on 05-31-2013 2:21 PM
Hello everyone,
I'm currently configuring EAM for GRC 10.0 on SP7
I've done the following:
1. Configured Integration Scenario 'SUPMG'.
2. Added 'SAP' connection type L_GRAC_AD_SUPER_USER_RFC and done Scenario-Conenction Type LInk for SUMPG.
3.The target RFC Connector is set.
4. The Role: SAP_GRAC_SPM_FFID is configured for paramter 4010.
5. FireFighther, FF Owner, FF Controler users have been created in the ERP System with the relevant roles as
follows:
Firefighter: userSAP_GRAC_SUPER_USER_MGMT_USER
Firefightercontroller : SAP_GRAC_SUPER_USER_MGMT_CNTLR
Firefighterowner: SAP_GRAC_SUPER_USER_MGMT_OWNER
And all have been assigned SAP_GRC_FN_BASE and SAP_GRC_FN_BUSINESS_USER
6. The FFID User in the backend is a type SERVICE user and has been assigned the role SAP_GRAC_SPM_FFID .
7. Owners and Controllers have been maintained in NWBC.
8. Synced everything several times: Auth/Rep/Role/Action
9. Assigned the FireFighterID to the FireFighter user.
10. Logged in using FireFighter user and executed GRAC_SPM. And here lies the problem: The screen is blank - as attached. No FFID or anything else appears.
Now what could I be doing wrong ?
I've gone through SAP's AC 10.0 Pre-ImplementationFrom Post-Installation to First Emergency Access and this thread as well as a Diego's useful doc here but I haven't been able to solve the problem.
Any help, as always would be highly appreciated.
Best regards,
Paul
Hi Paul,
Check security on the role you mentioned having assigned to the FF User:
SAP_GRAC_SUPER_USER_MGMT_USER
There are certain authorizations that need to be there for the FFIDs to show up on the dashboard (GRFN_CONN & GRAC_USER). I recall having to look into this at one point, although I do not remember if it had to do with standard role.
You could do a quick test on security by assigning your FF User SAP_ALL and/or the GRC ALL roles to eliminate or validate an authorization issue.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Nathan,
Yes you were correct it turned out to be an authorisation issue to do with one of the auth objects and the correct value. I assigned SAP_ALL and found out that the launchpad was visible, therefore indicating that it had to be an auth issue so did further investigation from there and rectified it.
Cheer mate and thanks to everyone for responding to this.
PS: Diego, yes you were right too....your message seemed to have got tangled up between all the other messages but you did beat Nathan to it but for some reason I only saw Nathan's message? So thanks to you too
Paul
Hi Paul
Please Upgrade to SP level to 12 there you can find GRAC_EAM and also can find additional menus under the SPRO >> ACCESS CONTROL >> SYNCRONIZATION JOBS.
Thanks
Navakanth
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Have you completed Plug-in configuration steps, specially Application type and FFID role for firefighter? Also, check if your assignment has validity set is it is expired.
Regards,
Sabita
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Salman,
Thanks for your response.
That pathway you've mentioned: Access Management -> Emergency Access Management -> Owners -> Assign .......... does not exist in my setup.
There is no Emergency Acces Management under the Access Management tab in NWBC !
However Owners do exist and have been assigned as mentioned in the first post via Setup>Superuser Assignment > Owners....so an owner is assigned to the FF ID.
Thanks
Hi Paul,
I'm using role SAP_GRC_NWBC and that allows me to view Access Management -> Emergency Access Management -> Owners -> Assign.
However, I created Firefighter ID's in backend (ECC system) and Owners/Controllers in GRC box.
Then,
1. Assigned Owners to Firefighter id's
2. Assigned Firefighter id to Firefighter user id
3. Logged into GRC box and executed GRAC_SPM or GRAC_EAM and fighter id exist.
Not sure, if this help you.
Regards,
Salman
Paul,
Yes, what Salman says seems to be correct.
I have noticed in your very first post that you have created all the ids: FireFighter, FireFighter ID, Controller and Owner in ERP system. Rather, as suggested by Salman. you need to create FireFighter ID ONLY in ERP (back end system) and rest of the users need to be created in GRC box.
Please check this.
Faisal
Hi Paul,
As you said "
2. Yes and the user who will do the firefighting (i.e Firefighter) has been assigned the SAP_GRAC_SPM_FFID which is also set in parameter is 4010. "
Where is this user ID created? If Firefighter is centralized, this user(end user to use Firefighter ID) should be existing in GRC and this role will not be available in GRC box.
Check your Users assignment. As Salman said, Only FFID should be in backend, other users should be in GRC box.
Check the parameter of centralize firefighter which system it is pointing and ask user to login to that system.
Regards,
Sabita
User | Count |
---|---|
13 | |
2 | |
2 | |
1 | |
1 | |
1 | |
1 | |
1 | |
1 | |
1 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.