Identity Audit (SoD) Scan Creates Policy Violation Task For Risk Accepted Conflicting Role
(Doc ID 2370666.1)
Last updated on APRIL 17, 2019
Applies to:Identity Manager - Version 18.104.22.168.0 to 22.214.171.124.0 [Release 11g to 12c]
Information in this document applies to any platform.
The Policy violation task is getting assigned even though one of the roles is closed as Risk Accepted and the task is completed with "Remediation Completed" status.
STEPS TO REPRODUCE
1. Create an Identity Audit Rule with the following conditions.
role[*].Role Name Equal role1
role[*].Role Name Equal role2
2. Assign those two roles to an user.
3. SoD scan runs and detect this user part of conflict and creates a policy violation task and assigns to remediator.
4. Remediator takes 'Risk Accepted' on one of the two roles and completes the policy violation task without touching other conflicting role.
5. Policy violation task status gets updated as 'Remediation Completed'
6. OIM runs same scan again.
7. Scan detects same violation for the same user and again assigns the same violation task to same remediator even one of the conflicting role was accepted as risk before.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document