Hi Team, We are trying to remove user permission from MSSQL source user access review campaign and after the source owner/reviewer revoke any permission and sign off user access/permission is getting removed as we have elevated the service account permission to remove the user access/permission from the MSSQL database server instance. But before the source owner tried to revoke the user access/permission and sign off the campaign due to some reason user access/permission got removed from the MSSQL database server instance. After this source owner tried to revoke the user access/permission and sign off the campaign we are getting error “Unable to provision remove database role- db_datareader@ENT_DSS_DW Reason: Database user does not exist for role provisioning.” In provisioning activity tab but when we tried to check campaign status and campaign remediation report this is not captured. Could you please suggest why this error notification is not captured in campaign status and campaign remediation report?
My expectation is when the access/entitlement gets deleted not due to the campaign but when the same access/entitlement is going to be deleted which is included in the campaign as part of user access removal process through campaign the system should capture the failure of revoke of the access/entitlement in the campaign status and campaign remediation reports. The system is throwing “Unable to provision remove database role- db_datareader@ENT_DSS_DW Reason: Database user does not exist for role provisioning.” Which is shown in “Activities” tab but not captured in campaign status and campaign remediation report.
Thanks
Kalyan