on 10-12-2009 6:04 AM
Hi
As part of GRC Initial Load , Application system privileges are created for each application(system id) .for example PRIV:SYSTEM:GRC:<system id> .
Please help me understand how these privileges can be used in provisioning/deprovisioning activities ..Since I read from one online GRC documentation that :
"
Create System Application Privileges: This pass creates a system application privilege that
is added to all accounts provisioned to the application managed by GRC. These are not real
privileges and will not be assignable as all others.
""
I hope these are used when creating user accounts in systems? . Not sure whether adding /removing this privilege would automate any of the process .
Please advise .
Thanks
Hi,
Once you have the privileges created from GRC, you can associate them with business roles, so when these roles are assigned to users, a GRC AC CUP request would be created for the access assignment automatically...
Cheers !!
Zaheer
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Zaheer
Can you please tell how the grc privileges will invoke the start privilege task and other tasks for submitting the request to GRC AC ?
Is it that for l grc privileges, you change in the " task field" and put the "start privilege task"? I tried that way but is giving me error
"
Unable to set value for attribute Assigned Privileges, detailed information (may not be translated): No such task"
Can you give a step by step proces for submiting a request to GRC AC 5.3 after the grc privileges are available in IDM 7.1 ?
Thank you
Sahad
Hi Sahad ,
There are attributes "MX_ADD_MEMBER_TASK" and "MX_DELETE_MEMBER_TASK
" which is assigned to all the privileges within IDM .Tha value which we give here is the value of the constant START_PRIVILEGE_TASK for a GRC repository . So whenever an assignment is being done for MX_PERSON with a privilege whose "MX_ADD_MEMBER_TASK" and "MX_DELETE_MEMBER_TASK are appropriatly updated with correct value , then IDM will start the provisioning task for the assignment.
Experts ,
Please correct me if I am wrong .Thanks
Thanks
Hi gsapsdn,
>"MX_ADD_MEMBER_TASK" and "MX_DELETE_MEMBER_TASK
>" which is assigned to all the privileges within IDM
How we can assign the attribute MX_ADD_MEMBER_TASK" and "MX_DELETE_MEMBER_TASK to the privilage say PRIV:GRC:KMD:CO:ACTUAL_POSTINGS ?
How it will call the task to submit the request to grc ?
Hi Sahad,
While creating privileged in Identity center , you can link these attributes to the privileges . Please go through this link for getting some idea on how it triggers the GRC request automatically when they are assigned to a user.
Thanks
User | Count |
---|---|
84 | |
10 | |
10 | |
10 | |
7 | |
6 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.