My Oracle Support Banner

Oracle Identity Governance (OIG) 12.2.1.4 Accounts in "Provisioning" Status Where the Related Role/Access Policy (AP) is Revoked Causes AP Evaluation to Not Provision New Accounts (Doc ID 2864225.1)

Last updated on FEBRUARY 05, 2024

Applies to:

Identity Manager - Version 12.2.1.4.210428 and later
Information in this document applies to any platform.

Symptoms

In this scenario, there is an account in "Provisioning" status what has been provisioned by a role and associated Access Policy.  A new role/Access Policy is added which should provision a new account for this user.  When the "Evaluate User Policies" scheduled job is run, the new account that should be provisioned will not be provisioned.  Instead, the logs will show that a rollback is generated.   At the bottom of the stack, it shows an attempt to revoke/disable the original account in "Provisioning" status.

 

 From the logs:

 

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Cause
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.