What is the impact of a domain migration in RSA Identity Governance and Lifecycle
Originally Published: 2016-10-17
Article Number
Applies To
RSA Version/Condition: 6.9 +
Issue
Customer Scenario
- To prepare for a domain consolidation project, users have been imported from production domain into a sub-level OU in a test domain.
- Now that migration has actually started, the users need to be imported into a different OU at the primary level to match the production OU.
- Do the rules and roles need to be updated to change from one OU to another?
Tasks
- For RSA Identity Management and Governance 6.8 and 6.9, review the RSA Identity Management & Governance 6.8.1 Collectors Guide, Appendix A: Data Collection Parameters.
- For RSA Identity Management and Governance 6.9 Access Fulfillment Express, review the RSA Identity Management & Governance 6.9.1 AFX Connector Configuration Guide.
- For Via Lifecycle and Governance 7.0.0 and Identity Governance and Lifecycle 7.0.1, review the RSA Connector & Collector Application Guides.
Resolution
Entitlement Name = Account : Edit All
Further to the Customer Scenario above, an organizational unit (OU) is different from a Domain Name. An OU provides a way of classifying objects located in directories, or names in a digital certificate hierarchy. OUs are typically used either to differentiate between objects with the same name, or to organize object creation and management. However, an example where a change in the OU may be an issue is with an Account Entitlement.
Entitlement Name = CN=ACME_Users,OU=OU_Applications,OU=OU_AccessGroups,DC=acme,DC=comIn this case, if the users need to be imported into a different OU, then RSA Identity Governance and Lifecycle can only treat them as different to the OU data it already has stored. Therefore, the different OU data would need to be Collected as part of an Account Data Collection, rather than being modified within the RSA Identity Governance and Lifecycle product.
Related Articles
Windows Password Integration (WPI) fails for the RSA MFA Agent for Microsoft Windows with error "JWT token has expired" Number of Views LDAP Collectors report 'No subject alternative names matching IP address n.n.n.n found' in RSA Identity Governance & Lifec… Number of Views How to obtain the version information for RSA Authentication Agent for PAM installed on Linux Number of Views RSA MFA Agent for Windows will not run due to error "This module is blocked from loading into the Local Security Authority" Number of Views RSA SecurID software token .sdtid file fails to import into RSA SecurID Software Token 5.0 for Windows Number of Views
Trending Articles
Quick Setup Guide - Passwordless Authentication in Windows MFA Agent for Active Directory RSA Authentication Manager 8.9 Release Notes (January 2026) How to factory reset an RSA Authentication Manager 8.x hardware appliance without a factory reset button from the Operatio… Deploying RSA Authenticator 6.2.2 for Windows Using DISM Artifacts to gather in RSA Identity Governance & Lifecycle
Don't see what you're looking for?
