Skip to Content

User group assignment issue via ARM in SAP GRC Access Control 10.1

We am required to have a new user workflow that assigns user groups input in GRC ARM to SU01 logon tab. The user groups are assigned in the groups tab in SU01 than assigning under "Logon data" tab in SU01 upon request completion.

Is it possible to assign user groups in SU01 logon data tab in the standard or a custom field need to be created in the ARM request to have the user groups assigned in the logon data tab? What would be the procedure.

The GRC version is 10.1 SP15.

Thanks,

Kashif

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

5 Answers

  • Best Answer
    Feb 15, 2017 at 06:00 AM

    Hi All,

    I found that the user groups tab in ARM request was provisioning to the user groups tab in SU01 as expected. The End User Personalization config in IMG had another user group field which was not visible. Once I enabled it, I could see user group under system details next to the system field. The provisioning went fine using this field which displayed the required user group in SU01 logon data tab.

    Thank you Rakesh and Plaban for responding to the question. Appreciate your help.

    Thanks,

    Kashif

    Add comment
    10|10000 characters needed characters exceeded

  • Feb 09, 2017 at 01:55 AM

    Hello Mohammed,

    Please Check these 2 Notes for your issue.

    1987981 - User Group not Passed to Logon Data in SU01 via web service

    1754687 - UAM: Unable to assign UserGroups to user using webservice

    Regards,

    Rakesh Ram M

    Add comment
    10|10000 characters needed characters exceeded

  • Feb 10, 2017 at 01:40 AM

    Hello Kashif,

    This note 1987981 has steps that can be performed to meet your requirement.

    The note 1754687 has detailed explanation.

    That's the reason why I mentioned both the notes.

    Regards,

    Rakesh Ram m

    Add comment
    10|10000 characters needed characters exceeded

    • To add to my previous comment.

      How do we maintain multiple systems in the same field as per the description in NOTE 1754687 instructions below?

      "Apply the correction instructions along with Pre implementation manual steps. Since the web service has no field to take the value of the System, it is expected to enter System in field UserGroupDesc. If the User group under Logon data in SU01 has to be assigned, then pass the data as LOGON-systemname. For example LOGON-GI7CLNT600. If the User Group under Group tab in SU01 has to be assigned to user then pass the system value in the field UserGroupDesc. For example GI7CLNT600"

      Thanks,

      Kashif

  • Feb 11, 2017 at 03:27 PM

    Hi,

    Could you try using user defaults.

    Regards

    Plaban

    Add comment
    10|10000 characters needed characters exceeded

  • Feb 15, 2017 at 02:06 AM

    Hello Mohammed,

    Can you try taking some help from ABAPer if someone is available around in your team?

    Regards,

    Rakesh Ram M

    Add comment
    10|10000 characters needed characters exceeded