Hello everyone,
when a system role is assigned to an identity, the groups assigned to it (of any target system, it's not important) is then assigned to the identity's account. The compliance rule check is also performed and eventually a SoD rule violation is detected.
I'd like to block the assignation of the groups assigned to the system role if a SoD rule violation is detected. How can I do this?
Thank you for your help,
Lucrezia
