Hi Prem,
Thanks for the reply.
Critical Actions risk will consider both actions and permissions right..
But in 5.3, the critical action risk considers only action defined in the functions r. Is there any change of the behaviour in 10.0.
We are on 10.1 sp09.. When i defined only action as sm30 and performed adhoc risk analysis with nly ocritical action-- the users were displayed. But when i have enabled permission
S_TABU_DIS actvt 01 or
S_TABU_DIS actvt 03 or
S_TABU_DIS dicbercls and
the adhoc risk analsis for Critical Action risk is not showing any users wth the corresponding Critical action risk.
Is there any missing configuration or any thing wrong in the OR AND of the rules generation, Please help.
Regards,
Ravi.