We are using IdM 7.2 sp8 and GRC 10 and have a full workflow created as follows:
NOTE: Risk Validation and GRC System Auto-Approval Step are currently both disabled
Manager -> Role Owner -> GRC Risk Analysis -> Approval -> Provision Seems quite simple. right? :-) Getting every detail correct to make sure this works seemlessly is the issue I seem to be running into.
My issue is that I am trying to assign an IdM Business role that contains privileges from two different ABAP systems (very standard). After everything gets to approved, submitted to GRC and comes back to IdM, polling starts and the result is read back in and the check status task runs its "Approve" tasks. It looks like the provision job is trying to provision the requested roles into the GRC10 repository instead of the ABAP systems the privileges should be provisioned in and I get the following in the log:
- Naturally the privileges have a default repository but the Business Role does not.
- The GRC10 Repository only has the workflow (full not just AC Validation stage) in the Validate add task, no assignment tasks
- Each ABAP system only has the three normal provisioning tasks assigned, 601, 1345 and 751
![repo1.PNG]()
The error I get when its all said and done is "uSkip Called to skip entry"
There is some small detail I'm missing.
Your thoughts?