Disabled Users Excluded From Policy Evaluation > How Do Their Resources / Entitlements Get Revoked ?
Last updated on MARCH 08, 2017
Applies to:Identity Manager - Version 188.8.131.52.2 and later
Information in this document applies to any platform.
With the AK patch, a user could be disabled or deleted after the user is flagged for policy evaluation.
·If the next run of the scheduled task picks up a deleted user then the POLICY_EVAL_NEEDED flag will be reset to 0 and an appropriate warning
message will logged to indicate that policies can’t be evaluated for the user because the user is deleted and policy evaluation has been marked as
If the next run of the scheduled task picks up a disabled user then policy evaluation will not happen because the user is disabled. An
appropriate warning message is logged both from the API layer and also from the scheduled job. The scheduled job will then move on the next user for whom
policies need to be evaluated. It shouldn’t deteriorate OIM performance as mentioned in the bug.
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms