I tried to implement note 1723097 - System measurement: Background job terminates (RSUVM0xx) at SAP GRC-AC system, SAP_BASIS 702 level 11, and it needs as pre-requisite the note 1885829 which is not released yet.
Thanks in advance for a brief solution.
Gabriel Aquino
Hi Experts,
we are facing the below issue while performing the risk analysis at role owner stage .
ERROR: No roll storage space of length 468 available for OCCURS area. area. (termination: RABAX_STATE)
Did any one face same issues..please advice.
Thanks
Girish Maganti
Hi Experts,
Can any one configure the notification event for Approver delegation. because my business requirement is notification mail will trigger to back up approver when delegation is activated.
Thanks in advance...
Thanks
Girish maganti
Hi Experts,
I am configuring SAP GRC10 EAM for my client. I am running into an issue where not all FFID log information is being captured. The only information that is currently showing in the Consolidated Log Report are the security transaction codes that have been accessed and security changes that have been made (adding/removing roles from a user master record). The Firefighter Log Summary Report shows that the ID was being used and logged in with (shows reason code and time of login). The Reason Code and Activity Report also shows that the ID was being used and logged in with (shows reason code and time of login). The Transaction Log and Session Details does show any information. This is only happening in our QA ECC environment (as it is capturing all relevant information in our development environment).
Please see below for system information:
rsau/max_diskspace/local - 100M
rsau/enable - 1
Would this be an issue on the GRC side or the ECC side? If on the ECC side, how would I be able to fix this issue? Any information would help! Thanks.
Paul
Hello all i hope you are well, i have already integrate LDAP with GRC 10 but when i search for a user it appears twice.
one from ECC and below LDAP Information, so my question is what do i have to do in order to display just one information.
It does´nt consolidate it should recognize the unique id accross all data sources.
I appreciate your help.
Thanks
Hello everyone,
Does anyone familiar with operational risk aggregation?
We implement Class that SAP provides for aggregation but we can't find a way to make it work and aggregation not working for us.
We read the WIKI about this issue but we can't find more info about this
I will appreciate any help
Thanks in advance
Rachel
Hi Dears,
I have an issue related to End User Unlock and Password Reset.
We maintained Data Source as SU01 in SPRO, So that User can able to access GRC Application through End User Login with ECC System login
Details for raise a request.
If user is locked or forget ECC system password, then user not able to access GRC Application through End User Login with ECC System login Details for Unlock or reset Password.
In this situation, how user can unlock or reset the Password for ECC System.
Could you please provide the solution to resolve the Issue.
Note:- No LDAP or Acitive Directory.
System Details :- GRC AC 10.0 , SP12.
Regards,
Karnatak.
Hi All,
I am trying to view FF ID reports. However, I could not get the complete reports.
I executed: NWBC->Reports and Analytics->EAM Reports->Consolidated Log Reports->Update FireFighter Log.
It says, it is update successfully.
I also executed ABAP program "GRC_SPM_LOG_SYNC_UPDATE" in GRC system for the desired connector.
When I click on NWBC->Reports and Analytics->EAM Reports->"FireFighter Log Summary Report",
I get the screen and FF ID used are displayed. However, when I click on "Session Details", reports are empty.
I believe I have to run some of the more jobs either on GRC system or back end, but not sure which one.
Can anyone advise?
Regards,
Faisal
Hi,
I am working on PC 10.0. I have created Business Rules for Security Controls. I have more than 10 business rules that I want to assign to one control. I a, getting error as "Max 10 Business Rules are allowed to be assigned". Is it possible to assign more than 10 BR to a automated control?
Thanks!!!
Abhishek
I'm using GRC 10.0 and trying to run a SOD simulation for a user, by trying to remove a role. However, I don't seem to be able to make it work
Does anyone have a step by step guideline on how to address this query?
Hi All,
I can't seem to get this to work. I'm trying to add 4 bespoke authorisation objects to the RuleSet. These objects relate to budget upload directly from MS Excel and are not associated with any transaction code.
Is that where the problem lies? Does GRC insist on associating these objects with a Permission Group (transaction) when creating the Function? I've tried adding a Z in to Permission Group and it accepts it but i can't get any violations back even after generating the RuleSet. Do these Functions need to be added in to Critical Action or Critical Permission Risks?
Can these never be part of the SOD result set? Can we only report on specific authorisation objects in terms of their sensitivity as opposed to their SOD impact?
Any help greatly appreciated. Is there a course i should attend? A colleague attended GRC 300 but this appeared to be more BASIS related.
Regards,
Colin
Hi All,
While downloading the SoD rule set (Global), I am not getting the data for Function-Action and Function-Permission, except these, rest of the data are coming.
But, I can get to see these data under tables: GRACFUNCACT and GRACFUNCPRM.
so obviously we can't have these data exported from table and to get converted into .txt format to upload SoD.
GRCFND_A is at SP14.
Please help in getting this issue resolved.
Thanks,
Ameet
Dear all,
i have changed a the field description "Accounting Number" into "Personnel Number" in a Web Dynpro.
(via SE80 -> Package GRAC_ACCESS_REQUEST -> Web Dynpro Application GRAC_OIF_REQUEST_SUBMISSION -> Tab "User details")
If I test to dipslay the Web Dynpr in German or Englisch, I have the same description in Englisch.
Does someone now, how to translate the field description.
Thanks!
Melanie
Hello
On SAP GRC AC10.1, program GRAC_PFCG_AUTHORIZATION_SYNC has been executed succesfully with plug-in connected to your DEV system but nown with plug in connected to your Quality system program return ABA DUMP
Category | ABAP Programming Error |
| Runtime Errors | DBSQL_DUPLICATE_KEY_ERROR |
| Except. | CX_SY_OPEN_SQL_DB |
| ABAP Program | CL_GRAC_AUTHORIZATION_REP=====CP |
Application Component GRC-AC
| Date and Time | 11.03.2014 10:02:24 |
Attached ST22 dump export
Support will be appreciate
Regards
Eric
Hi All,
I am configuring EAM for SAP ECC and SAP TM (Transportation Management) systems.
We are using ID based de-centralized configuration. We are on SP13
For ECC everything is working fine.
For TM everything is setup. User logged into Firefighter ID. SAP TM users access system by executing Tcode NWBC and then access links in the NWBC UI.
Here i am facing a issue.
When i execute Tcode NWBC from my UserID, it directly opens the NWBC screen and shows the role menu available for my UserID.
When i execute Tcode NWBC from FFID, it is opening the login screen for authentication. Since we are using ID based approach, all our FF IDs are service UserIDs and also FFID user exit has been maintained for those. Actually speaking when i run NWBC from FFID, it should take me directly to NWBC screen instead of login screen.
Please help with your expertise in understanding the cause for this issue.
If you need additional details also let me know
Thanks in advance.
Regards,
Sai.
There is some lack of clarity at my client on auto-provisioning new users into SAP systems with GRC 10. Here's what they want and I'm telling them they need SAP IdM.
The client will regularly have upwards of 500 new users on an on-going basis. These users are approved and created in Active Directory. The client believes that GRC 10 can now pick up these new users from Active Directory and then go ahead and provision them into ECC and CRM automatically, as soon as they're created, with no further approval required.
To the best of my knowledge, the easiest way to do this would be for IdM to do this, and have IdM trigger GRC for certain users, and to provision users who fall into this group of 500 users.
These users are different from regular users, who need to go through the approval workflows. Regular users will have managers and roles that need approval. These 500 or so users are approved to be created in the system and don't need to get caught up in the approval workflow.
Am I wrong in saying that IdM 7.2 is the best way to do this, or am I missing something about what GRC 10 can do?
Thanks for your help. I really appreciate it.
Hi Team,
EAM is configured for the FF IDs, and for the FF ID login notifications, the Parameter is set to Yes, and i checked the subject line of the Message class is "Firefighter ID Loging Notiification" maintained in the Deve system, but its maintained as "Firefighter ID Login Notification test" in Production,
It should be consistent across all the system, then how do i change for Production with the subject line of only "Firefighter ID login Notification"
for the email notifications?
Please suggest,
Sindhu
Hi All,
We are facing the issue with password self service on GRC 5.3.(530.700 SP19)
When user provides the username , password is being reset on two of the back end systems and not working on one of the systems.
Password reset is working for NON-PRD and failing for PRD.
Error : Unable to reset password in the following systems.
I have gone through few of the SCN links and searched the AE logs for error code,
Below is the error I could find in the logs,
ERROR PasswordResetDAO.java@703:resetPassword() : Password reset failed: Change not allowed(404).
This error is not found in the SAP note 1700230 - PSS: Unable to reset password in the following system(s): <system name>
The current configuration is using SAPHR as authentication system and user id as User authentication(end user verification not checked).
I am from Basis team and I could see that the connectors from CUP are working fine.
Could you please advise how could we fix this issue.
Let me know if I could provide more details.
Thanks in advance.
Regards,
Pradeep
Hi All,
One of my client is expecting to use GRC 10.1. Currently they have GRC 5.3 and want to upgrade to GRC 10.1
Can anybody give me benefits of both options - Upgrade vs Migration then it would be great ?
Thanks,
Aditi Shah
Hello Experts, I would like to get some information of how create a BRF Rule for Request Type (Change, New User, Terminate/Delete).
Could you please provide some information of how does it works, I have already create a rule and in an SAP Guide give some actions to create initiator rule. But I am stuck at this point so I would like a step by step to create a rule for NEW CHANGE AND TERMINATE USER.
Thanks a lot for your help.