on 07-11-2011 5:33 PM
Hi Guys,
I'm configuring SPM in GRC10.0 SP4 and cannot seem to get the SPM FFID's to be recognised in the NWBC. It finds the appropriate user IDs when trying to assign them as Firefighters but just not when trying to make them into Firefighter IDs, Owners or controllers.
Does this rely on having a flag on the user record, an organisational hierarchy setup or some kind of sync job executed to send the users across to the frontend.
Cheers, Simon
As an update, I have now syncronised the data using the report GRAC_REPOSITORY_OBJECT_SYNC as directed in the Pre-implementation guide.
I'm not able to see the relevant configuration area in the NWBC for GRC Role Assignment. The documentation suggests that it's under Access Management but I can't see it on the menu options.
I have SAP_GRAC_ALL and SAP_ALL assigned to my user but is there a specific authorisation which I need to access for this function?
Cheers, Simon
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Before performing step you need to create these user in SAP backend with following roles:
Firefighter user FF user role- SAPGRAC_SUPER_USER_MGMT_USER
Firefighter controller (FF_Controlle) Role --SAP_GRAC_SUPER_USER_MGMT_CNTLR
Firefighter owner (FF_Owner ) Role : SAP_GRAC_SUPER_USER_MGMT_OWNER
Thanks & Regards
Asheesh
Hi Ashish,
I've done that with the users to role assignment and re-run the Repository Sync job. Looking at the documentation, there should be an additional application area in the NWBC for Maintain "GRC Role Assignments" to identify the Owners to the USER IDs. I cannot see that!
When I try to look up the Owners or Firefighter IDs I cannot find any of the users in the source systems. When trying to Assign Firefighters, I can see all of the system users so there is clearly some sort of flag which identifies the system users as being Owners or Firefighter IDs which I have missed.
I am wondering whether this should be derived from an organsiation hierarchy or whether it is simply this Maintain GRC Role Assignments which is missing from my NWBC view.
S
All,
I have found the answer but rather than leaving you all on tender hooks, I thought I should at least let you know!
You do have to perform a mapping of user IDs into various different Access Control relevant positions. The role of SPM "Owner" is amongst them.
This configuratioin can be found in
Setup --> Access Owners --> Access Control Owners
Here you can find a User, User group or LDAP group and assign additional privileges such as the Security Lead, Workflow Administrator or the SPM functions of Owner and Controller.
It was marked as GRC Role Assignment in the available documentation, hence the confusion.
Have fun guys,
Simon
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.