Skip to Content

Functional Guide to Maintain SOD Rule Set

Hi guys,

Is there a quick guide to maintain the SOD rule set. In particular, at this moment, I'm looking to have a clarification on how the operators work (AND & OR).

I just wanted to confirm, because SAP fixed a pathetic issue in SP14 and now there are risks coming up at the same time that the operators have been changed in our scenario, creating confusion on the real root cause.

Thanks for any help,
Gustavo

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

1 Answer

  • Best Answer
    Apr 04, 2017 at 01:44 PM

    Hi Gustavo.

    These notes were created for GRC-AC 5.3, but the logic keeps the same:

    1514544 - Explanation of logic between and within permissions
    1330165 - Instructions on how to use Operators AND OR NOT

    In general:

    1) You cannot use 'OR' between different objects;

    2) You cannot use 'OR' between different fields (even if for the same object);

    3) You cannot mix 'AND' and 'OR' for values of the same field. For example, it is not possible to have a rule like MYOBJECT/MYFIELD=(01 OR 02) AND (03 OR 04).

    Regards,

    Marcelo Monsores

    Add comment
    10|10000 characters needed characters exceeded