on 03-03-2016 11:54 AM
Hello,
I am looking for the way to restrict the admin unlock for user when user raised the unlock request in GRC 10.1.
If user locked by admin they don't want to unlock user by access request.
Thanks & Regards,
Lakshmi
Hi Lakshmi
If you don't want to use GRC to handle and Administration unlock then how do you intend to manage it?
Password Self Service will not unlock and Administration Lock. Access Request would have approval steps no different to a Create User scenario, etc.
What is the business reason issue that you are actually trying to solve?
Regards
Colleen
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi,
A procedure call(with a call to the function/program) can be created to retrieve value from table USR02(field UFLAG). the input to the program, via the procedure call has to be the user id in GRC request. Thereafter the output of the procedure call has to be taken in a data element.
Then in a decision table, provide diff. Rule results for lock values. then route these diff. rule results, into diff. paths and assign diff. teams. For the team, that gets the value 64, its activity would only be reject the requests. All other requests can be unlocked.
If the above does not suit, then the security team has to look for the lock value for every id raised for unlock.
BR
plaban
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Create the right request types with the correct actions and and ensure that the authorization within the roles assigned to users does not allow them to create such a request.
You may also want to ensure that the right person receives the lock request to approve (or reject in your case).
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.