We create/maintain our roles in the backend systems directly and do not use BRM workflow to create/modify roles.
Once the roles are created, the roles are imported into BRM using 'Role Import' option. Once this is done the tables GRACROLE,
GRACROLEACT, GRACROLEPERM, GRACROLEPERMAUTH etc. are populated.
But when any role is modified, how can the changes be updated in these tables (example if a tcode is deleted from a role in the backend system, the tcode still appears in GRACROLEACT table)?
The repository sync job does not update the modified data into these tables.
Do we need to perform a role import each time a role change is done, so that the action and permission (tcode and auth) data is in sync?
I have gone through the below post, but there is no explanation.
I have also tried the 'Role Comparison' option, however this does not sync data properly (example - deleted tcodes in backend system still appear in GRACROLEACT table, however new tcodes added into role are being updated into this table).