on 12-07-2012 10:08 AM
Hello,
we want to give the Approvers of Access Request only the authorisation to run the risk analysis in the Risk Violation tab only for one rule set.
I give this users the authorisation, which you can see in the picture:
But this things don't work. The approver can also run the risk analysis with another rule set.
Can anybody help me please?
Friendly Regards
Kristin Eckstein
Hi Kristin,
You can check if GRAC_RA authorizations are also assigned to this user with ACTVT 70 value.
Activity value 70 has full administrator rights. If any user has value 70 in ACTVT of GRAC_RA, this will supersede other risk analysis authorizations.
The activity value of 70 for the authorization object GRAC_RA should be changed to 16(Execute).
Hope this helps.
Thanks & Regards
Neeraj
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Neeraj
Ha, amazing! Thanks a ton. Your hint regarding the administrator rights given by GRAC_RA object with field ACTVT=70 was brilliant. I was wondering why restricting the user in GRAC_* objects like GRAC_USER did not have any effect. Now it works.
I would give you the 10 points for the correct answer...
Many thanks
Markus
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.