Unable to remove deleted groups from role in RSA Governance & Lifecycle
Article Number
Applies To
RSA Version/Condition:
- RSA Governance & Lifecycle 7.5.0
- SecurID Governance & Lifecycle 7.5.2
Issue
Cause
Resolution
- SecurID Governance & Lifecycle 7.5.2 P08
- RSA Governance & Lifecycle 8.0
Workaround
Notes
To check if there are any deleted groups that are still in a role, run the following SQL query that will detect all the invalid group entries in roles
select r.id role_id,r.name role_raw_name, r.alt_name role_name, g.id group_id,g.name group_name,rd.creation_date grp_added_to_role_on,g.deletion_date group_deletion_date from t_av_roles r inner join t_av_roledefinitions rd on r.id = rd.role_id inner join t_groups g on rd.ent_id = g.id where rd.ent_type = 'group'and rd.deletion_date is null and exists (select 1 from t_groups g where g.id = rd.ent_id and g.deletion_date is not null);
Related Articles
Unable to remove a Role Membership Rule from a Role in RSA Identity Governance & Lifecycle Number of Views Unable to remove account from group through a review in RSA Identity Governance & Lifecycle Number of Views Unable to remove privileges for an RSA Via Governance and Lifecycle user Number of Views How to remove entitlements of a decommissioned application from user access in RSA Via Lifecycle and Governance Number of Views How to edit the Account custom attribute which is marked as managed in RSA Identity Governance and Lifecycle Number of Views
Trending Articles
Troubleshooting RSA SecurID Access Identity Router to RSA Authentication Manager test connection failures RSA SecurID Software Token 5.0.2 Downloads for Microsoft Windows RSA Authentication Manager 8.9 Release Notes (January 2026) Quick Setup Guide - Passwordless Authentication in Windows MFA Agent for Active Directory RSA Authentication Manager 8.8 Setup and Configuration Guide
Don't see what you're looking for?
