Unexpected access to resources

Accesses to a protected system resource are either being unexpectedly granted or denied. It is always wise to first validate that the Verify Identity Access processes are started and running normally.

Also check to ensure that the Verify Identity Access message log files do not flag any operational problems. If Verify Identity Access seems operationally sound, the problem is likely due to the policies that have been defined and applied to that system resource.

There are three Verify Identity Access policy mechanisms that can be used to control access to your protected resources: ACLs, POPs, and authorization rules. Use the pdadmin commands to learn which ACL in your protected object space hierarchy has control over the access to the protected resource.