Hi Matt,
System privilege in IDM (PRIV:ECCCLNT100:ONLY) is already made visible from console(MMC) to appear in UI and in order to place provisioning, a master task is created for system privileges for all existing repository.So that whenever business roles are assign to user, master task execute itself for all required repository (decide on base of business roles assigned) and add system privilege (PRIV:ECCCLNT100:ONLY) for all concerned repository for provisioning to backend system.
Here my issue is that after deleting all business role and manually assigned privileges for an identity in IDM when i do save the task and then recheck for identity's BR and privileges assignment. I see some privileges are still there and it status shows inherited. I'm wondering that from where these privileges are being read, as their is no position based assignment to that identity.
Regards
Girish Almiya