Hi All,

I have created MPR with set of requestors which gets triggered whenever manual-managed membership of a security group is changed. The MPR inturn has an authorization workflow configured. When a user who belongs to the set of requestors raises a request for group membership, the authorization workflow is triggered. But when a user who doesnot belong to that set raises a request, the user immediately becomes a member of the group without any authorization. If the requestor doesnot belong to set of requestors specified in the MPR he should not be able to raise the request. How can I acheive

Hello,

You want to deny all other users to request to be member of group?

You simply have to deactivate the following MPR:

• Distribution list Management: Users can add or remove any members of groups subject to owner approval
• Distribution list management: Users can add or remove any members of groups that don't require owner approval
• Security groups: Users can add and remove members to open groups
• Security group management: Users can add or remove any member of groups subject to owner approval

and check "Grants permission" on your MPR

Regards,

Hello,

I have already checked "Grant permissions" on my MPR. Is there a way to achieve without disabling the above mentioned MPR's. Because they are already enabled in production and this is a new integration to existing system.

Those MPRs are used in the production?

The big issue is that you cannot deny with MPR, the only way is to NOT given the right...