Click HERE to see how Saviynt Intelligence is transforming the industry. |
09/22/2024 01:36 AM
Hello,
We had already configured SoD with tcode ruleset and found this to be working. But when we try to add auth object with min and max value the SoD detection is not as expected.
Eg: The different combinations for same tcodes needs to be checked.
If the user have V_VBRK_FKA auth with min value 3 and V_VBRK_VKO as 2 the SoD should be detected for the V_VBRK_VKO but this is not being detected.
When the violating roles are assigned there is no violations for this risk if one of the tcode-auth-min value is not matching. If there is only one row for the tcode with the auth object then the violation is getting detcted. Issue is only when there are multiple auth-min vlaue rows for the same tcode.
Please can you help me how to get this combination to work?
Thank You in advance for your reply,
Thanks,
Rasmy
09/22/2024 11:23 PM
If auth min value for 2 different tcode are same then it detects the violation?
@RSA can you share the SS with the violation.
09/26/2024 07:11 AM
https://docs.saviyntcloud.com/bundle/EIC-Admin-v24x/page/Content/Chapter16-Segregation-of-Duties/Bas...
Also could you check in the simulation if its showing up
09/27/2024 08:00 AM
under 1 tcode, all the objects needs to be violated.To violate 1 object, under the object, if the relation are OR, then to violate an object, violation should be on any 1 entry. But if it's AND, then to violate an object, violation should be on all the entries under that object.
10/01/2024 06:37 AM - edited 10/01/2024 07:04 AM
Hi @prtkrh007 ,
ThankU for your reply. This is a OR condition and the issue is of the bunch of saproles, if 3of the saproles have the permissions but not matching the value (instead of 2 the value is 3) and 1 saprole have the permission with the value then, the SoD violation should be detected for the 1 sap role. This is not happening. As per our discussion in the Saviynt connect, will send out email with all the details.