7.1.0 P01. Note that the current shipping version o 7.1.0 is 7.1.0 P01. RSA Identity Governance & Lifecycle 7.1.1
Workaround	Avoid moving Roles from one Role Set to another until you can patch to an unaffected version.

Attachments

Outcomes

0 Comments

Recommended Content

Incoming Links

000037100 - Role commit fails for roles with membership rules in RSA Identity Governance & Lifecycle