I have performed ARA configuration in GRC 12.0. When I am doing Risk anaylsis for Dialog userid at user level, no risk came when usertype is selected as Dialog in Usertype Selection Criteria at User level.
But when I change the usertype to service in in Usertype Selection Criteria at User level, it shows risk. Userid is Dialog at backend and vice-versa.userlevel-usertype-dialog.pnguser-type-dialog-result.pnguserlevel-usertype-service.pngrisk-result-service.png
If anyone have faced this issue, please let us know.
Are you sure it is a backed dialog user? Can you double-check SU01
Does the user exist in other managed systems and have a different user type
What status does user have in GRACUSER/GRACUSERCONN?
I haven't observed this behaviour but if I am running risk analysis based on user Ids then I don't worry about choosing user type.