|Applies To||RSA Product Set: Identity Governance & Lifecycle|
RSA Version/Condition: 7.1.0
|Issue||Change requests with user entitlement changes that require an account, create change items against the account instead of the user as they were in previous versions. When a user has multiple accounts in a business source, Global Forms prompt for the appropriate account for each entitlement. The account only needs to be identified once at the business source level for each user in this situation.|
As of version 7.1.0 P 01, change request behavior has been changed to enforce the paradigm of having all access be associated with an account when possible.
Release notes show:
User access requests for entitlement changes apply the following rules:
|Resolution||As of version 7.1.0 P 02, a new option for Multiple Account Resolution is provided in the global form definition (In the UI go to Requests > Configuration > Request Forms). This modifies the behavior of the form to only prompt for a user's account once per Business Source. The default behavior is to prompt for each entitlement.|
An additional change is provided in 7.1.0 P 03 which will further reduce account prompts if accounts are collected to a Directory and then just mapped to users by the application's account collector(s). In this case, when the Once per business source option is selected, then the Business Source is the Directory and would only prompt once, even though the accounts could be mapped to many applications.
Beware of making collector changes to take advantage of the Directory account collection. It can cause a one-time long-running Indirect Relationship Processing run.