000036824 - Duplicate identities after upgrading from RSA Identity Management & Governance 6.9.1 to RSA Identity Governance & Lifecycle 7.0

Document created by RSA Customer Support Employee on Nov 16, 2018Last modified by RSA Customer Support Employee on Mar 22, 2019
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000036824
Applies ToRSA Product Set: Identity Governance & Lifecycle
RSA Version/Condition: 7.0.1 or above.
IssueThe RSA Identity Governance & Lifecycle application was on one of the following versions;
  • 6.9.1 P19 or below,
  • 7.0.0
The application was then upgraded to 7.0.1 or above.  However, after one of more identity collections, it is noticed that some of the users now have duplicate identities.  On examination, it was found that these duplicate users were terminated when the application was at the earlier version, but they were re-hired after the application was upgraded.

To confirm that there are duplicate identities, connect to the database as AVUSER, and run the following SQL.

SELECT user_id FROM t_master_enterprise_users
GROUP BY user_id

For this issue, ORA-30926 errors are not being reported during a collection.
CauseThe cause of this issue has two parts.

1.  Defect ACM-64423

In RSA Identity Governance & Lifecycle versions 6.9.1 P19 or below, or version 7.0.0, deleted users from earlier releases were not tracked.  To remedy the situation, defect ACM-64423 added a new table "Raw User Deleted" to track deleted users from earlier releases.

The versions where defect ACM-64423 is corrected are as follows;
  • 6.9.1 P20 and above,
  • 7.0.1,
  • 7.0.2

2.  Defect ACM-89647

An additional problem was detected, in that the Unification process was not aware of the old Unified user and created a new one, resulting in a duplicate user.  To remedy the situation, defect ACM-89647 improved the data migration process so that the Raw User Deleted data was included in the Master Enterprise Users table.

The versions where defect ACM-89647 is corrected are as follows;
  • 7.0.2 P11
  • 7.1.0 P05
ResolutionUpgrade to RSA Identity Governance & Lifecycle 7.0.2 P11 or 7.1.0 P05.

To download the patch, please see knowledge article 000033845 - How to download patch files for RSA Identity Governance & Lifecycle from RSA Link.
WorkaroundTo correct the identity data in versions earlier than 7.0.2 P11 or 7.1.0 P05, please log a case with RSA Customer support, and refer to article 000036824.

The engineer can then confirm you have encountered this problem, and provide the SQL to manually correct the duplicate identity data.