Incorrect SOD Policy Violation Alert For Child Requests
(Doc ID 2189769.1)
Last updated on APRIL 17, 2019
Applies to:Identity Manager - Version 220.127.116.11.0 to 18.104.22.168.160719 [Release 11g]
Information in this document applies to any platform.
Getting the SOD Policy Violation alert for the child requests which do not have a SOD violation. In other words, the policy violation alert gets displayed for all child requests no matter if there is a violation.
The policy violation alert should be displayed only for the child requests which have a violation.
-Create a user <MANAGER>
-Create a user <END_USER1> with manager <MANAGER> and provision to it entitlement <ENT1>
-Create a user <END_USER2> with manager <MANAGER>
-Create a rule for entitlement <ENT1> and <ENT2>
-Create a policy for the above rule making sure Evaluate during Requests is selected.
- As <MANAGER>, submit a bulk request to assign <ENT2> to both users. This generate a parent request with a policy violation because <END_USER1>. If you click the Policy violation link you will see that as expected it shows only <END_USER1> with a violation. Now after approving the parent request, you would get two child requests one for <END_USER1> and one for <END_USER2>.
- Open Track Requests tab, search for an approved parent request id and open it.
- Click on request ID link for <END_USER2> from the 'Related Requests' table and you should see a Policy Violations link displayed. Refreshing the page makes it disappear.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!