on 09-14-2010 4:12 PM
Hi..
I've loaded the same Risks, Rules, etc, into 2 GRC RAR environments (Sandbox and Quality systems); both of them are connected with the same SAP ECC system. But when I do a User Risk analysis (authorization level), the result from Sandbox is different from Quality system. I donu2019t have users or roles mitigated yet, users are synchronized, rules are exactly the same and I donu2019t know what happen??... Please, help me.
Thanks...
I've to delete all rules in both systems with RAR Delete Mgmt Utility (verified in Database tables with 0 rows), I uploaded same risk and generated the rules again, and finally, I got exactly the same rules number in both systems. Buuuut, Risk Analisys to same user or role show still different results, I had to create a SAP Support Message =(
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi...
If I do a Full Sync of users to the same ECC system from both RAR boxes, I got different number of users loaded (i.e. 18757 vs. 18141), similar case with the full sync of roles. (13100 vs. 13150).
If I load exactly the same set of functions to both RAR systems and I generate the rules, I got the same problem, different number of rules is generated.
I've verified both RAR configuration and they are the same (excluded users, roles mitigated, etc.)
Is it a normal behavior? What could be wrong?
Thanks in advance!!
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi,
Is the config the same? Do you exclude critical role/profiles for any of the systems?
Try to do the analysis at role level first and check for differences. When it is ok, then perform the analysis on user level.
regards,
vit
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi,
So when you go to rule architect, do you see same number of functions, rules etc? Also, when you go to risk analysis -> and search for user or role, do you see same number of users and roles in both the systems? If the answer to both these questions is 'Yes' then make sure that you have uploaded the auth object files into both the systems and both systems are on same SP level.
Regards,
Alpesh
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.