Segregation of Duties rule returns unwanted violations if the same entitlement definition exists in both entitlement sets in RSA Identity Governance & Lifecycle

2 years ago

Originally Published: 2020-02-12

Article Number

000042729

Applies To

RSA Product Set: RSA Identity Governance & Lifecycle
RSA Version/Condition: 7.0.x, 7.1.x, 7.2.x

Issue

When a Segregation of Duties (SOD) Rule is defined to identify users with two or more entitlements in the same category, the SOD rule returns a violation even when a user only has a single entitlement.

For example, in the SOD rule definition below, the intent is to find any user with two or more Aveksa entitlements. However, processing this rule returns users with single Aveksa entitlements as well.

Cause

This is the current functionality of the product.

Resolution

Our Professional Services organization can assist with a resolution to this issue. Please open a case with RSA Identity Governance & Lifecycle Support and request the case be moved to Professional Services. Please mention this RSA Knowledge Base Article ID 000038470 for reference.

Workaround

Product enhancements may be requested by going to RSA Ideas for RSA Identity Governance & Lifecycle to submit and/or vote on an enhancement request. For more information, please see RSA Knowledge Base Article 000036416 -- How to log a request for enhancement (RFE) for RSA Identity Governance & Lifecycle.

Don't see what you're looking for?

Potential Impact from Salesforce Device Activation Change

Related Articles

Trending Articles