on 10-12-2016 9:11 AM
Dear Gurus,
I just installed SAP GRC 10.1 for Access Control only, mainly to check risk analysis (SoD review) on SAP ECC 6.0. I installed the SAP Access Control on SAP Netweaver 7.4 SP 8 with GRCFND_A on version 1100 SP Level 13. The SAP ECC System has two clients: ERP and HR, therefore I installed GRC Plugin: GRCPINW on version V1100_700 SP Level 14 and GRCPIERP on version V1100_700 SP Level 13.
On the NWBC, I want to perform Access Risk Analysis on Access Management -> Role Level, however the result is empty. I was able to check the roles under F4 search. I also checked entries for GRACRLCONN (roles) and GRACACTRULE (action rules), both tables are filled with roles from SAP ECC (GRACRLCONN) and action rules (GRACACTRULE)
I already performed these steps:
SAP Access Control 10.1 Installation Guide
-Activate Application on Client
Activate GRC-AC only
-Activate SAP Service
Activate all service under /sap/public,/sap/bc/sap/grc
-Configuring SAP Netweaver Gateway
-Maintaining Plug-in Setting.
I Installed the plugin on the SAP ECC, maintain its user exit for plug-in system and plug-in condiguration settings
-Activate BC Sets
I Activated BC sets for SAP Access Control only. I activated using TCode SCPR20, however I'm not really sure that all BC Sets I activated was using expert mode. DO I have to reactivate again? If I check on table SCPRACTP, all BC sets for SAP Access Control have been activated
AC 10.0 Post Installation
-Create User in SAP Access Control system, with roles SAP_GRAC*,SAP_GRC*
-Create Connector for both ERP and HR client
-Maintain COnnector and Connection Types
I maintained connector for both ERP and HR client and mapped it into Connector Group (SAP_BAS_LG,SAP_HR_LG,SAP_NHR_LG,SAP_R3_LG)
-Maintain Connector Setting
AC 10.1 Pre-Implementation From Post-Installation to First Risk Analysis
-Maintain Configuration Parameter
-Maintain Connection Setting
-Generate Rules
-Run Job GRAC_PFCG_AUTHORIZATION_SYNC and GRAC_OBJECT_REPOSITORY_SYNC
After these step, I check the Role Search on NWBC and the result was empty.
I also perform configuration on these items as well:
-Maintain Mapping for Actions and Connector Groups
-Maintain Plug-in Setting
-Execute Batch Risk Analysis
Any feedback will be greatly appreciated.
Thanks,
Kris
------
This questions has been posted on scn before migration, since the post on scn can not be edited again and the issue hasn't solved yet, I post again here.
-----
Hi Alessandro,
The result table is just empty. There is no message "no rules selected" or "no violations found".
But after I add the access control owner on NWBC -> Setup -> Access Owners -> Access Control Owners, I was able to show the result.
Thanks,
Kris
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello,
Would be great if you can attached result screen and the steps you performing?
regards,
Prasant
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello Kris,
Is the risk analysis result completely empty ?
Or there is one of the two mentioned message appears as mentioned my Alessandro?
Kind regards,
Yashasvi
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Kris,
how does the result look like? Does it say "No rules selected" or "No Violations found"?
Thanks, Alessandro
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
16 | |
3 | |
2 | |
1 | |
1 | |
1 | |
1 | |
1 | |
1 | |
1 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.