RSA Identity Governance & Lifecycle fails to remove an account from a group if the request is generated through a review when grouping "Create a job per group, grouping by " is used.
When Creating Account Access and Ownership review and then revoking any account from a group change request is generated and after the approval phase, it is stuck in Pending Action, and no activities are generated to perform the manual action
The request works correctly with the same workflow if it is requested manually through explicit CR (i.e., not through a review).
In the case of RemoveAccountFromGroup (denoted as C8) the method calculateApplicationGrouping which is used to determine what groups (number of splits) should be created is returning zero as 'C8' is not considered which results in 0 activity generation. To fix this we included C8 in the calculation.
This issue is resolved in the following patches.
RSA Identity Governance & Lifecycle 7.5.0 P09
RSA Identity Governance & Lifecycle 7.5.2 P05
RSA Identity Governance & Lifecycle 7.5.3
The request works correctly if the fulfillment workflow is configured to Create one job to process all changes or Create an individual job for each change.
The request works correctly if it is requested manually (i.e., not through a review).