SecurID® Governance & Lifecycle Knowledge Base
Find answers to your questions and identify resolutions for known issues with knowledge base articles written by SecurID Governance & Lifecycle experts.
Article Number
000037690
Applies To
RSA Product Set: Identity Governance & Lifecycle
RSA Version/Condition: All
RSA Version/Condition: All
Issue
Review runs triggered by rules do not use the review definition user selection criteria in RSA Identity Governance & Lifecycle. Instead, users are taken directly from the rule run and those users replace the user condition on the review definition for that run.
For example, note the below review definition user selection criteria. (In the RSA Identity Governance & Lifecycle user interface go to Reviews > Definitions > [name of review] > Edit Definition > User Selection tab.)
Image description
Also note the below Attribute Change Rule definition (Rules > Definitions > [name of rule])
Image description
In this case, when the Transfer Review is run directly, users that have been transferred will not appear in the review results (users."Is Transferred" is null). However, when the Attribute Change Rule is run, users who are transferred show on the Transfer Review (users."Is Transferred" ='Yes') based on the Action defined for that rule which is to run the Transfer Review if a user has been transferred.
Note: Only reviews where the flag Available for Rule Actions under the General tab is checked may be triggered by Rules.
For example, note the below review definition user selection criteria. (In the RSA Identity Governance & Lifecycle user interface go to Reviews > Definitions > [name of review] > Edit Definition > User Selection tab.)
Review name = Transfer Review
Image descriptionAlso note the below Attribute Change Rule definition (Rules > Definitions > [name of rule])
Image descriptionIn this case, when the Transfer Review is run directly, users that have been transferred will not appear in the review results (users."Is Transferred" is null). However, when the Attribute Change Rule is run, users who are transferred show on the Transfer Review (users."Is Transferred" ='Yes') based on the Action defined for that rule which is to run the Transfer Review if a user has been transferred.
Note: Only reviews where the flag Available for Rule Actions under the General tab is checked may be triggered by Rules.
Resolution
This is expected behavior. The user selection criteria under the Review Definition is only applicable when the review is run directly and will not be used in rule actions.
There is an update in RSA Identity Governance & Lifecycle 7.1.1 P03 which clarifies this behavior.
There is an update in RSA Identity Governance & Lifecycle 7.1.1 P03 which clarifies this behavior.
Notes
In this article
