Article Number
000031365
Applies To
RSA Product Set: RSA Identity Governance & Lifecycle
RSA Version/Condition: 7.0.x, 7.1.x, 7.2.x
Issue
Change Requests that grant or remove user access remain in a Pending Verification state after the relevant collections have been run. AFX indicates that the access was provisioned/removed to/from the data source and there are no errors in the aveksaServer.log or the AFX logs to indicate otherwise. A check of the data source shows that the added access is NOT in the data source or the removed access has not been removed from the data source.
Cause
- Between the time that AFX added the access and the time a collection was run to verify the access, the access was manually removed from the data source, or,
- Between the time that AFX removed the access and the time a collection was run to verify the access removal, the access was added back to the user.
Resolution
Make sure access is not manually added/removed from data sources that are provisioned using AFX.
Workaround
Use manual fulfillment instead of AFX which would require the manual fulfillment of the entitlement.