I’m stuck with a weird issue and would be great if you could help or share your thoughts please…

In our IAM implementation, a loopback driver is assigning role to user from driver policy using "add role" and driver processes this policy without any errors.

add role (id="$GCV-UAPP-ID$", role-id="$GCV-ROLE-NAME$", url="$idv.dit.data.userapp.url$", arg-password (Named Password ("uapp_requestor") ) , description="AD Role Added by Driver" + Source Name () )

Now, issue is that in role object we have user added in “equivalent to me” attribute; but there’s no value for “nrfAssignedRoles” or “nrfAssignedResources” populated in user object.

RRSD Driver log displays following trace messages:

rnrtrace-[05/12/16 07:32:51.049]:Role and Resource ST:
rnrtrace-DirXML Log Event -------------------
rnrtrace- Driver: \PRODIDVAULT\System\DS\mydriverset\Role and Resource Service Driver
rnrtrace- Channel: Subscriber
rnrtrace- Status: Success
rnrtrace- Message: Added assigned role to identity
rnrtrace- Role: O=System\OU=DS\CN=mydriverset\CN=UserApplication\C N=AppConfig\CN=RoleConfig\CN=RoleDefs\CN=Level30\C N=Active Directory Account Global Role
rnrtrace: Identity: O=IDM\OU=Users\CN=sjsingh01
rnrtrace-[05/12/16 07:32:51.050]:Role and Resource ST:
rnrtrace-DirXML Log Event -------------------
rnrtrace- Driver: \PRODIDVAULT\System\DS\mydriverset\Role and Resource Service Driver
rnrtrace- Channel: Subscriber
rnrtrace- Status: Success
rnrtrace- Message: Created resource request
rnrtrace- DN: O=System\OU=DS\CN=mydriverset\CN=UserApplication\C N=AppConfig\CN=RoleConfig\CN=ResourceRequests\CN=2 0160512073247-4911df2694164477be0080b1829fe2ac-0
rnrtrace-[05/12/16 07:32:51.051]:Role and Resource ST:
rnrtrace-DirXML Log Event -------------------
rnrtrace- Driver: \PRODIDVAULT\System\DS\mydriverset\Role and Resource Service Driver
rnrtrace- Channel: Subscriber
rnrtrace- Status: Success
rnrtrace- Message: Transitioned request status from 0 to 30
rnrtrace- DN: O=System\OU=DS\CN=mydriverset\CN=UserApplication\C N=AppConfig\CN=RoleConfig\CN=ResourceRequests\CN=2 0160512073247-4911df2694164477be0080b1829fe2ac-0
rnrtrace-[05/12/16 07:32:51.053]:Role and Resource ST:
rnrtrace-DirXML Log Event -------------------
rnrtrace- Driver: \PRODIDVAULT\System\DS\mydriverset\Role and Resource Service Driver
rnrtrace- Channel: Subscriber
rnrtrace- Status: Success
rnrtrace- Message: Added assigned resource to user
rnrtrace- Resource: O=System\OU=DS\CN=mydriverset\CN=UserApplication\C N=AppConfig\CN=RoleConfig\CN=ResourceDefs\CN=AD-UserAccount
rnrtrace: User: O=IDM\OU=Users\CN=sjsingh01
rnrtrace-[05/12/16 07:32:51.054]:Role and Resource ST:
rnrtrace-DirXML Log Event -------------------
rnrtrace- Driver: \PRODIDVAULT\System\DS\mydriverset\Role and Resource Service Driver
rnrtrace- Channel: Subscriber
rnrtrace- Status: Success
rnrtrace- Message: Transitioned request status from 30 to 50
rnrtrace- DN: O=System\OU=DS\CN=mydriverset\CN=UserApplication\C N=AppConfig\CN=RoleConfig\CN=ResourceRequests\CN=2 0160512073247-4911df2694164477be0080b1829fe2ac-0