• Segregation of duties : expiration right

    Hello,   We want to implement Segregation Of Duties in RSA IG&L (V7.1.1 P03).   We would like to use the "Generate User Access review for involved user using review definition" feature when launching t...
    Nicolas Lebris
    last modified by Nicolas Lebris
  • report all the inactive owners (App owner/Role Owner/Entitlement Owner etc)

    Does anyone know what is the best way to capture all the inactive owners (if a user is owner of any object like App/Role/Ent etc..) and also is there a way to promote the inactive user's manager as replacement?
    Sri Palle
    last modified by Sri Palle
  • User creation and temporary password

    Hello everybody. At the moment, starting from reading a csv provided by HR, I am able to create an identity-user in IGL with the characteristics present in the file (name, surname, etc.). What I would like to do is: &...
    Max Tama
    last modified by Max Tama
  • Prevent non-Requestable Entitlements and Apps from Being Added to a Role

    We are on 7.1.1 P05 HF01.   We would like to prevent Roles from containing Entitlements which 1) Belong to an Application that has Exclude Entire Application From Add Access And Suggestions set to "Yes" or ...
    Chris Pope
    last modified by Chris Pope
  • Role Missing Entitlements Rule Creates Duplicate Requests

    We are on IGL  7.1.1 P05 HF02 and are using Roles.   Issue: IGL Roles have "Missing Required Entitlements", some if which are manually-provisioned Entitlements.  The "Role Missing Entitlements Rule" d...
    Chris Pope
    last modified by Chris Pope
  • Triggering Javascript Form Control When Entitlement Action is Selected

    Hi,   We have some applications that are accessed through Citrix.  These applications have their own internal entitlements, which we have created a request form to manage.  Access to the Citrix applica...
    Kevin Fitzgerald
    last modified by Kevin Fitzgerald
  • Dynamic SoD's?

    Hi Community!   I currently have a use case where I have a role set with let's say 600 roles. This role set consists of roles that have a read and write version. For example I have 'Role A - Write' and 'Role A -...
    Tim Willemstein
    last modified by Tim Willemstein
  • Role Based Access Controls (RBAC) and Segregation of Duty (SoD)

    We are in the process of implementing Role Based Access Controls (RBAC) which has brought up issues related to SoD.   Scenario: Application-A has two Entitlements: User-access and Admin-access, these are mutually...
    Chris Pope
    last modified by Chris Pope
  • Form to create an account: SSH and AFX

    Hello. I created an ssh connector connected to a Linux endpoint as application. It is called "Identity Services" and it just create accounts directly on that Linux server. The connector works well: I did the tests an...
    Shanelle Blake
    last modified by Shanelle Blake
  • Revisiting Request Hierarchy Parents

    Env: 7.1.1 P3, Wildfly, RSA Oracle 12c supplied database, Appliance I see Hierarchy issues have been addressed, however, I am still at a loss. I have a Role with a very long membership rule (maxe...
    Shlomo Katz
    last modified by Shlomo Katz
  • which values can I get for this query -

    select distinct entity_to_apply_type from t_av_unauth_changes
    Lilach Bar Natan
    last modified by Lilach Bar Natan
  • Rule Missing entitlements - Error clearance

    Dears,   We have an issue with error for the change request when we run the rule Role Missing entitlements. I've already seen that there is a recommendation to complete the workflow of an error. Yes, it works ...
    Pchelintseva Olga
    last modified by Pchelintseva Olga
  • Plugin development for RSA Identity Governance and Lifecycle

    Hello   I'm looking for guidance or reference documentation to develop a plugin for RSA Identity Governance and Lifecycle. I've found a referral that explains how to install plugins on the last version of RSA IG...
    Daniele Francioni
    last modified by Daniele Francioni
  • Rule violation for Parent Business Roles

    Dears,   Please kindly advise how a violation rule should be setup to avoid triggering non-direct members as violation in business roles.   The idea is to have a list of people who dont match a rule member...
    Volodymyr Melnyk
    last modified by Volodymyr Melnyk
  • How to Exclude an AppRole or Account from AppRole from the Leaver Rule?

    Environment: 7.1.1 P3 WildFly RSA Supplied DB Appliance   Hello QUESTION:   What is the best method to exclude an AppRole or Account from AppRole from the Leaver Rule? I cannot seem to get the ri...
    Shlomo Katz
    last modified by Shlomo Katz
  • Option to pass the OAuth token along with the SCIM  connector or collector

    Hi,   I am trying to integrate facebook's workplace with the IGL. The current scenario is the workplace supports SCIM based provisioning. I am also able to provision (Create a User using the Postman  with S...
    Shanti Deepak
    last modified by Shanti Deepak
  • Approval Node Exclusion

    Hello,   We have a Approval workflow with 2 levels of approval.   Level1- Supervisor Approval Level2- Application Approver which is an Active Directory Group. Is it possible, if the supervisor of a user ...
    shakti nayak
    last modified by shakti nayak
  • Error 500 while opening workflows

    We are unable to open any workflow while opening below error page is being shown. We checked all logs but didn't find anything concrete.     Also attaching all logs    <logs redacted>
    Dushyant Singh
    last modified by Dushyant Singh
  • Dynamic DN account creation in Active Directory

    Hello,   we have a use case, of creating a AD account as part of Joiner workflow,    Once new user detected in HR file, RSA should be able to create AD account for that user, and assign Roles based on...
    Hardik Modi
    last modified by Hardik Modi
  • Which table or view does "unifiedents" refer to?

    I'm creating a custom query for the "Revoke user entitlements" part of a "Provisioning - Termination" type rule. The default available columns (pictured below) all start with "unifiedents".   I wish to use an S...
    George Kwakkernaat
    last modified by George Kwakkernaat