3
Currently if a list of new users with security assignments need to be loaded into an environment where SOD rules are setup, there are failures when a SOD rule is violated.
It would be very beneficial to allow all records to be loaded through Data Management and then run the report ( Verify compliance of user-role assignments) afterwords that would check for the violations.
The majority of the time we need to allow the assignment since a lot of our companies run lean, and will most likely have a user that performs functions that we would consider a SOD violation. Once the report is run you can allow or deny the assignment as well as document the reason for override.
It would be very beneficial to allow all records to be loaded through Data Management and then run the report ( Verify compliance of user-role assignments) afterwords that would check for the violations.
The majority of the time we need to allow the assignment since a lot of our companies run lean, and will most likely have a user that performs functions that we would consider a SOD violation. Once the report is run you can allow or deny the assignment as well as document the reason for override.
STATUS DETAILS
Declined
Administrator on 12/17/2020 5:57:20 PM
Hi Samantha-- have you checked if you are able to import the users with SOD violations after you have disabled running the business logic in the entity? It is an option on entities to disable running business logic for such scenarios. Pls drop me a note at sunilg@microsoft.com once you find out. We can take this from there.
Thanks
Sunil