Approver groups can be defined externally or internally to CA Endevor SCM.
When the number of users that belong to an Endevor internal approver group grows over 16, or if you want to manage the group membership with your external security product, you will need to convert the group to an external approver group.
The External Security Interface must be already implemented in order to be able to make the change.
C1DEFLTS parameters: PKGSEC = ESI and APRVFLG=Y
All supported Endevor releases.
To convert an internal approver group into an external approver group you will have to :
1. Go to the Update Approver Group definition panel from the Endevor main panel:
4(Environment) -> 9(APPROVER GROUP); Fill the approver group name and environment and use the option U.
2. Delete all APPROVER IDs from the definition and make sure the quorum size is at least 1; when Endevor finds an approver group with no approvers inside, it will query the external security product (RACF/Top Secret/ACF2) for the definition. The name of the approver group in Endevor and the RACF group should be the same.
If the name of your internal approver group has no RACF match, you will have to define a new empty approver group with the corresponding environment relation, because the name of an approver group cannot be updated.