cancel
Showing results for 
Search instead for 
Did you mean: 

maintaining actions directly in BRM AC10.0

Former Member
0 Kudos

Hello Experts,

Every time we are maintaining roles in AC BRM 10.0 and want to add / remove single transactions we are forces to move and work in the backend ECC system via transaction PFCG. We are only able to add functions directly in BRM.

Is there a way to maintain a role by adding / removing single transactions in it directly in BRM without moving to ECC PFCG?

Kind Regards,

Shira

Accepted Solutions (0)

Answers (3)

Answers (3)

0 Kudos

Hello,

FYI, following note confirms that it is not possible to maintain backend roles directly in BRM.

On my side, I think it would be interesting to have this opportunity.

1906577 - Why can't we add any actions and permissions to the role from role maintenance screen in B...

Julien

Former Member
0 Kudos

Hi Experts,

I am also facing the similar issue, any fate on the solution, as while creating a role from BRM and clicking on Add/Maintain Authorization it takes you to Backend system PFCG screen where you can add transaction code, generate role, assign users.

I am not able to understand what is the meaning of Risk Analysis, Role approval, and Deriving role in BRM post role creation, when it is already created in Backend system with users assigned.

Please let me know if anybody was able to fix this issue or got some solution from SAP.

Thanking you in advance.

Thanks & REgards,

Jatin Oja

Former Member
0 Kudos

Hi

> I am not able to understand what is the meaning of Risk Analysis, Role approval, and Deriving role in BRM post role creation, when it is already created in Backend system with users assigned.

The point is that you should connect BRM to your dev system. Roles are created or modified in DEV (note that profiles are not getting generated!). Once the approval is done you generate the profile and transport the role to QA and PRD system. I guess this is the way that SAP thought BRM.

At first I was also looking for a way to leave my roles untouched until the whole process is completed, but I think this functionality is difficult to develop. I have to tell you that I agree with SAP this time. Maintaining the role using the web interface of ERM 5.3 is really a headache

Cheers,

Diego

Former Member
0 Kudos

Hello Shira,

Even i observed the same thing.

Every time we have to create a role it will ask for Login Id/pwwsd for backend system and there we login in PFCG transaction.. add transactions, objects etc and assign users and save and then return to the NWBC screen of GRC AC 10.

Here the purpose of BRM fails(No roles created w/o approval) , as only defining the test role creates a role in backend system. Infact this should not happen and the role should be created only after "Generate Role" in the given Methodology ...

There is also no option to add "Actions" /"permission" of MAINTAIN AUTHORIZATION Tab.This seems to be very surprising.

Regards,

Victor

Former Member
0 Kudos

HI Shira,

In GRC AC 10.0 when you click on create role/maintain role, system will take you the backend system only.

I raised the same thing to SAP but not able to find anyway like in 5.3 maintaining roles in GRC and reflecting in backend. In GRC 10 things are other way around. Maintain in backend system and will be reflected in fron end GRC system.

Regards

Rajan Arora

Former Member
0 Kudos

Hi,

When I first used the ERM (5.3) my first thought was: why SAP create a new web interface to mantain roles? PFCG works perfectly and, if at the end the role is changed in the back-end before approval, I prefer to use my old PFCG .

I would like to change opinions about pros and cons: PFCG vs. ERM web interface

Cheers,

Diego.