08-09-2011 5:06 AM
Hi GRC experts,
We have recently upgraded from SAP 4.6c to ECC 6. Virsa component available is VIRSA 400_700 level 0.
The issue is, when I click on any of the butons "FIREFIGHTERS", "CONTROLLERS", "SECURITY" in Firefighter, I am geting the below error.
You have only authorisation for status(es) ,,
.No maintenance authorisation.
Same error i am geting when i click on maintain in RULE ARCHITECT also.
I have assigned all VIRSA related roles to this user, but no use. Also checked the trace in ST01, but not showing any error.
Kindly help me to troubleshoot and correct this error.
Regards
Prasanth
08-09-2011 5:09 AM
Search for all roles start with FF . You will get all required roles .
Thanks & Regards
Asheesh
08-09-2011 5:10 AM
Also I beleive that you have taken care of post installation step ,like in stalling right RTA for ECC 6
08-09-2011 5:26 AM
Hi,
I have assigned all FF roles to the user, but still the same issue.
My VIRSA component is 400_700. Could you please tell me the steps to check RTA?
Thanks
Prasanth
08-09-2011 5:40 AM
Login to SAP system ,at top you can see Tool tab . In tool tab go to system status .
Where you can see "ECC 6 " .just below that you can see serch option .You can check out there .
Or Directly go to SPAM
RTA component will be name as VIRSANH or VIRSAHR depending upon ECC system is having HR component in it .
08-09-2011 5:44 AM
Hi,
I have checked in SPAM and didnot find any RTA components VIRSANH or VIRSAHR. I checxed in the existing production sysyem which is 4.6c VIRSA 400 and that too dont have.
For ECC6, do whe have to intall both VIRSANH and VIRSAHR along with VIRSA 40_700 component?
Regards
Prasanth
08-09-2011 5:56 AM
I am assuming that you have GRC 5.3 in place and you have only upgraded backend from ECC 4.6 to ECC 6 , is that Correct ?
If yes then SAP GRC will be installed on Java engine and RTA need to installed on SAP backend .Kindly follow configuration and installation guide .
Thanks & Regards
Asheesh
08-09-2011 7:03 AM
Dear Ashish,
We are still not in GRC5.3. We have only upgraded from r/3 4.6c to ECC 6. VIRSA is still the older version(400_700).
do we have to upgarde VIRSA from 400_700 also to GRC 5.3 to get all functionalities?
Any other guggession for the error i am facing (auth error).
Your answers are realyhelping me. Will reward you points.
Regards
Prasanth
08-09-2011 7:25 AM
Dear Prashant ,
I would strongly recommend you to look into configuration ,security guide and upgrade guide as I am really sure that this is a compatibilty issue .
I would suggest you to check that VIRSA 4.0 is compatible with ECC 6.0 and if yes what should be roles and all should be asigned .
Regarding upgrade , I will strongly recommend you to upgrade as you many have many release with extended functionallity after Virsa 4.0 i.e GRC 5.2 ,GRC 5.3 and now GRC 10 .
I an really not sure whether SAP is still supporting Virsa 4 .
Thanks & Regards
Asheesh
08-09-2011 9:47 AM
Hi,
What does your SU56 user buffer says?? Do you have the required authorization there??
Regards,
Raghu
08-09-2011 11:32 AM
Hi,
With the basis / abap level upgrade, you may find that there are differences in the Authorisation Objects. You may find that there is an additional object called GRCFF_0002 / VIRFF_0002 included which provides additional authorisations to access and maintain the Firefighter tables.
This adds an additional layer of control rather than simply relying on the ZV* table authorisation groups.
You will probably need to assign the relevant values for this object into your Firefighter roles.
I would also look at the configuration parameters within the Firefighter dashboard for Owner and Controller additional authorisation as that also restricts the view and maintenance of these tables.
Simon
08-09-2011 1:26 PM
Hi Simon,
Thaks for your imput.
I have checked both objects (GRCFF_0002 / VIRFF_0002 ) in my sytem. But both are not existing. I doubt this is because the support pack level i have is less (SP 0). I am thinking of upgrading to SP12.
Any input or suggession?
Regards
Prasanth
08-10-2011 2:43 PM
Hi Prasanth,
As recommended earlier, check the user buffer. Also, you can enable the ST01 trace and see what is missing.
As mentioned, the new authorization objects might be required. Upgrading to another version is not the solution always Will you go to the next level, if you see a few more issues??
Try to look around for the various possibilities and isolate the root cause. It will help you to fix the issue easily.
Regards,
Raghu