on 09-05-2013 4:33 PM
Dear all,
can somebody explain me what option "Push Authorization Data to Backend System" in Role Methodology Step "Maintain Authorizations" is good for?
I am creating roles using GRC functions. If a role has been accidentically changed in PFCG mode the option "Push Authorization Data to Backend System" should allow me to re-push the data of the selected function towards PFCG. This should then replace the accidentically changed role by the original authorisation set and clean up the role.
But this does not work at all - if I select the option, save and move on to generation the role in to plug-in system is generated but not replaced by the original authorisation set. The e.g. accidentical added transaction in PFCG just stays assigned to the role.
Please help.
Regards,
Markus
Dear Markus,
Once you have manitained the authorizations, Please select the Sync with PFCG. This will transfer all
the chages that you made in the BRM to the back end.
Thanks & Regards
Japneet Singh
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Markus,
I have observed that behaviour also. To be honest, considering the fact that actual authorisation object field values require to be managed by GRC creating a PFCG back end session, I was slightly put off by using BRM as a end user.
I can see the merits of using BRM to create roles in a governed manner (i.e. by selecting function-grouped based transactions and also using Org mappings etc), but I found the whole experience clunky. As you state, anything added by mistake directly in the back-end seems to remain in the role definition even after synchronising.
Maybe in 10.1 things may have improved (still to hear anything new in regards to BRM).
all the best with your endeavours.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.