cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

ERM Connector disabling

Former Member

on ‎02-15-2010 1:19 PM

0 Kudos

Hi GRC Experts,

I have one query for which I searched but couldn't find relevent solution.

Our client's requirement is-

The system landscape is defined in such a way that even GRC Prod ERM is connected to ECC Dev. They want roles to be generated in ECC Dev. But at the same time, during patch installation, they want to disable this connector so patch on ECC Dev and GRC Dev can be tested while GRC Prod can continue working on old patch.

What they are suggesting is -

Make connectors from GRC QA to ECC Dev & ECC QA

Make connectors from GRC Prod to ECC Prod, ECC QA and ECC Dev.

In normal days, Connector from GRC Prod to ECC QA will remain inactive/disabled and role creation will happen in ECC Dev.

During patch inplementation, this connector will be disabled and connector from GRC Prod to ECC QA will be activated and role modification will continue as ususal.

After testing, all systems will be patched and old configuration will be back.

My question is that is it possible to do it while roles are associated with connector IDs??

Will removing system from Landscape and adding another will affect adversly?

Are background jobs to be affected due to it?

Any other impacts?

Appreciate your responses.

Regards,

Sabita

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

Former Member
‎02-15-2010 6:40 PM
0 Kudos

Sabita,

There is no way you can deactivate or disable a connector in ERM. Let Alone ERM, you can not do this in any of the Access Control modules. You will have to delete all the data related to this particular connector (which will include role data, tcode,auth object, activity field data) from ERM and then delete the connector from ERM. This would be a major maintenance nightmare.

My suggestion would be to lock or disable the communication user ID in ECC Dev (the user id which you provide in connector definition) so this way you won't be able to send any information in Dev system.

Regards,

Alpesh

Show replies
Show replies
Former Member
‎02-16-2010 6:12 AM
0 Kudos

Hi Alpesh,

Thanks a lot for your early and conclusive response.

Let me know if we lock the user or give wrong passoerd or user id in connector(it is possible) the connector will not work any more. Later we can remove one system from landscape and add anotehr one( tested it).

Will there be any other impact ( like background jobs of tcode fields sync etc) or it will work fine for active systems?

If background job would go fine, then we can opt for this solution.

Regards,

Sabita

Former Member
‎02-16-2010 5:08 PM
0 Kudos

Hi Sabita,

If you lock or change the password for the communication user, the connector won't work so you won't be able to bring in or send anything from ERM to the SAP system and vice versa. I can confirm that. By doing this, you won't affect connectors or connections to any other SAP systems for which you have an active and unlocked communication user.

Regards,

Alpesh

Former Member
‎02-17-2010 8:21 AM
0 Kudos

Thanks a lot Alpesh, that is much helpful in finalizing our Landscape.

Regards,

Sabita

Ask a Question