Accounts Are Not Revoked but Disabled For Access Policy With "Revoke if no longer applies"

(Doc ID 2158490.1)

Last updated on JULY 24, 2016

Applies to:

Identity Manager - Version 11.1.2.2.0 and later
Information in this document applies to any platform.

Symptoms

1. Provision an account to a target using one or multiple access policies. Each access policy is configured with "Revoke if no longer apply" flag.

2. Once an user is removed from the related role(s), instead of having a Revoked status for the account, seeing Disabled status.

When creating some new access policies and roles, the issue didn't reproduced.

 

Changes

 Access Policies were migrated from an environment to another using Deployment Manager.

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms