Sub-groups resolution is rejected and Member Type is set to "Account" instead of "Group" for Account Collectors in RSA Identity Governance and Lifecycle

2 years ago

Originally Published: 2017-10-03

Article Number

000041541

Applies To

RSA Product Set: RSA Identity Governance and Lifecycle
RSA Version/Condition: 6.9.1 P15- P19, 7.0.0 P04, 7.0.1

Issue

When configuring an Account Collector to collect groups to sub-groups membership, the resolution fails and the subgroups are collected with type "Account" under the "Member Type" field.

In the following example, we are using groups and sub-groups collected from Active Directory.

1. We have two groups in AD as below
User-added image

2.Sub-Group is the member of Top-Group.
User-added image

3. Account Collector with the below configuration for the groups.

User-added image

4. Following is the subgroup resolution.

User-added image

5. Collect data, then check the monitoring >> raw data >> Group Membership tab, you will find that the Top-Group to Sub-Group resolution is failing and the Sub-Group is collected as an "Account", not as a "group":
User-added image

Cause

This is a bug which is fixed in 6.9.1 P20 and above for version 6.9.1.
For version 7.0.0 and 7.0.1 this is fixed in 7.0.0 P05 and 7.0.1 P02 respectively.

Resolution

Deploy patch 6.9.1 P20 and above to have this issue fixed in version 6.9.1. Deploy patch 7.0.0 P05 and 7.0.1 P02 to have this issue fixed in versions 7.0.0 and 7.0.1 respectively.

Don't see what you're looking for?

Potential Impact from Salesforce Device Activation Change

Related Articles

Trending Articles