000032670 - How to disable the RSA Via Lifecycle and Governance (L&G) Reassign functionality for violations generated from Rule Definition Process

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 5Show Document
  • View in full screen mode

Article Content

Article Number000032670
Applies ToRSA Product Set: Identity Management and Governance
RSA Product/Service Type: Appliance
RSA Version/Condition: 6.9.1
IssueThis article provides information on how to disable the Reassign functionality for Remediator and Approver for a Rule Definition when the customer is using out-of-box Exceptional User Access or default Remediator workflow templates.
ResolutionTo disable the Reassign button as shown in the screenshot below for multiple violations where multiple Rememdiators are assigned, review the following steps.
User-added image
1. In tge UI, select Users > Privileges.  If the Privileges tab is not enabled or you do not see it, you can enable this from Admin > User Interface > Edit.  Scroll down the page and find the Other Features section and set the User Privileges Tab option to On.
2. On the Privileges tab check the privileges listed below to see if they are added or not. If added, the button will show the option to Remove.
      a.  System Administrator.
      b.  Rule Administrator.
      c.  Rule Manage All.
      d.  System Manage All.
      e.  System Admin.
      f.  Rule Admin.
If the end user has any of the above privileges, remove them by clicking on the Remove button next to Privilege and click Apply Changes. This will disable the Reassign button for taking Bulk Reassign action on open violations based on Rule Definition. A Rememdiator and Approver should not have the above privileges to begin with; however, during testing and implementation usually these privileges are enabled for ease of use, which is a practice we recommend against since it doesn't provide accurate testing results.
3. Check to see if the Remediator or Approver is the rule owner, as shown below. The owner of the rule can use the Bulk Reassign function for the rules that only they own. Make sure the Remediator or Approver is not the owner of the rule.
User-added image
4. To disable the Reassign function at the workflow level, do the following:
      a.  Open the workflow with the Remediation node.
      b.  Double click on the Rule Remediation node so the Activity Properties Window open.
      c.  In the Activity Properties window go to the From tab as shown in the screenshot.
      d.  Uncheck the box in front of the Allow Reassign as shown in the screenshot. 
      e.  Click OK to save the changes in the node. 
      f.  If there is a Secondary Remediation node, repeat steps b through e and save the changes to the node by clicking the OK button.
User-added image