cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Issue in GRC EAM 10.0 Firefighter user not able to view Logon tab

Go to solution
Former Member

on ‎12-19-2014 2:25 PM

0 Kudos

Hi All,

We have configured GRC 10.0 EAM centralized Fire-fighter. When end user logons into GRC system and execute Tcode GRAC_SPM then user not able to view logon tab in GRC system. Please mention the authorizations and Roles required for Firefighter User in source and target system.

Thanks& Regards,

Shivani

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

former_member659378
Explorer
‎12-20-2014 3:08 PM
0 Kudos

Hi Shivani,

Please check RFC user authorization (run ST01 in ECC system).

Kind regards,

Karolina

Show replies
Show replies
former_member185447
Active Contributor
‎12-20-2014 4:04 PM
0 Kudos

Just check if it is a Service user or a System user is selected by mistake Shivani

Regards

Deepak M

Former Member
‎12-20-2014 5:40 PM
0 Kudos

Hi Deepak,

I have checked FFID and its Service user as mentioned but i reset the password for user and it worked for me.I was able to access FFID but when i execute FF ID then it takes me to new session but at backend it throwing Runtime error as below.

Also for Firefighter user tabs like additional information and message to firefighter is still disabled.

former_member185447
Active Contributor
‎12-21-2014 12:11 PM
0 Kudos

Hello Shivani,

Please check if this note helps you.


1800347 - Short Dump on FF Login

Regards,

Deepak M

Former Member
‎12-22-2014 10:56 AM
0 Kudos

Thanks a lot Deepak!

This note resolved the issue.

Thanks to all for your assistance on this!

Regards,

Shivani

Answers (3)

Answers (3)

Former Member
‎12-20-2014 2:03 PM
0 Kudos

Hi Colleen,

I have done all the settings in NWBC ie.

1)Maintained Owners and controllers

2)Assign Owner to Firefighter ID

3)Assign Firefighter ID to firefighter and Controller

I also made a quick check by assigning SAP_ALL to firefighter and it worked for me. It is authorization issue if anybody can specify if any additional authorization objects required for firefighter other than super user role OR for Firefighter ID ?

Show replies
Show replies
Colleen
Advisor
Advisor
‎12-20-2014 2:31 PM
0 Kudos

Run an st01 trace and you will get your answer

Former Member
‎12-20-2014 2:54 PM
0 Kudos

Thanks Colleen i have performed SU53 and trace on user and added missing authorization objects to super user role.Now Firefighter ID and logon tab are displayed but once i click on logon tab and enter reason code and click enter it gives below error

You have not password,you cannot log on using password.

Please suggest..

I have maintained FFID as Service in ECC system and Firefighter user type as Dialog in GRC system.

Former Member
‎12-20-2014 11:51 AM
0 Kudos

Hi Keroline/Deepak,

Thanks for your response!


I have assigned below roles to Firefighter (End user) in GRC system along with Z_SAP_GRAC_SUPER_USER_MGMT_USE,

Z_SAP_GRAC_NWBC,

Z_SAP_GRC_FN_BASE

Z_SAP_GRC_FN_BUSINESS_USER

which includes transaction code GRAC_SPM and S_RFC all access and maintained Parameter value 4010 same as Z_SAP_GRAC_SPM_FFID both in GRC and target system and same role has been assigned to Firefighter ID in target ECC system.We also ran all sync jobs after creating users.

But once end user logins into GRC system and execute GRAC_SPM no Firefighter ID or Logon tab is displayed to the user.

Please suggest..

Show replies
Show replies
Colleen
Advisor
Advisor
‎12-20-2014 12:45 PM
0 Kudos

Hi Shivani

This might be a silly question... have you checked the NWBC setup for Owners, Controllers, Firefighters and Reason Codes?

Regards

Colleen

former_member659378
Explorer
‎12-19-2014 10:21 PM
0 Kudos

Hi Shivani,

Maybe this is authorization issue. Firefighter user in GRC system should have assigned dedicated EAM firefighter for centralized firefighting role with GRAC_SPM transaction. In target system FF ID should have assigned role with S_RFC object (The name of this role MUST be the same configured in the parameter 4010 in the GRC ). Additionally RFC user with dedicated role should be created in target system and assigned in GRC system to connector (in SM59 transaction) to allow GRC system to communicate with target system.

Maybe following  document will be useful:

Kind regards,

Karolina

Show replies
Show replies
former_member185447
Active Contributor
‎12-20-2014 1:15 AM
0 Kudos

Hello Shivani,

This is the standard role provided by SAP and maintained in the parameter 4010

SAP_GRAC_SPM_FFID

Please check whether this role is maintained in 4010 parameter and also assigned to the FFID or not.

Copy it into a Z_* Role and assign it.

This will solve your issue.

regards

deepak

Ask a Question