03-29-2013 5:59 PM
Hi,
I am looking to limit visability to AC reports in various roles via object GRAC_REP. Can someone point me to a listing of the Report Names (GRAC_REPID)? I do not want this value to be '*'. The only one I am able to dig up so far is GRAC_SPM*. I am admittedly very new to GRC 10 security.
The Security Guide from SAP does not contain the information I am looking for.
Any info or guidance would be greatly appreciated.
Thanks!
Jes
04-02-2013 2:42 AM
Hi
Note 1718540 helped here - SM34 View GRFNVC_ITEMAUTH has the mapping of Menu Item Id to "Authorizated Objects"
The SM34 view comprises of
Within table GRFNMENUPFCG you will see the references to the Menu Item Ids with descriptions
The link to which report you are launching is based on the launchpad (LPD_CUST). The item configuration will contain the "Add Information" for MENUITEMID = xxxx which is under the "Advanced Parameters".
Note - SAP mentions not to make changes to this SM34 data. If you do make changes and maintain them incorrectly, then the link will not show in NWBC. You also risk changes being overwritten if SAP delivers patches/upgrades
04-01-2013 1:51 PM
Jes,
Following is the list of various GRC AC reports which can be restricted through GRAC_REP / GRAC_REPID -
GRAC_ACTIONUSAGE_LOG | Transaction Log Reporting |
GRAC_CUP_DELGATN_RPT | Report for Approver Delegation |
GRAC_CUP_HISTORY_RPT | SOD Review History Report |
GRAC_CUP_MTIGATN_RPT | Report for Requests with Conflicts And Mitigations |
GRAC_CUP_PD_PROF_RPT | Report for Requests By PD/Structural Profiles |
GRAC_CUP_ROL_APR_RPT | Report for Request By Roles And Role Approvers |
GRAC_CUP_SLR_RPT | Service level for request report |
GRAC_CUP_USR_HIS_RPT | User Access Review History Report |
GRAC_CUP_USR_RVW_RPT | User Review Status Report |
GRAC_DAB_CUPAR | CUP Dashboard Access Request |
GRAC_DAB_CUPPV | CUP Dashboard for Provisioning Log |
GRAC_DAB_CUPRV | CUP Dashboard Risk Violation |
GRAC_DAB_CUPSL | CUP Dashboard for Service Level Violation |
GRAC_ERM_ACTION_USG | Action usage report by User |
GRAC_ERM_ACT_IN_ROLE | List Transaction in Roles |
GRAC_ERM_ACT_ROLES | Action in roles not in rules |
GRAC_ERM_AUTH_CT_RL | Count Authorizations in Roles |
GRAC_ERM_AUTH_CT_USR | Count Authorizations for Users |
GRAC_ERM_COMP_TRANS | Compare Transactions in Menu and Authorizations Search Role |
GRAC_ERM_COM_USR_RL | Compare User Roles |
GRAC_ERM_EXPROLES | |
GRAC_ERM_MAS_DER_REL | Master to Derived Role Relationship |
GRAC_ERM_PERM_ROLES | Permission in roles not in rules |
GRAC_ERM_PFCG_CHG_LG | |
GRAC_ERM_RL_BY_GENDT | Roles by Date of Generation |
GRAC_ERM_RL_USR_LINK | Role Relationship with User / User Group |
GRAC_ERM_ROLE_OWNERS | List role owenrs and assignment approvers |
GRAC_ERM_SIN_COMPRL | Single to Composite Role Relationship |
GRAC_ERM_USRROLE_REL | User Role Relationship |
GRAC_RISK_TERMINATOR | Risk Terminator Report |
GRAC_SOD_ACCESS_DTL | Access Rule Detail report |
GRAC_SOD_ACCESS_SUMM | Access Rule Summary |
GRAC_SOD_ACT_ROLES | Action in roles not in rules |
GRAC_SOD_CALLTRANS | Embedded Action Calls in Programs of SAP systems |
GRAC_SOD_MITIGATION | Mitigation Object Report for User, User Org, Role, Role Org, Profile, HR |
GRAC_SOD_MIT_CTL_REP | Mitigation Control Report |
GRAC_SOD_RULESET_CMP | Ruleset Comparison |
GRAC_SPM_AUDIT_LOG | Audit |
GRAC_SPM_CHANGE_LOG | Change Log Reporting |
GRAC_SPM_CONS_REPORT | SPM Consolidated Reporting |
GRAC_SPM_FFLOG_SUM | Firefighter Log Summary Log Reporting |
GRAC_SPM_INV_SUP_USR | Invalid Super User Report |
GRAC_SPM_OSCMD_LOG | OS Command |
GRAC_SPM_RSN_ACT_LOG | Reason Code And Activity Log Reporting . |
GRAC_SPM_SOD_REPORT | Firefighter SoD Conflict report |
GRAC_SPM_SYSTEM_LOG | System Log Reporting |
GRAC_USER_RISK_VOIL | User Risk Voilation report |
Regards,
Amol
08-26-2014 12:27 PM
Hi Amol
Could you please help me understand from where i can access the reports that you have listed ?
We have GRC 10.1
Thanks
Vidya
04-02-2013 2:42 AM
Hi
Note 1718540 helped here - SM34 View GRFNVC_ITEMAUTH has the mapping of Menu Item Id to "Authorizated Objects"
The SM34 view comprises of
Within table GRFNMENUPFCG you will see the references to the Menu Item Ids with descriptions
The link to which report you are launching is based on the launchpad (LPD_CUST). The item configuration will contain the "Add Information" for MENUITEMID = xxxx which is under the "Advanced Parameters".
Note - SAP mentions not to make changes to this SM34 data. If you do make changes and maintain them incorrectly, then the link will not show in NWBC. You also risk changes being overwritten if SAP delivers patches/upgrades
04-02-2013 1:56 PM
This is extremely helpful - Thank you Colleen! I very much appreciate the guidance.
Jes
08-07-2020 11:34 AM
Hello,
I had the same question, the right answer is the following.
1. Run the Tcode ST01 trace.
2. Click on each report that you want to display only in NWBC
3. Display the trace, here you will see the technical name of each report
4. Into the object GRAC_REP, insert the technical name into the authorization field GRAC_REPID.