Skip to Content

Limitations of GRC provisioning framework


I was surprised going through the limitations of GRC provisioning framework.

(1) Obtaining information about managed systems and roles has to be done regularly – there is no automatic process for this.

Below are the tasks which I have ran initially.Should I keep running these tasks at certain intervals to ensure that any new managed system/new roles are propagated into IdM ?

AC 10.0 – Initial Load – Commons

AC 10.0 – Initial Load – Centralized provisioning

(2) The framework does not support the enhanced 7.2 approval mechanism introduced with SAP NetWeaver Identity Management 7.2 SP4, i.e. the framework is implemented using the approval functionality prior to this enhancement. Enabling the 7.2 approval mechanism, you will experience issues with role assignments.

I think this is a big drawback. I had gone through the new features in SP4 and would love to use the new Approval Mechanism. Since I am using GRC Provisioning framework, I will have to turn off the new Approval Mechanism.Can someone clarify, if I can still continue to forward requests to Manager/Role Owner in IdM using the approval mechanism prior to SP4.



Add comment
10|10000 characters needed characters exceeded

  • Follow
  • Get RSS Feed

1 Answer