Is there a quick and easy way to setup a rule so that a user is only allowed to have 1 approle from a specified business source? The long way to accomplish this would be to setup an SOD role for every role to conflict with every other role, but that's not scalable or maintainable. Thanks, Bill & Prateek Bhatnagar v7.0.2