Skip to Content
Former Member
Sep 28, 2016 at 10:00 AM

No Roles Exists in Access Risk Analysis


Dear Gurus,

I just installed SAP GRC 10.1 for Access Control only, mainly to check risk analysis (SoD review) on SAP ECC 6.0. I installed the SAP Access Control on SAP Netweaver 7.4 SP 8 with GRCFND_A on version 1100 SP Level 13. The SAP ECC System has two clients: ERP and HR, therefore I installed GRC Plugin: GRCPINW on version V1100_700 SP Level 14 and GRCPIERP on version V1100_700 SP Level 13.

On the NWBC, I want to perform Access Risk Analysis on Access Management -> Role Level, however the result is empty. Then I check on Access Management -> Role Maintenance -> Role Search, there is no roles showed on the result.

I already performed these steps:

SAP Access Control 10.1 Installation Guide

-Activate Application on Client

Activate GRC-AC only

-Activate SAP Service

Activate all service under /sap/public,/sap/bc/sap/grc

-Configuring SAP Netweaver Gateway

-Maintaining Plug-in Setting.

I Installed the plugin on the SAP ECC, maintain its user exit for plug-in system and plug-in condiguration settings

-Activate BC Sets

I Activated BC sets for SAP Access Control only. I activated using TCode SCPR20, however I'm not really sure that all BC Sets I activated was using expert mode. DO I have to reactivate again? If I check on table SCPRACTP, all BC sets for SAP Access Control have been activated

AC 10.0 Post Installation

-Create User in SAP Access Control system, with roles SAP_GRAC*,SAP_GRC*

-Create Connector for both ERP and HR client

-Maintain COnnector and Connection Types

I maintained connector for both ERP and HR client and mapped it into Connector Group (SAP_BAS_LG,SAP_HR_LG,SAP_NHR_LG,SAP_R3_LG)

-Maintain Connector Setting

AC 10.1 Pre-Implementation From Post-Installation to First Risk Analysis

-Maintain Configuration Parameter

-Maintain Connection Setting

-Generate Rules


After these step, I check the Role Search on NWBC and the result was empty.

I also perform configuration on these items as well:

-Maintain Mapping for Actions and Connector Groups

-Maintain Plug-in Setting

-Execute Batch Risk Analysis

Any feedback will be greatly appreciated.