cancel
Showing results for 
Search instead for 
Did you mean: 

1981001 - Recommendations : Using business role provisiong in access request

0 Kudos
320

Hi ,

Did any one tried to execute the report in note 1981001 - Recommendations : Using business role provisiong in access request.

What is functionality of the report

Accepted Solutions (0)

Answers (2)

Answers (2)

0 Kudos

Thank you Marcelo. But some roles will be assigned manually and some through GRC.

In that scenario, how this will work?

Also in the note it is mentioned "Never run PFCG compression report in the target system"

Monsores
Active Participant
0 Kudos

Hi Sowmya.

I suppose you are talking about PRGN_COMPRESS_TIMES.

It deletes expired assignments and then tries to merge multiple assignments of the same role to a user (if their validity periods overlaps).

Regards,

Marcelo Monsores

0 Kudos

Thank you Marcelo. But some roles will be assigned manually and some through GRC.

In that scenario, how this will work?

Also in the note it is mentioned "Never run PFCG compression report in the target system"

Monsores
Active Participant
0 Kudos

Hi Sowmya.

After provisioning GRC assignments end up in the target systems with no technical differences from those manually done.

It means that they would also be included in the scope of PRGN_COMPRESS_TIMES.

And it is really not a good idea to have any kind of direct changes to role assignments in your target systems once you start doing it via GRC (be them manual or via programs like PRGN_COMPRESS_TIMES). It can bring you headaches like generating misalignments between the audit logs of your access requests and the real situation on the system and breaking up your Business Role Assignments.

Regards,

Marcelo Monsores