GRC AC V10 - one approval step for manager and role owner

Similar Messages

• GRC AC 10 SP13 - workflow not routing to multiple role owners

  hello
  We are experiencing issues in our production MSMP workflow where an access request with multiple business roles are not being routed to role owners after manager approval. The request contains four business roles. Three business roles have three different role owners. The fourth business role does not have a role owner assigned. After the manager approves the request, the business role without a role owner does not provision. The other three business roles do not route to their respective role owners. We have tested the same scenario in our development environment and it routes properly. I have validated our MSMP workflow settings in production and validated it was activated. I have also checked the instance monitor via GRFNMW_DBGMONITOR_WD and it does not give an indication why the request isn't routing.
  Any ideas why we are seeing this? Below is a screen shot of the audit log.

  Hi Stacey
  If DEV is working and PRD is not have you gone through and compared both and ensure latest MSMP configuration in PRD has been activated?
  Also, is the approver COCHGG00 also the Role Owner?
  Are you able to show you MSMP configuration? It's makes sense to analyse the log in the context of your configuration. E.g. does the Z_ADDTNL_ACCESS_PATH path have two stages: Manager and Role Owner of which there is a routing rule on the Manager approval to go to the NO_ROLE_OWNER path where the business role has no role owner?
  Regards
  Colleen

• How to skip approving steps for users who are also approvers?

  We have a business need to be able to skip the approving steps for the users who are also approvers.
  For this following steps were followed :-
  1) Open .task file and go into the Assignment tab. Double click on the performer box within the routing slip, this should open the "Edit Participant Type" editor. Expand the "Advanced" section and place a check next to "specify skip rule", then click the edit icon to the right. Now enter an XPath expression that will test whether the current user is equal to the task creator.
  2) We used - isUserInRole XPath function in the "Identify Service Functions" dropdown - first param to function is the userID, the 2nd is the role name.
  We tried with hardcoded userID as well as by using
  ids:isUserInRole(/task:task/task:systemAttributes/task:updatedBy/task:id,'California')
  where 'California' is the group name (as one of the forum threads told this function works with groups).
  We also tried with swimlane roles(using bpm.getPerformer() function) but it does not work either.
  Please let me know if any one has any solution to this problem.

  session as DirectorySession = DirectorySession.currentEngineSession
  dirHum as Fuego.Fdi.DirHumanParticipant = DirHumanParticipant.fetch(session : session, id : "myUserId")
  result = hasRoleAssigned(dirHum, role : "Approver")Give that a try...
  HTH,
  -Kevin

• [b]One small step for a man, one giant leap for mankind[/b]

  Just kidding :-) I was just looking for an eye catcher...
  Want you check out a nice feature? Check out
  http://apex.oracle.com/pls/otn/f?p=33231:40:::NO:::
  and tell me what you think...
  Has been tested with Firefox 2.0 and some basic testing with IE6.0
  More details coming soon.
  Patrick

  I have uploaded some details about the solution and how to integrate it into your own application.
  http://inside-apex.blogspot.com/2007/01/one-small-step-for-man-one-giant-leap.html
  As I have written in the blog posting, I'm really new to JavaScript, just started 1 1/2 month ago and I'm currently on page 351 (total 994) of the JavaScript - The Definitive Guilde. So if you look at my code and think, man are you crazy, why you write that much code to do that, it's a simple regular expression and you are done! Please let me know!
  The JavaScript stuff was more work as I thought (especially if it should work with Firefox and IE), you really appreciate the build in TO_DATE and TO_NUMBER and it's flexibility when you have to implement that by yourself. :-)
  At least I haven't found a JavaScript validation toolbox which is compatible with the format mask settings of Oracle.
  Call for testing:
  -) I want know if the format mask checks I implemented work for all the combinations out there. The weird American ones with AM/PM and the month at be beginning should also work ;-)
  -) If the inline error display also works with other themes and userdefined label templates.
  So please plug it into your application and do a test drive of the new Ferrari! ;-)
  Thanks a lot
  Patrick
  Check out my APEX-blog: http://inside-apex.blogspot.com

• It's one small step for mankind, but one giant leap for me (DSP program)

  Hi guys,I don´t know if it is a off-topic here or if someone is interested.
  I was developing a DSP program i Java. All I told that I was developing this software
  said it was impossible. The JVM is very heavy, is an interpreted language etc. But it is working
  and with a good performance. Is a SDR (software defined radio) software, it is not finished but if anybody
  want to see some documentation, give me a few days and look for it at
  http:\\gvillamayor.angelfire.com
  If anyone is interested mail me [email protected]

  I have uploaded some details about the solution and how to integrate it into your own application.
  http://inside-apex.blogspot.com/2007/01/one-small-step-for-man-one-giant-leap.html
  As I have written in the blog posting, I'm really new to JavaScript, just started 1 1/2 month ago and I'm currently on page 351 (total 994) of the JavaScript - The Definitive Guilde. So if you look at my code and think, man are you crazy, why you write that much code to do that, it's a simple regular expression and you are done! Please let me know!
  The JavaScript stuff was more work as I thought (especially if it should work with Firefox and IE), you really appreciate the build in TO_DATE and TO_NUMBER and it's flexibility when you have to implement that by yourself. :-)
  At least I haven't found a JavaScript validation toolbox which is compatible with the format mask settings of Oracle.
  Call for testing:
  -) I want know if the format mask checks I implemented work for all the combinations out there. The weird American ones with AM/PM and the month at be beginning should also work ;-)
  -) If the inline error display also works with other themes and userdefined label templates.
  So please plug it into your application and do a test drive of the new Ferrari! ;-)
  Thanks a lot
  Patrick
  Check out my APEX-blog: http://inside-apex.blogspot.com

• Steps for portal and Microsoft LDAP server integration

  Hi,
  Could any one guide me steps for portal and Microsoft LDAP server integration. Need it urgently.
  Thanks in advance.
  Regards,
  Niraj

  Please don't cross post in multiple forums..

• I have one Itunes account for myself and children.  Can we facetime each other on different devices?

  I have one Itunes account for myself and my children.  Can we facetime each other on different devices?

  Yes, you can.
  See here: https://www.apple.com/ios/facetime/

• HT204053 I have one apple ID for purchases and then my mobile me ID where I use for email.  So I have set my cloud with my mobile me name, while keeping my purchases the original name.  Will my purchases be recognized as purchases when backup is finished.

  I have one apple ID for purchases and then my mobile me ID where I use for email.  So I have set my cloud with my mobile me name, while keeping my purchases the original name.  Will my purchases be recognized as purchases when backup is finished.

  Welcome to the Apple community.
  So long as you are logged into the iTunes Store, using the correct ID and password (settings >store), then you will always have access to your apps, books, music, TV shows etc etc bought via the iTunes Store on that account.

• I am going to buy a macbook pro for grade 12, and I need to know wheather I should get a macbook pro or a macbook pro retina. If someone could tell me (in a very simple way) which one is,better for me and why, I would be ever so apprreciative.

  I am going to buy a macbook pro for grade 12, and I need to know wheather I should get a macbook pro or a macbook pro retina. If someone could tell me (in a very simple way) which one is,better for me and why, I would be ever so apprreciative.

  Why do you need a expensive MacBook Pro?
  Your attending high school and unless everyone else is rich also your likely going to be a target by the more poorer students for theft or damage to the machine.
  You could keep it home, but if you need it for class then your exposed again.
  Also at that age your not very careful yet, a MacBook Pro is a expensive and easily damaged machine.
  Unless your made of money and so are others at your school, I would recommned a low profile, just does the job cheap Windows PC.
  If it dies, gets lost, stolen or damaged because of your inexperince handling senstivie electronics then it's no big deal.
  You can buy a Mac later on when your sure you have a need for it, currently there isn't much advantage of owning a Mac compared to a PC, they do just about the same things now, one just looks prettier than the other.
  Since 95% of the world uses Windows PC's your going to have to install Windows on the Mac in order to keep your skills up there or be unemployed, so it's a extra headache and expense.
  good luck

• Just looking steps for Lenovo and HP each model example what is link to download the driver files

  DELL offers cab file and lenovo,HP what type of driver files just looking steps for Lenovo and HP each model example what is link to download the driver files and other settings used in task sequence or package

  This should help you out:
  Lenovo: http://support.lenovo.com/en/documents/ht074984
  HP:
  http://www.deploymentresearch.com/Research/tabid/62/EntryId/55/HP-takes-the-next-step-and-provides-ready-made-driver-packages-for-MDT-and-SCCM.aspx
  My Blog: http://www.petervanderwoude.nl/
  Follow me on twitter: pvanderwoude

• Guide me config steps for REceive and put away materials

  Hi ,
  I am new this module.
  Please guide me all cofiguration steps for Receive and Put away materials in MM system.
  Thanks,

  HI,
  read sap help and search on Google.or in forum
  [http://help.sap.com/saphelp_46b/helpdata/en/fd/45b7ee9d6411d189b60000e829fbbd/frameset.htm]
  Regards
  Kailas Ugale

• Whisch one is correct for undo_retention and what is the difference

  Hi ALL,
  whisch one is correct for undo_retention and what is the difference
  SQL> select max(maxquerylen) from v$undostat;
  MAX(MAXQUERYLEN)
  6060
  SQL> select max(maxquerylen) from dba_hist_undostat;
  MAX(MAXQUERYLEN)
  17221

  hi Afzal,
  you can use begin_time & end_time of v$undostat -> to specify the time interval of your interest.
  A brief note, of what you have discussed here:
  maxquerylen
  Identifies the length of the longest query (in seconds) executed in the instance during the period. You can use this statistic to estimate the proper setting of the UNDO_RETENTION initialization parameter. The length of a query is measured from the cursor open time to the last fetch/execute time of the cursor. Only the length of those cursors that have been fetched/executed during the period are reflected in the view.
  V$UNDOSTAT is dynamic, showing current stats.
  DBA_HIST_UNDOSTAT displays the history of histograms of statistical data to show how well the system is working. The available statistics include undo space consumption, transaction concurrency, and length of queries executed in the instance.This view contains snapshots of V$UNDOSTAT
  hope it help.
  regards,
  X

• Oracle Provider for Membership and Roles not running

  Hi Everyone,
  I ran the ASP.Net Configuration and select the 'Provider' tab.
  When I choose 'Select a single provider for all site management data', only AspNetSqlProvider is shown.
  When I choose 'Select a different provider for each feature (advanced)', I see the Oracle Provider for Membership and Roles. I select both then try to enter 'Security' tab. It will hang then come back with this error:
  "There is a problem with your selected data store. This can be caused by an invalid server name or credentials, or by insufficient permission. It can also be caused by the role manager feature not being enabled. Click the button below to be redirected to a page where you can choose a new data store. "
  Any solutions to this...........
  Regards
  Sid

  Thanks for the reply but i stil have the problem...............
  My Current machine.config has this to say in that particular section
  <connectionStrings>
  <add name="LocalSqlServer" connectionString="data source=.\SQLEXPRESS;Integrated Security=SSPI;AttachDBFilename=|DataDirectory|aspnetdb.mdf;User Instance=true" providerName="System.Data.SqlClient"/>
  <add name="OraAspNetConString" providerName="Oracle.DataAccess.Client" connectionString=" "/>
  </connectionStrings>
  What can be done.........................in this case
  Thanks

• Using Dynamic Groups in Ldap for Accounts and Roles

  Does anyone currently use dynamic groups in LDAP for accounts and roles? I have set up a dynamic group in ldap (we are using OID Oracle internet Directory 10.1.2.0) , ldapsearch returns the correct list of unique names, but the account does not appear on my profile page when I log in to UCM (10.1.3). I cannot find any documentation so I'm asking myself if it is supported .....

  Thanks tim ... will check, but Oracle are saying :
  Oracle Universal Content Management - Version: 7.5.1
  Information in this document applies to any platform.
  Product: Content Server
  Version: 6.0
  Goal
  Can the Content Server's LDAP provider support, or can it be configured to support, dynamic LDAP groups?
  Solution
  The Content Server by itself is unable to process dynamic LDAP groups since the filter that is used cannot read dynamic groups. However, dynamic groups can still work in the Content Server if the permissions for the queried user are generated on the LDAP server side. For example: Novell and Active Directory both have this functionality.
  to which I have replied you suport 3rd party ldaps, but not your own? Shurely shome mishtake ..... if ldap search works in a seamless way, surely provider should too ....
  Billy, you may well be right, just got a cashflow problem over here !

• Help me plz.. i,ve got a apple i phone 4 and i'm the 2 owner of it and i dont have it's apple id and passward for it and 1st owner doesnt know it too so what can i do for this plz help me....

  help me plz.. i,ve got a apple i phone 4 and i'm the 2 owner of it and i dont have it's apple id and passward for it and 1st owner doesnt know it too so what can i do for this plz help me....

  Neither can we.  Only the original owner can help you, surely he/she can reset their password.