on 05-08-2014 11:54 AM
Hi all,
We have a risk with 2 functions.
The first function search for VF01 and other V_VBRK_VKO with ACTVT01 enabled.
The second function search for VA01 and V_VBAK_VKO with ACTVT=01 enabled and SPART field enabled.
Then we have defined an organizational rule having SPART=BB.
It seems that the risk analysis results is wrong on function 2 (VA01).
We have a user with 2 roles assigned:
- the first role gives an authorization to V_VBAK_VKO object with ACTVT=01 and SPART=AA
- the second role gives an authorization to V_VBAK_VKO object with ACTVT=03 and SPART=BB
The risk analysis results reports that the user has a violation because he his authorized to function 2.
This is wrong because the user has only a display authorization on SPART=BB.
Any suggestion?
Thanks.
Andrea
Hi Andrea,
just a basic question: did you generate the SOD Rules after adding the organizational rule? It's required to regenerate the rules after org rule has been defined.
Regards,
Alessandro
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.