Skip to Content
Oct 22, 2018 at 08:06 PM

Business Role provisioning failure if user doesn't exist in specific system

264 Views Last edit Oct 23, 2018 at 02:10 AM 2 rev

Dear SAP experts

We are following Business Role concept for user provisioning.

Cenário: An acess request is created for business role assignment to a specific user. This Business Role has technical roles associated from 3 diferent systems: System_1, System_2 and system_3

The specific user ID exist just on System_1 and system_2; he/she cannot exist on system_3.

Request type is: Modify user

Action: Assign Object

At the end of approvals stages, during provisioning, GRC corretly assign tech roles on system_1 and system_2, but as the user doesn't exist on system_3 GRC gives an error of provisioning failure and shows message "user doesn't exist on system XXXX". Then the acess request goes to a "detour path" for provisioning failures.

My question is:Is it possible that in this cases GRC could just bypass and ignores that the the user doesn't exist on system_3 and closes the access request successfully, without provisioning failure ? Maybe a warning or something. Remember that in our cenario this user cannot has access to system_3.

[GRC Access Control 10.1 SP 17]