Use this task to specify the function definitions for which a mitigating control is valid. You can only assign function definitions that are enabled on the assignment form.
To assign SAP function definitions to mitigating controls
- OR -
Double-click on the function definitions you want to remove in Remove Assignment.
The significance reduction of a mitigating control supplies the value by which to reduce
The reduced risk index is calculated from the
Risk index (reduced) = Risk index - sum significance reductions
If the significance reduction sum is greater than the risk index, the reduced risk index is set to 0.
The following configuration parameters are additionally available in One Identity Manager after the module has been installed.
Configuration parameter | Description |
---|---|
TargetSystem\SAPR3\SAPRights |
Preprocessor relevant configuration parameter for controlling component parts for testing authorizations in SAP R/3 using SAP functions. If the parameter is set, the components are available. Changes to the parameter require recompiling the database. |
TargetSystem\SAPR3\SAPRights\TestWithoutTCD | Checks SAP authorizations without taking SAP transactions into account. |
A default project template ensures that all required information is added in the One Identity Manager. This includes mappings, workflows and the synchronization base object. If you do not use a default project template you must declare the synchronization base object in One Identity Manager yourself.
Use a default project template for initially setting up the synchronization project. For custom implementations, you can extend the synchronization project with the .Synchronization EditorOne Identity Manager tool for configuring target system synchronization.
Use the project template "SAP® R/3® authorization objects" for synchronization of authorization packages and transactions. The template uses mappings for the following schema types.
Schema |
Table in the One Identity Manager schema |
---|---|
TOBJ | SAPAuthObject |
ObjectClass | SAPAuthObjectClass |
AUTHX | SAPField |
Transaction | SAPTransaction |
TACT | SAPActivity |
objectHasField | SAPAuthObjectHasField |
ObjectHasActivity | SAPAuthObjectHasSapActivity |
FieldHasRcTable | SAPFieldHasSAPRCTable |
tMenu01 | SAPMenu |
menuHasTransaction | SAPMenuHasSAPTransaction |
ProfileHasAuthObjectField | SAPProfileHasAuthObjectElem |
RcTable | SAPRCTable |
RcVariable | SAPRCVariable |
TRANSACTIONHASTOBJ | SAPTransactionHasSAPAuthObject |
© 2023 One Identity LLC. ALL RIGHTS RESERVED. Feedback Terms of Use Privacy