Hi Diego,

Thanks for your quick reply.

I think this note is helpful when the synchronized roles are not displayed. However, I want to bring the roles from the backend system to ARQ first of all as we do in CUP 5.3 using Role Synch option.

Please suggest.

Regards,

Faisal

Hi Kaushal,

Thanks for your reply.

I went to Role Import option in AM. While in the first stage Define Criteria, I am able to get the connector group under Landscape field which is mandatory. Howerver, the backend system in not displayed under Source System field.

Any where else I have to update some configuration so that I get the list of all backend systems here?

Please suggest.

Regards,

Faisal

Ajesh,

Thanks for your reply.

May you please guide me in reaching to the correct configuration node?

Faisal

Ajesh,

I could see the Connectrou group from the drop down list. Howver, the system is not there. What am I missing here?

Faisal

Ajesh,

Thanks for your reply.

It really helped me a lot.

Now I could see the connector group/connector name.

However, when I submit for role import, it says:

 Error: Scenario Link is not defined in grfnconnscnlk table for <connector name> 

I must be missing something. Can you please help me?

Regards,

Faisal

Hi Diego,

Now I have successfully configured the integration scenario for ROLM and AUTH (PROV was already completed). Having done this, when now I try to import the roles, I get this error in the last step:

Correctly define the scenario handler class in CCITS

I did some search on this and found one note#1575072.

I am unable to understand the it how I can use in my situation. Does it have to do with user data source

Can you please help me?

Regards,

Faisal

Hi,

I could solve this problem by using the CL_GRAC_AD_ROLE_GENERATION_RFC class against my connector type in Maintain Connection Settings in SPRO.

Now when I imports, it says the status as Success. I presume that the roles are imported successfully.

Further, I tried to create a new request, However, while adding the roles, I could not find even a single role while searching.

Later I tried to update the roles. This time I could find my sample role which I had created in the back end system and I suppose that it is now brought here.

May I know why I am unable to see the roles while creating a request?

Regards,

Faisal

Hi,

Thanks for your reply.

I did execute this option and below are the activities I did:

1. Selected Role Update option

2. Selected all the roles in option *Select Roles

3. In Select Criteria options, I select All Attributes as the attribute and update as the action

4. In Select Values stage, I selected multiple values like business process etc. Here, I have selected Role Status as the Production one.

Still of no help.

Regards,

Faial

Hi Ashish,

Thanks for your reply.

It is @ SP07.

Faisal.

Ashish,

Thanks for your reply.

I made some changes in the configuration as follows:

1. Under SPRO->GRC->Access Control->Maintain Configuration settings, I changed Parameter value to PRD against PARAM ID 3004 (Role Management being the Parm Group).

2. Under SPRO->GRC->Access Control->Role Management->Maintain Role Status, I selected the PRD Check box.

However, still I am unable to see the roles from the back end system while creating the request.

Please suggest.

Regards,

Faisla

Ashish,

I also checked by importing the single role from the backend system. The role is successfully imported, however, it is not being shown while creating the access request.

Regards.

faisal

AShish,

I appreciate your help. Still no success.

FAisal

I followed note#1602339. This solved my problem.

Thanks all

Regards,

Faisal