cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

GRC AC 10 SP12 - Role Risk Analysis returning no violations when there are violations

Go to solution
Former Member

on ‎05-10-2013 7:29 PM

0 Kudos

Hello

We recently encountered an issue with the role risk analysis returning "no violations" when there is indeed violations. It will pick up the violations when the risk analysis is run within an access request but not when you run it ad hoc. We have re-run all our syncs, re-generated the rule sets and validated they are populated in the NWBC repository but the issue has not been resolved.

I've included a few screen shots of an analysis being perforned on the role administrator which would definitely return violations yet no violations are found.

Any help would be appreciated.

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

kevin_tucholke1
Contributor
‎05-10-2013 9:39 PM
0 Kudos

Stacey:

Please implement SAP note 1824956 -- User Analysis Report shows "No violations"

Thanks.

Kevin Tucholke

Show replies
Show replies
Former Member
‎05-14-2013 9:55 PM
0 Kudos

Hi Kevin

We just implemented the note, re-ran the auth and repository object syncs and re-generated the ruleset and are still encountering the same issue. Any other recommendations?

kevin_tucholke1
Contributor
‎05-14-2013 10:04 PM
0 Kudos

Stacey:  Have you checked to see if there are any authorization issues in SLG1??

Former Member
‎05-14-2013 10:53 PM
0 Kudos

Thanks for the quick reply Kevin. SLG1 shows the risk analysis was successful (see attached screen shot).

kevin_tucholke1
Contributor
‎05-14-2013 11:54 PM
0 Kudos

Stacey:

Beyond that, I would suggest a CSS message.  If the note was implemented and no authorization issues exist, and you are sure that the rule set should be finding issues (i.e. physical connectors are assigned to appropriate connector groups (logical systems)), this is probably needs more troubleshooting that you can do here...

Sorry.....

Kevin

Former Member
‎05-15-2013 4:51 AM
0 Kudos

Hi Stacy,

Please check the following

!. Check if the role exist in the table GRACRLCONN.If the role does not exist in this table, Please run

the Repository sync job.

2. Check if the entries exist in the table GRACACTRULE for the specific connector, IF the entires does not exist, Re-generate the rules.

Also, Can you please share the detials of the role i.e. the Actions that exist in these roles and also the

corresponding risks that should get violated.

Thanks & Regards

Japneet Singh

Former Member
‎05-15-2013 10:45 PM
0 Kudos

Hey Japneet

Thanks for your assistance.

1. Yes the role exists in GRACRLCONN

2. We are using logical connectors and the entries for those appeared in GRACACTRULE

I think we're going to heed Kevin's advice and open a note with SAP.

I'll report back with a resolution. Thanks!

Former Member
‎02-03-2015 6:58 AM
0 Kudos

Hi Stacey, Is this issue resolved.. we are having similar scenario with role risk analysis

Regards

Anil

Former Member
‎02-04-2015 5:38 PM
0 Kudos

Hi Anil

I am almost positive a note had to be applied to resolve the issue. I tried to look in SAP service marketplace for a note around May - June 2013 when I was experiencing the issue but wasn't having any luck.

Another note in addition to the one Kevin provided above is 1817251 - User Analysis Report shows "No violations" but if you are on a support pack after 12 or 13 then they wouldn't be applicable.

Also, have you followed all the other recommendations within this post? I'm assuming so if you're reaching out.

Answers (1)

Answers (1)

Former Member
‎05-11-2013 9:53 AM
0 Kudos

Stacey,

Yes, SAP Note provided by Kevin should resolve this Issue.

Thanks & Regards,

Ashish

Show replies
Show replies
Ask a Question