Incorrect SOD Policy Violation Alert For Child Requests
Last updated on OCTOBER 09, 2016
Applies to:Identity Manager - Version 220.127.116.11.160419 and later
Information in this document applies to any platform.
Getting the SOD Policy Violation alert for the child requests which do not have a SOD violation. In other words, the policy violation alert gets displayed for all child requests no matter if there is a violation.
The policy violation alert should be displayed only for the child requests which have a violation.
-Create a user manager001
-Create a user user001 with manager manager001 and provision to it entitlement TestRole1000
-Create a user user002 with manager manager001
-Create a rule for entitlement TestRole1000 and TestRole1001
-Create a policy for the above rule making sure Evaluate during Requests is selected.
- As manager001, submit a bulk request to assign TestRole1001 to both users. This generate a parent request with a policy violation because user001. If you click the Policy violation link you will see that as expected it shows only user001 with a violation. Now after approving the parent request, you would get two child requests one for user001 and one for user002.
- Open Track Requests tab, search for an approved parent request id and open it.
Click on request ID link for user002 from the 'Related Requests' table and you should see a Policy Violations link displayed. Refreshing the page makes it disappear.
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms