Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

What actions to assign to make someone a 'security' approver in CUP?

Former Member

‎03-29-2011 8:48 PM

0 Kudos

How do you get someone to be part of the "security' approver determinator in a stage for CUP?

I know it has to do with what actions they are assigned in UME, but can't find any documentation on which ones. I found some other postings that said they have to be given the AESecurity role, which is not strictly correct. For one thing, the AESecurity role is the SAP delivered role. We were told that you don't use the SAP delivered roles. You make a copy of them and give these roles to your users. This way you can customize the roles.

We have a situation were we want to give someone access to approve requests in our "security" stage, but don't want to give them all of the oher capabilities of the AESecurity role.

We are on GRC/CUP 5.3 13.2.

Thanks.

8 REPLIES 8

Former Member

‎03-29-2011 9:30 PM

0 Kudos

Hi Bob,

Are you using CAD's at all? Becuase it really depends on who you are stiing up as an approver in the security stage.

Regards,

Chinmaya

Edited by: chinmaya prakash on Mar 29, 2011 10:31 PM

Former Member
In response to Former Member

‎03-29-2011 9:41 PM

0 Kudos

No custom approvers. I am talking about when you pick the "Security" option as the Approver Determinator for a stage.

Thanks.

Former Member
In response to Former Member

‎03-29-2011 10:12 PM

0 Kudos

In that case it will only look for the AESecurity role since there are not many actions delievered in this role, I am guessing this one is based on role name.

regards,

Chinmaya

koehntopp
Product and Topic Expert
Product and Topic Expert
In response to Former Member

‎03-30-2011 7:43 AM

0 Kudos

That is correct - you need to assign the UME role "AESecurity"

Former Member
In response to Former Member

‎03-31-2011 2:08 PM

0 Kudos

If it has to specifically be the "AESecurity" role, and not specific actions/permissions, then how come I can access the requests that are in this stage, but I don't have this role? I have role "AE_Admin", which is a copy of the "AEAdmin" role. (As mentioned earlier, we don't use the SAP delivered roles, we use a copy of the roles.)

Thanks.

Former Member
In response to Former Member

‎03-31-2011 4:10 PM

0 Kudos

Bob,

AESecurity only has 3 actions(I think).. You could try it 3 different time to see if you still get it!

It would be good to know for all of us!

Regards,

Chinmaya

Former Member
In response to Former Member

‎04-01-2011 2:56 PM

0 Kudos

AESecurity in our version (GRC 5.3 SP13) has 19 actions. What are the three actions in your version? Three would be fairly easy to test.

Thanks.

Former Member
In response to Former Member

‎04-12-2011 3:03 PM

0 Kudos

Action needed is "CreateSAPUser".