My Oracle Support Banner

Identity Audit Policy Violation Not Triggering for Disabled Accounts (Doc ID 2375310.1)

Last updated on MARCH 25, 2018

Applies to:

Identity Manager - Version 11.1.2.3.170418 and later
Information in this document applies to any platform.

Symptoms

Identity Audit Policy Violation are not triggering for Disabled accounts after apply patch containing fix for <Bug 26186906>.

Steps to reproduce:

1. Create an Audit policy rule for capturing violations :

For eg : 

 

2. Attach this rule to Policy and attach the Policy to a Scan definition .

3. Make sure the Policy has "Check violation on Request creation" checked .

4. For a user provision the Account which contains these roles .

5. Disable the account and confirm the same .

6. Request entitlement for the set of roles which are part of the Violation rule created in Step 1 .

7. Submit the Request , observe no "Policy Violation" displayed s Alert message .

8. Manually run the scan and check the report , there too the violation is not detected .

The same rule works fine for an account that is not Disabled for the user .

Changes

OIM 11.1.2.3.170418 + Patch 26186906

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.