on 05-05-2015 2:48 PM
Hi Experts ,
While creating any access request the user validation from LDAP is working fine.
We have some scenariors where the user data is deleted from LADP but the related access request are still present in GRC system and after approval it is providing the access /creating roles etc( for the invalid user).
Do we have any option to do a validation check of user while approving the Access request?
Kindly suggest.
Thanks&Regards
Trupti
You can search for all the requests within the GRC system that have been submitted for user "X" via the "Search request" report on the Access Request Admin section.
Then as GRAC Admin, you can cancel them all.
Hope that simple solution helps.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I know that prior to submission, if your LDAP source is the primary user source (and only one) and you have set the parameter setting 2051 (Enable User ID Validation in the Access Request against Search Data Requests) to Yes, then this will stop you from raising a request for a invalid user.
I believe you have already configured this.
As for requests that were created prior to the person being removed from LDAP, I don't think there is an easier way out. In the "User Provisioning >Maintain Provisioning settings" section, you could have the Account Validation check performed on the ABAP side and give a "Error" or "Warning" should the user not exist, but this is probably not what you want for your solution.
Easiest thing would be the report solution given in my initial response.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.