Our use of dynamic roles has increased greatly but sometimes a role needs to be refreshed during the day. With our limited knowledge of security, it appears that only a user with the PeopleSoft Administrator role can run it. Does anyone know what security setup we would need to give user(s) to allow them to run the DYNROLE_PUBL from the role (dynamic members tab). The user that needs this already has security access to user profiles, roles and permission list but cannot run the DYNROLE_PUBL.
You need access to to the ROLESYNCHEXT_MSG Service, or if you're on 8.48 or lower peopletools the ROLESYNCH_MSG Service, and their similarly named service operations. This is achieved by adding them to a permission list, in the Web Services page. In our DMO env the PTPT1000 permission list gives access to these services. For running the DYNROLE_PUBL process you need access to the INALL processgroup ("Permission List -> Process" page).