This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SecurID® Governance & Lifecycle Knowledge Base

Find answers to your questions and identify resolutions for known issues with knowledge base articles written by SecurID Governance & Lifecycle experts.

The Active Directory Account Data Collector does not have an option to collect Logon Hours in RSA Identity Governance & Lifecycle 7.0.2 and 7.1.x

Article Number

000037424

Applies To

RSA Product Set: Identity Governance & Lifecycle
RSA Version/Condition: 7.0.2, 7.1.0
 

Issue

The Active Directory Account Data Collector does not have an option to collect Logon Hours in RSA Identity Governance & Lifecycle.
 
Image descriptionImage description

There have been unsuccessful attempts to work around this product limitation. For example,
  • Modify the LoginHours Attribute in Active Directory. Options to set hours exist for Logon Permitted and Logon Denied time frames. 
  • Add a LogonHours collected account attribute in the RSA Identity Governance & Lifecycle User Interface, under Admin > Attributes.
  • Run an Account Data Collection.

There are two problems with this workaround.
  • First, if Logon Denied is chosen and all hours are denied, the collection fails with the following error:
09/12/2018 07:40:45.815 INFO (Exec Task Consumer#0) [com.aveksa.server.xfw.TaskExecutor] Setting thread Thread[Exec Task Consumer#0,5,Execution Queue] on 583384 method=Execute 
09/12/2018 07:40:47.206 ERROR (Exec Task Consumer#0) [com.aveksa.server.xfw.SAXAccountDataHandler] Error in processing Account Data 
org.xml.sax.SAXParseException; lineNumber: 163501; columnNumber: 142; An invalid XML character (Unicode: 0x0) was found in the value of attribute "logonHours" and element is "attributes".
at org.apache.xerces.util.ErrorHandlerWrapper.createSAXParseException(Unknown Source)
at org.apache.xerces.util.ErrorHandlerWrapper.fatalError(Unknown Source)
at org.apache.xerces.impl.XMLErrorReporter.reportError(Unknown Source)
at org.apache.xerces.impl.XMLErrorReporter.reportError(Unknown Source)
  • If any other setting is chosen, the collection succeeds, but the display is in octet format and therefore, unreadable.
Image descriptionImage description

Cause

This is the current functionality of the product.

Resolution

Product enhancement request ACM-91024 has been submitted for this issue. Product enhancement requests are evaluated by Product Management to determine when/if they will be added in a future release.    
 
Please go to RSA Link RSA Ideas for RSA Identity Governance & Lifecycle to submit and/or vote on an enhancement request. For more information, please see How to log a request for enhancement (RFE) for RSA Identity Governance & Lifecycle.  
   
0 Likes
Was this article helpful? Yes No
No ratings

In this article

Version history
Last update:
‎2020-12-12 05:11 PM
Updated by:
Administrator Administrator

Related Content

© 2023 RSA Security LLC or its affiliates. All rights reserved.