Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry.
Saviynt Copilot Icon

SOD Evaluation for Tcodes using nosap type function

asharma
Regular Contributor II
Regular Contributor II

Hi,

Requirement - We want to evaluate the violations/conflicts at the time of access request but we want user to request sap role and saviynt should evaluate on the basis of Tcode. Is this possible? If yes, how?

9 REPLIES 9

sai_sp
Saviynt Employee
Saviynt Employee

Yes, this can be done. Please set the function type as Non-Sap and set the sod.entitlement.depth in the externalconfig.properties to 2. SOD will be then evaluated at the 2nd level which is the tcode - 1st being the saprole. Define the ruleset accordingly.

asharma
Regular Contributor II
Regular Contributor II

we have to upload a ruleset so we cannot change the function type as non sap. It will sap then only we can upload the ruleset with tcodes.

NM
Esteemed Contributor
Esteemed Contributor

Hi @asharma can you share the ruleset?

You want to evaluate the SOD at which level?


If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'

asharma
Regular Contributor II
Regular Contributor II

I am trying with default available from Saviynt doc with objects as 

FUNCTIONENDPOINTTCODE OBJECTNAMEFIELDNAMEMINVALUEMAXVALUERELATIONSTATUS

NM
Esteemed Contributor
Esteemed Contributor

@asharma so is ilit not working ? Showing an error?


If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'

  • Try using simulation feature

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

asharma
Regular Contributor II
Regular Contributor II

@rushikeshvartak can you guide me with the config and logic how can we achieve it with Simulation.

asharma
Regular Contributor II
Regular Contributor II

can anyone confirm if we can bring sap role and tcodes linking from SAP app to Saviynt. If yes, then which table and which function modules for system user.

  • You need to add conflicting entitlements and simulate its straight forward

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.