SecurID® Governance & Lifecycle Knowledge Base
Find answers to your questions and identify resolutions for known issues with knowledge base articles written by SecurID Governance & Lifecycle experts.
Article Number
000032246
Applies To
RSA Product Set: RSA Identity Governance & Lifecycle
RSA Version/Condition: 7.0
RSA Version/Condition: 7.0
Issue
Users identified as duplicates are rejected from the unification run.
Go to Collectors > Identity Collectors > {Identity Collector Name} > Collection History tab > {Run ID} and select either the Admin Errors or Raw Data hyperlink (Rejected column) for the Run. Note the following error:
Image description
Go to Collectors > Identity Collectors > {Identity Collector Name} > Collection History tab > {Run ID} and select either the Admin Errors or Raw Data hyperlink (Rejected column) for the Run. Note the following error:
EC[102] Context[RunID=435, IDC(ID=3)] Message[Identity Data Validation:
One or more attributes used in Join Condition has duplicate values.]
Image descriptionCause
In RSA Identity Governance & Lifecycle 7.0, the checks during unification were increased to reduce the chance of duplicate users being created.
This error may occur if the value of the unique identifier used for the join in the unification for one or more users is null. If more than one user has a null value for the join field, the nulls are incorrectly identified as duplicate values. For unification, unique users should be identified only by attributes that are collected. If one or more users do not have a value for a collected attribute, then it should have a value of null and should not be used for unification.
In RSA Identity Governance & Lifecycle 6.9.1 and earlier, duplicate null values in join fields were identified with the same error message, but the users were still collected as unique users. In RSA Identity Governance & Lifecycle 7.0 GA, these users are rejected.
This error may occur if the value of the unique identifier used for the join in the unification for one or more users is null. If more than one user has a null value for the join field, the nulls are incorrectly identified as duplicate values. For unification, unique users should be identified only by attributes that are collected. If one or more users do not have a value for a collected attribute, then it should have a value of null and should not be used for unification.
In RSA Identity Governance & Lifecycle 6.9.1 and earlier, duplicate null values in join fields were identified with the same error message, but the users were still collected as unique users. In RSA Identity Governance & Lifecycle 7.0 GA, these users are rejected.
Resolution
This issue is resolved in the following RSA Identity Governance & Lifecycle versions and patch levels:
- RSA Identity Governance & Lifecycle 7.0.0 P02
- RSA Identity Governance & Lifecycle 7.0.1
- RSA Identity Governance & Lifecycle 7.0.2
In this article
