cancel
Showing results for 
Search instead for 
Did you mean: 

Provisoning of GRC roles using CUP

Former Member
0 Kudos

Hi Experts,

I am wondering if I am doing something wrong here, but I want to prvison GRC roles as well using GRC. The UME for GRC is pointed to the LDAP. so the connector for the protal has the user data source set as USER.CORP_LDAP.

There is a 3 system landscape architecture and the problem is that GRC is able to provison roles only in the local environment. Like in GRC development the roles get provsoned to the portal of the GRC dev.

If I provison for the other environments, the request gets approved and processed, but the request does not get provisoned.

Is there anything I am missing on this one?

regards,

Chinmaya

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
0 Kudos

Hi Chinmaya,

Does the admin user has enough access in other systems? Is the URL for the system correct? Can the same QA or prod system provision to QA/Prod respectively?

Regards,

Alpesh

Former Member
0 Kudos

Hi Alpesh,

What would you mean by the "admin" user? Is it the connector user id? If so yes, it does have enough authorizations.

QA and production can provison to QA and production respectively, but not across the landscape.

Regards,

Chinmaya

koehntopp
Product and Topic Expert
Product and Topic Expert
0 Kudos

Have you checked if there are connection issues, i.e. Firewall rules prohibiting that?

Have a look at the CUP system log. What is the error message/Java exception?

Frank.

Former Member
0 Kudos

HI Frank,

In the error message I get an exception

ERROR Ignorning exception in search by uniqueldapkey, searching by dn

com.sun.jndi.ldap.LdapReferralException: Continuation Reference; remaining name ''

I dont know why it is going for a dn.

Also the audit trail of those requests dont say anything about a porvisoning, like usually uf ut failes it might say porvisoning failed for some reason, but looking at the audit trail i get a feeling that it didnt even try to provison..

regards,

Chinmaya

koehntopp
Product and Topic Expert
Product and Topic Expert
0 Kudos

No, that looks like a different issue.

If you don't see any logs trying to provision then there's probably something wrong in your configuration.

Switch to log level DEBUG and try again, maybe there's more then.

Frank.

Former Member
0 Kudos

Even in the debug mode, there is nothing that suggests any errors... I guess this will be like finding a needle in a haystack for me right now....

Regards,

Chinmaya

Answers (0)