Policy Violation Alert Displayed Incorrectly On Child Request
Last updated on JULY 31, 2016
Applies to:Identity Manager - Version 220.127.116.11.0 and later
Information in this document applies to any platform.
An identity audit scan with a policy rule is defined for two LDAP entitlements TestRole1000 and TestRole1001
With the above policy rule a policy violation will be displayed when a user may end up with both roles.
user001 has an account in LDAP and has already entitlement TestRole1000 assigned.
user002 has an account in LDAP with no entitlement at all.
A bulk request is submitted to provide entitlement TestRole1001 to user001 and user002.
On submitting the request we get a policy violation for user001 because as a result of that request if approved user001 will end up with the two conflicting entitlements.
On approving the request we get two child requests, one for user001 that shows the correct policy violation
and one for user002 that shows an incorrect policy violation.
The request for user002 should not show any policy violation as user002 will not end up with a combination of TestRole1000 and TestRole1001.
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms