RSA Identity Governance and Lifecycle users do not match the membership rule once removed from the role
3 years ago
Originally Published: 2017-03-13
Article Number
000064833
Applies To
RSA Product Set: RSA Identity Governance and Lifecycle
RSA Version/Condition: 6.8.1+
 
Issue
When a user is removed from a role and then the user attempts to add the same user back to the role, the membership rule marks the user as FALSE which is incorrect and the user is not added back to the role. 

For example:
  1. Create a role with some membership rule. In this example we are using "users."Is Terminated"=0 or users.Department='Finance'" as the membership rule.
  2. Add users to the role matching the membership rule and apply the changes.
User-added image
 
  1. Remove a user from the role and commit the changes.
User-added image
  1. Try to add the same user back to the role by filtering with matching items and that user is not seen in the list. If we try to search manually with a filter set to All Members, we will be able to see that the user does not match the membership rule. The membership rule condition shows as false rather than true.
User-added image

 
Resolution
Upgrading to one of these versions will resolve the issue:
  • V6.8.1 P25,
  • V6.9.1 P18,
  • V7.0.0 P05,
  • V7.0.1 P01,
  • V7.0.2 

Related Articles

Trending Articles

Don't see what you're looking for?