MAEDC grants Entitlements to all Accounts with the same name regardless of Application in RSA Identity Governance & Lifecycle
Originally Published: 2020-08-29
Article Number
Applies To
RSA Version/Condition: 7.0.0
Issue
Consider the following example where account AdminAccount is collected into three different applications:
Application: Perforce
Account: AdminAccount
Application: FileSystem
Account: AdminAccount
Application: Bugzilla
Account: AdminAccount
AppRole: ManageBugzillaJiras
After the three AdminAccounts are collected by an MAADC, the associated MAEDC grants application role ManageBugzillaJiras to all three accounts in all three applications instead of Bugzilla only.
Account: AdminAccount
Application: FileSystem
Account: AdminAccount
Application: Bugzilla
Account: AdminAccount
AppRole: ManageBugzillaJiras
After the three AdminAccounts are collected by an MAADC, the associated MAEDC grants application role ManageBugzillaJiras to all three accounts in all three applications instead of Bugzilla only.
This issue can be observed by going to Resources > Directories/Applications > {Directory/Application name} > Accounts tab. The same account name will appear once for every directory/application that has that account name.
Cause
Resolution
- RSA Identity Governance & Lifecycle 7.0.0 P01
- RSA Identity Governance & Lifecycle 7.0.1
Related Articles
Grant a Trusted User Group Access to Agents Number of Views In RSA Via Lifecycle and Governance the Allow Multiple Selections checkbox is disabled for the User Accounts Table in the … Number of Views Request forms for adding user access allow the selection of entitlements already granted indirectly in RSA Identity Govern… Number of Views How to grant administrator access to a user in RSA Via Lifecycle and Governance Number of Views What access should be granted to the service account used by RSA Identity Governance & Lifecycle to fully support Active D… Number of Views
Trending Articles
RSA Authentication Manager Upgrade Process RSA Release Notes for RSA Authentication Manager 8.8 RSA RADIUS Server service failed to start in the RSA Authentication Manager 8.1 Operations Console Microsoft Entra ID External MFA - Relying Party Configuration Using OIDC - RSA Ready Implementation Guide RSA Release Notes: Cloud Access Service and RSA Authenticators
Don't see what you're looking for?
