cancel
Showing results for 
Search instead for 
Did you mean: 

Connect GRC to IdM for Risk analysis

Former Member
0 Kudos

Hi again,

I am currently connecting GRC Access Control CUP/RAR with IdM in the "new scenario" as centralized provisioning (IdM does all the provisioning, GRC the risk analysis).

I use SAP NetWeaver® Identity Management Compliant provisioning using SAP BusinessObjects Access Control

Configuration guide as guideline.

I successfully connected the systems and configured the VDS. Initial Load worked fine.

I now can assign a role to a user and the event triggers the AC Validation task. The task (group) executes succesfully and creates a new approval object in GRC CUP.

BUT (and here is my problem):

The Job Submit AC Request throws the following error (which I can't identify to solve):

putNextEntry failed storingcn=xyz,ou=submitrequest,o=grc

Exception from Add operation:javax.naming.NamingException: [LDAP: error code 1 - (GRC Submit Request:1:[msgcode=000;msgdescription=Request Created;msgtype=SUCCESS;requestno=6, Operation succesfully executed - but could not create context variable in IDM])]; remaining name 'cn=xyz,ou=submitrequest,o=grc'

So the VDS tries to create a context variable; which one and what do I have to configure to get this done? Is this a permission problem or configuration? Do I have to preset the varible (which one ever that is).

Thanks in advance for help!

Best regards

Matthias

Accepted Solutions (0)

Answers (2)

Answers (2)

Former Member
0 Kudos

Problem solved: one should use mxmc_rt - User in connnection string from VDS to IdM, NOT mxmc_admin, since the admin has not sufficient access/authority.

former_member366047
Contributor
0 Kudos

Matthias,

This issue seems to be isolated to the NW IdM VDS. Please post this in the NW IdM forum:

Thanks!

Ankur

SAP GRC RIG

Former Member
0 Kudos

Hi Ankur,

as long as this is really (only) a problem between IdM and VDS, I agree with you.

I opened a new thread:

Thanks for the advice.

Matthias