Hi all,

Editor is editor, approver is approver, but, when approver approves the creation of new gpo, he is automatically the owner of the same policy. That means he or she can create, edit and deploy any policy without the help of editor. I am trying to implement 4 eyes principal, that approver can read, approve and deploy but cannot edit. How to achieve this with AGPM? Anyone?

Thanx!