Hi IdM colleagues,
This is a IdM 7.1 sp6 system. We realized for some of the user entries, if we trigger the reconciliation by uISPrivReconcile (). It removes the user's privileges, but keeps the business role assignment.
Suppose this user has two business role assignments, Role1 and Role2. After reconciliation, the user loses all the privileges from both Role1 and Role2.
If I remove Role1 from IdM UI and add it back to the user. All the privileges from Role1 are assigned to the user. Then I remove Role2 and add Role2 back, the privileges of Role1 are removed, but the privileges from Role2 are assigned.
The reconciliation is not working properly for these user entries. What could be the cause of the issue and how I can fix it?
Thanks,
Chenyang