Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Showing results for 
Search instead for 
Did you mean: 

GRC AC 10 security object question: GRAC_REP and Report Name (GRAC_REPID)

Former Member
0 Kudos

Hi,

I am looking to limit visability to AC reports in various roles via object GRAC_REP. Can someone point me to a listing of the Report Names (GRAC_REPID)? I do not want this value to be '*'. The only one I am able to dig up so far is GRAC_SPM*. I am admittedly very new to GRC 10 security.

The Security Guide from SAP does not contain the information I am looking for.

Any info or guidance would be greatly appreciated.

Thanks!

Jes

1 ACCEPTED SOLUTION

Colleen
Advisor
Advisor
0 Kudos

Hi

Note 1718540 helped here -  SM34 View GRFNVC_ITEMAUTH has the mapping of Menu Item Id to "Authorizated Objects"

The SM34 view comprises of

  • GRFNMENUAPPCOMP    Menu Authorization Entity Mapping
  • GRFNMENUITEM    Menu Item (Item Auth Mode is PFCG)
  • GRFNMENUPFCG    PFCG Auth Mapping Table

Within table GRFNMENUPFCG you will see the references to the Menu Item Ids with descriptions

The link to which report you are launching is based on the launchpad (LPD_CUST). The item configuration will contain the "Add Information" for MENUITEMID = xxxx which is under the "Advanced Parameters".

Note - SAP mentions not to make changes to this SM34 data. If you do make changes and maintain them incorrectly, then the link will not show in NWBC. You also risk changes being overwritten if SAP delivers patches/upgrades

5 REPLIES 5

0 Kudos

Jes,

Following is the list of various GRC AC reports which can be restricted through GRAC_REP / GRAC_REPID -

GRAC_ACTIONUSAGE_LOGTransaction Log Reporting
GRAC_CUP_DELGATN_RPTReport for Approver Delegation
GRAC_CUP_HISTORY_RPTSOD Review History Report
GRAC_CUP_MTIGATN_RPTReport for Requests with Conflicts And Mitigations
GRAC_CUP_PD_PROF_RPTReport for Requests By PD/Structural Profiles
GRAC_CUP_ROL_APR_RPTReport for Request By Roles And Role Approvers
GRAC_CUP_SLR_RPTService level for request report
GRAC_CUP_USR_HIS_RPTUser Access Review History Report
GRAC_CUP_USR_RVW_RPTUser Review Status Report
GRAC_DAB_CUPARCUP Dashboard Access Request
GRAC_DAB_CUPPVCUP Dashboard for Provisioning Log
GRAC_DAB_CUPRVCUP Dashboard Risk Violation
GRAC_DAB_CUPSLCUP Dashboard for Service Level Violation
GRAC_ERM_ACTION_USGAction usage report by User
GRAC_ERM_ACT_IN_ROLEList Transaction in Roles
GRAC_ERM_ACT_ROLESAction in roles not in rules
GRAC_ERM_AUTH_CT_RLCount Authorizations in Roles
GRAC_ERM_AUTH_CT_USRCount Authorizations for Users
GRAC_ERM_COMP_TRANSCompare Transactions in Menu and Authorizations Search Role
GRAC_ERM_COM_USR_RLCompare User Roles
GRAC_ERM_EXPROLES
GRAC_ERM_MAS_DER_RELMaster to Derived Role Relationship
GRAC_ERM_PERM_ROLESPermission  in roles not in rules
GRAC_ERM_PFCG_CHG_LG
GRAC_ERM_RL_BY_GENDTRoles by Date of Generation
GRAC_ERM_RL_USR_LINKRole Relationship with User / User Group
GRAC_ERM_ROLE_OWNERSList role owenrs and assignment approvers
GRAC_ERM_SIN_COMPRLSingle to Composite Role Relationship
GRAC_ERM_USRROLE_RELUser Role Relationship
GRAC_RISK_TERMINATORRisk Terminator Report
GRAC_SOD_ACCESS_DTLAccess Rule Detail report
GRAC_SOD_ACCESS_SUMMAccess Rule Summary
GRAC_SOD_ACT_ROLESAction in roles not in rules
GRAC_SOD_CALLTRANSEmbedded Action Calls in Programs of SAP systems
GRAC_SOD_MITIGATIONMitigation Object Report for User, User Org, Role, Role Org, Profile, HR
GRAC_SOD_MIT_CTL_REPMitigation Control Report
GRAC_SOD_RULESET_CMPRuleset Comparison
GRAC_SPM_AUDIT_LOGAudit
GRAC_SPM_CHANGE_LOGChange Log Reporting
GRAC_SPM_CONS_REPORTSPM Consolidated Reporting
GRAC_SPM_FFLOG_SUMFirefighter Log Summary Log Reporting
GRAC_SPM_INV_SUP_USRInvalid Super User Report
GRAC_SPM_OSCMD_LOGOS Command
GRAC_SPM_RSN_ACT_LOGReason Code And Activity Log Reporting .
GRAC_SPM_SOD_REPORTFirefighter SoD Conflict report
GRAC_SPM_SYSTEM_LOGSystem Log Reporting
GRAC_USER_RISK_VOILUser Risk Voilation report

Regards,

Amol

0 Kudos

Hi Amol

Could you please help me understand from where i can access the reports that you have listed ?

We have GRC 10.1

Thanks

Vidya

Colleen
Advisor
Advisor
0 Kudos

Hi

Note 1718540 helped here -  SM34 View GRFNVC_ITEMAUTH has the mapping of Menu Item Id to "Authorizated Objects"

The SM34 view comprises of

  • GRFNMENUAPPCOMP    Menu Authorization Entity Mapping
  • GRFNMENUITEM    Menu Item (Item Auth Mode is PFCG)
  • GRFNMENUPFCG    PFCG Auth Mapping Table

Within table GRFNMENUPFCG you will see the references to the Menu Item Ids with descriptions

The link to which report you are launching is based on the launchpad (LPD_CUST). The item configuration will contain the "Add Information" for MENUITEMID = xxxx which is under the "Advanced Parameters".

Note - SAP mentions not to make changes to this SM34 data. If you do make changes and maintain them incorrectly, then the link will not show in NWBC. You also risk changes being overwritten if SAP delivers patches/upgrades

Former Member
0 Kudos

This is extremely helpful - Thank you Colleen! I very much appreciate the guidance.

Jes

0 Kudos

Hello,

I had the same question, the right answer is the following.

1. Run the Tcode ST01 trace.

2. Click on each report that you want to display only in NWBC

3. Display the trace, here you will see the technical name of each report

4. Into the object GRAC_REP, insert the technical name into the authorization field GRAC_REPID.