10-07-2014 2:43 PM
We are on GRC 10.0 SP 13, and are trying to develop end user login role, I have restrcited roles using authorization objects GRAC_ROLED & GRAC_ROLEP to limit to business role.
Even after the failed authorization check, when i try to pick roles from existing assignments, Access request still shows the roles with failed authorization checks.
I have already set the technical roles status as "Development" so that they do not show up on Add > Role pop up.
Have anyone looked at this before? Any help is greatly appriciated.
Thanks, Vishwas
10-08-2014 1:50 PM
Hi Vishwas/Adelita,
If you have correctly maintained/restricted authorization object: GRAC_ROLEP and generated the profile followed with user comparison, then there could be no room that the user is still able to search the roles for which he/she is restricted.
Check if the user is getting full access via any another role/profiles. And refresh the user buffer, try loggin off and then log-in back. See if this helps.
It's completely related to the authorizations and user buffer.
Regards,
Ameet
10-08-2014 3:02 PM
Hi Adelita,
If you would like to restrict the role from this list you should set parameter
Provisioning Allowed flag t to “No” for that system to restrict it from being visible during access request creation.
Regards,
Filip