cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Unique workflow requirement

Former Member

on ‎11-13-2010 6:46 AM

0 Kudos

Dear Experts,

I am designing a work flow for Delegation requests at one of my client location. The work flow path is as follows

Requester -> Role Owner-> Security Admin

The requester will be raising a request for some other user to whom he is delegating the work.

Now the problem is client requires that only the roles of the Requester should be available for selection for this particular Request type. Model My Access By feature is not of much use as the requester can select ANY user id.

I am had thought of initially disabling the role selection option for end user, but it will applicable to all the Request types so again not acceptable.

Experts please give suggestions

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

koehntopp
Product and Topic Expert
Product and Topic Expert
‎11-13-2010 9:52 AM
0 Kudos

The idea behind CUP is that you can request just about anything (with minor limitations), and that the approvers will act as a filter to make sure what gets provisioned is ok. What you want to do can't be achieved easily.

Generally it's easier to have a human make sure this works. An alternative solution may be achieved by providing the access through Firefighter IDs.

Frank.

Show replies
Show replies
Former Member
‎11-13-2010 4:49 PM
0 Kudos

Hi Frank,

We are already attaching a Firefighter Id at the security Admin Stage. What the client is expecting is preventive control which is not quite possible in CUP.

Any other suggestion which you could think?

Thanks for the reply though.

Regards,

P Thompson

Former Member
‎11-16-2010 11:18 PM
0 Kudos

CUP is not able to utilize this type of logic because it uses the same request screen and search functionality across all users. This type of business requirement would need software capable of in-depth customization, such as a full Identity and Access Management solution (see SAP IdM, Sun IdM, Oracle IdM, IBM Tivoli, etc.)

Best of luck!

Ask a Question