Same Application Instance Is Linked To User Multiple Times By Access Policy
(Doc ID 2221979.1)
Last updated on MARCH 02, 2019
Applies to:Identity Manager - Version 188.8.131.52.0 to 184.108.40.206.160419 [Release 11g]
Information in this document applies to any platform.
With a requirement of auto account provisioning for 2 different application instances (which are using same resource object but different IT Resource). To implement this use-case, two different Access Policies were created on two different roles but in each access policy, was specified same resource object but different IT Resource in the process form section of Access Policy. Also, "Retrofit Access Policy" is set to "No" for each policy but upon creation of these access policies, when Evaluate Policy scheduled job ran it picked existing users and linked same application instance.
Upon further user data analysis, these users were already having specified role (in access policy) but application instance wasn't present in Accounts section before creation of Access Policy. The user has been assigned multiple instances of same application instance.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!