Skip to Content
author's profile photo Former Member
Former Member

GRC AC Leaver Process (rollback)

Dear Experts,

We have the following requirement: To set up a User Leaver process where if a user is set up as leaver then the following actions are automated:

- Block the user

- Expire the user

- Remove all roles and profiles

- Change the user group to a specific user group

For that we are using the User Defaults BRF+ and I have created a Function Module "ZLEAVER" which include all the ABAP code in order to automate the actions mentioned above. So whenever there is a leaver access request the following BAPI's are used:

- Block the user --> BAPI_USER_LOCK

- Expire the user --> BAPI_USER_CHANGE

- Remove all roles and profiles -- BAPI_USER_PROFILES_DELETE and BAPI_USER_ACTGROUPS_DELETE

- Change the user group to a specific user group --> BAPI_USER_CHANGE

All the BAPI's are working well except the "BAPI_USER_CHANGE" which is not changing the values - Valid to and User Group - into the target system accordingly. My question is why?

We have been investigating a little bit and seems like the user - which is performing the changes into the target system - it is UNDOING the changes for some reason. In the image below you can see how the system is doing the changes and also un-doing.

Analyzing the BAPI_USER_CHANGE have notice that there are some ROLLBACK work but not sure why they are activated.

Kind regards and thank you,

Sara.

LEAVER_Undo.JPG (48.2 kB)
Add a comment
10|10000 characters needed characters exceeded

Assigned Tags

Related questions

2 Answers

  • Posted on Jul 26, 2016 at 10:47 AM

    Hi Sara,

    Try to commit work after calling the BAPI.

    Regards,

    Juan

    Add a comment
    10|10000 characters needed characters exceeded

  • author's profile photo Former Member
    Former Member
    Posted on Jul 28, 2016 at 07:19 AM

    hello,

    read the answer in this post:

    Add a comment
    10|10000 characters needed characters exceeded

Before answering

You should only submit an answer when you are proposing a solution to the poster's problem. If you want the poster to clarify the question or provide more information, please leave a comment instead, requesting additional details. When answering, please include specifics, such as step-by-step instructions, context for the solution, and links to useful resources. Also, please make sure that you answer complies with our Rules of Engagement.
You must be Logged in to submit an answer.

Up to 10 attachments (including images) can be used with a maximum of 1.0 MB each and 10.5 MB total.