• State Suggested Answer
  • Locked Locked
  • Replies 7 replies
  • Answers 1 answer
  • Subscribers 95 subscribers
  • Views 9001 views
  • Users 0 members are here
Options
Related
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Approval procedure for Role entitlement assignment (system roles to Business Role)?

edi.imhof
over 8 years ago

Hello

I'd like to create an approval policy and approval workflow to be used in the standard service item "Role entitlement assignment".

an approval should be given by the owner of the entitlement, which is a System Role, eventually an AD Group.

Does anyone know a good approach to evaluate the owners of the System Roles (and AD Groups) which are assigned to a Business Role or Department by using "Role entitlement assignment"? 

It seems there is no such approval procedure OOTB.

Any help is greatly appreciated.

Kind regards, and thanks in advance for any advice.

Edi

Parents
  • 0 over 7 years ago
    Hello Markus
    Thanks for your Reply.
    I tried teh solution as you suggested above, but it seems I have no luck.
    If I run the Query in Object Browser it returns the correct result.
    But when I create a custom approval procedure and add the query above as the selection criteria (I focused on the first part on ESet, Line 1 - 4, but I tried also the entire script),
    as well create a custom approval Policy and assign that to the Service Item "Role entitlement assignment" things seem to go wrong.
    The effect is that no approver can be determined.
    When the Business Role manager orders an entitlement (system Role) then the decision workflow is aborted an will tell me there is no approver available in this shop.
    Of course I checked that the owner of the System role is the shop "Identity and access Lifecycle".
    Do you have any suggestion, where I could look?

    Thanks a lot
    Edi
Reply
  • 0 over 7 years ago
    Hello Markus
    Thanks for your Reply.
    I tried teh solution as you suggested above, but it seems I have no luck.
    If I run the Query in Object Browser it returns the correct result.
    But when I create a custom approval procedure and add the query above as the selection criteria (I focused on the first part on ESet, Line 1 - 4, but I tried also the entire script),
    as well create a custom approval Policy and assign that to the Service Item "Role entitlement assignment" things seem to go wrong.
    The effect is that no approver can be determined.
    When the Business Role manager orders an entitlement (system Role) then the decision workflow is aborted an will tell me there is no approver available in this shop.
    Of course I checked that the owner of the System role is the shop "Identity and access Lifecycle".
    Do you have any suggestion, where I could look?

    Thanks a lot
    Edi
Children
No Data