Identity Audit (SoD) Scan Creates Policy Violation Task For Risk Accepted Conflicting Role
(Doc ID 2370666.1)
Last updated on MAY 15, 2023
Applies to:
Identity Manager - Version 11.1.2.3.0 to 12.2.1.3.0 [Release 11g to 12c]Information in this document applies to any platform.
Symptoms
The Policy violation task is getting assigned even though one of the roles is closed as Risk Accepted and the task is completed with "Remediation Completed" status.
STEPS TO REPRODUCE
-------------------------
1. Create an Identity Audit Rule with the following conditions.
role[*].Role Name Equal role1
AND
role[*].Role Name Equal role2
2. Assign those two roles to an user.
3. SoD scan runs and detect this user part of conflict and creates a policy violation task and assigns to remediator.
4. Remediator takes 'Risk Accepted' on one of the two roles and completes the policy violation task without touching other conflicting role.
5. Policy violation task status gets updated as 'Remediation Completed'
6. OIM runs same scan again.
7. Scan detects same violation for the same user and again assigns the same violation task to same remediator even one of the conflicting role was accepted as risk before.
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
| Symptoms |
| Cause |
| Solution |
| References |