After assigning a role to a User object , the attribues
DirXML-EntitlementRef, nrfAssignedRole, nrfmemberof of the user object
get populated. This role assignement was done using the IDM User
Application Screen.

I am trying to remove the role from policy builder. When I nullify the
attributes nrfAssignedRole, nrfmemberof through the policy, the role
gets removed from the User. The User Application screen shows that the
role has been removed.

But In my another approach, when I use the Do "remove role" action in
the policy builder, the role doesnt get deallocated from the User. The
attributes nrfAssignedRole and nrfmemberof also remain unchanged. The
User Application Screen still shows the Role associated with the User.

The User Application Driver and the Role service drive are running.

Could you please give an idea as to why this Action "Remove Role" is
not behaving as expected.
I am using IDM 3.6 and Designer 3.0

Vartika Sanat
Technical Consultant
vartika's Profile:
View this thread: