Hi Ken,

after further analysis I was able to re-solve - at least - my issue with the duplicated records.

we found a SAP bug in the coding of the provisioning engine, which was implemented with SAP Note 2140254. Maybe this is the cause of your similar problem.

The request line-item which get duplicated with the following statement in class CL_GRAC_PROVISIONING_ENGINE in method PROVISION

....

...

*****************************************************************************************************************

**For CUA -COMPOSITE ROLE the itemtype is CUA

*****************************************************************************************************************

data:lt_reqline_item_temp TYPE GRAC_T_API_REQLINEITEM,

     ls_reqline_item_temp TYPE GRAC_S_API_REQLINEITEM.

lt_reqline_item_temp[] = ls_access_request-reqlineitm[].

LOOP AT lt_reqline_item_temp into ls_reqline_item_temp.

     IF ls_reqline_item_temp-prov_item_type = grac0_role_type-CUA.

        ls_reqline_item_temp-prov_item_type = grac0_role_profile_type-role.

     ENDIF.

                                      1

APPEND ls_reqline_item_temp TO ls_access_request-reqlineitm.

CLEAR:ls_reqline_item_temp.

ENDLOOP.

During processing and without using CUA the line items of the requests get simply duplicated.

(>>> Append statement)

Consequently the provisioning action is performed 2 times, as shown in the SLG1 log.

With Change/create request this doesn't has much impact, but for delete requests you get a provisioning failure as the "second" processing of the line item to delete the user will tell you that the user does not exist anymore, which is correct as the user was already deleted with the first line item....

regards

Johannes

Hi Ken,

is this issue solved meanwhile ?

We are on GRC10.1 SP10 and it seems like a similar problem:

When deleting an user ID, (request type "DELETE ACCOUNT")  the workflow is processed two times.

I can see this occurrence in the provisioning log and also with SLG1 log.

This user gets deleted properly, but then - for some reason-  the workflow is processed again and the user - in that case - can not be deleted anymore.

Therefore I receive a error message from the plugin system ("User does not exist") and the workflow remains with status "pending".

I tried also with Request type "CHANGE ACCOUNT": also here the workflow is processed 2 times, but due to the fact that changing a  user 2 times does not trigger an error message the workflow will get closed.

But also here I can see 2 provisioning log entries...

I was wondering if this could be a BRF+ related configuration error, because in SAP Portal there is no OSS dealing with this issue so far..

But maybe this is really a bug, which should be raised via OSS.

Any feedback on this topic highly appreciated..

regards

Johannes

Hi Ken,

i have not faced this scenario. But, is your workflow sent to all approvers, so that each approves, and therefore the log

Regards

Plaban