MAEDC grants Entitlements to all Accounts with the same name regardless of Application in RSA Identity Governance & Lifecycle

2 years ago

Originally Published: 2020-08-29

Article Number

000042560

Applies To

RSA Product Set: RSA Identity Governance & Lifecycle
RSA Version/Condition: 7.0.0

Issue

When an MAADC collects multiple accounts with the same name in different applications, the associated MAEDC grants entitlements to all accounts with the same name regardless of what application they are associated with.

Consider the following example where account AdminAccount is collected into three different applications:

Application: Perforce
Account: AdminAccount

Application: FileSystem
Account: AdminAccount

Application: Bugzilla
Account: AdminAccount
AppRole: ManageBugzillaJiras

After the three AdminAccounts are collected by an MAADC, the associated MAEDC grants application role ManageBugzillaJiras to all three accounts in all three applications instead of Bugzilla only.

This issue can be observed by going to Resources > Directories/Applications > {Directory/Application name} > Accounts tab. The same account name will appear once for every directory/application that has that account name.

Cause

This is a known issue reported in engineering ticket ACM-58274.

Resolution

This issue is resolved in the following RSA Identity Governance & Lifecycle versions and/or patch levels:

RSA Identity Governance & Lifecycle 7.0.0 P01
RSA Identity Governance & Lifecycle 7.0.1

Don't see what you're looking for?

Potential Impact from Salesforce Device Activation Change

Related Articles

Trending Articles