Skip to Content
0

Functional Guide to Maintain SOD Rule Set

Mar 28, 2017 at 10:00 AM

130

avatar image

Hi guys,

Is there a quick guide to maintain the SOD rule set. In particular, at this moment, I'm looking to have a clarification on how the operators work (AND & OR).

I just wanted to confirm, because SAP fixed a pathetic issue in SP14 and now there are risks coming up at the same time that the operators have been changed in our scenario, creating confusion on the real root cause.

Thanks for any help,
Gustavo

10 |10000 characters needed characters left characters exceeded
* Please Login or Register to Answer, Follow or Comment.

1 Answer

Best Answer
Marcelo Monsores Apr 04, 2017 at 01:44 PM
0

Hi Gustavo.

These notes were created for GRC-AC 5.3, but the logic keeps the same:

1514544 - Explanation of logic between and within permissions
1330165 - Instructions on how to use Operators AND OR NOT

In general:

1) You cannot use 'OR' between different objects;

2) You cannot use 'OR' between different fields (even if for the same object);

3) You cannot mix 'AND' and 'OR' for values of the same field. For example, it is not possible to have a rule like MYOBJECT/MYFIELD=(01 OR 02) AND (03 OR 04).

Regards,

Marcelo Monsores

Share
10 |10000 characters needed characters left characters exceeded