|Applies To||RSA Product Set: Identity Management and Governance (IMG), Via Lifecycle & Governance (L&G)|
Product Description: Business Role Manager
|Issue||Due to business decision or project requirement it might be required that the ability to add a user as member of the role using the role Management should not be available. In those cases, the button "add members" under the role details on the members tab should be disabled or removed to prevent it from being used.|
|Resolution||There is currently no directly setting that will disable the capability for role owners to add members to the roles.|
But this can be workarounded by setting deny Users as members under the role set policy.
To change the RoleSet Policy go to Roles->Role Sets -> click on the Role Set name ->click Edit button ->next to go to the policy page
The following is a print-screen sample of the Policy page being set to Deny Users as Members:
After making this change make sure to Apply changes to commit this modification to the role that are part of this role set.
Note that after this changes are committed roles that as part of this role set will no longer display the add members button but users using forms can still be added as members to roles using Access Request Forms.