cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

GRC AC 10 - SP13 - EAM - Workflow Notification to EAM Controller.

Go to solution
Former Member

on ‎11-12-2013 1:24 PM

0 Kudos

Dear Gurus,

I am facing an issue with the notification to the controller in his NWBC inbox for the SPM workflow review.

I have checked the following things over and over again but not sure to track what the issue is:

1. Activate Applications in Client – AC is activated

2. Activated the relevant services:

  • default_host->sap ->public
  • default_host->sap ->bc
  • default_host->sap ->grc
  • default_host-> sap-> bc->webdynpro-> sap

3. Activated the Workflows - GRC_MSMP_CONFIGURATION and GRAC_SPM_CRITICALITY_LEVEL

4. The Automatic Workflow customizing command is executed through SPRO

5. Connectors created and are working fine

6. Users for controllers, Firefighters and Owners provided sufficient roles and are assigned as respective Access Control Owners inside NWBC as well

7. Integration Scenario is mapped

8. Background jobs scheduled in the following sequence:

             

  • Batch Risk Analysis
  • GRAC_DELETE_REPORT_SPOOL
  • GRAC_PFCG_AUTHORIZATION_SYNC
  • GRAC_REPOSITORY_OBJECT_SYNC
  • GRAC_ACTION_USAGE_SYNC
  • GRAC_SPM_LOG_SYNC_UPDATE
  • GRAC_SPM_WORKFLOW_SYNC

9. The background jobs are finishing with no errors.

10. The Firefighter is able to log into ECC and execute commands with a FFID

11. The FF logs are getting generated

     

The only problem is that the workflow notification in NWBC is not received by the controller for the FF Activity. The SPRO parameters for EAM are maintained as:

4000               1              1              Application
type

4001               30           2              Default
Firefighter Validity Period (Days)

4002               YES         3              Send
Email Immediately

4003               YES         4              Retrieve
Change Log

4004               YES         4              Retrieve
System log

4005               YES         4              Retrieve
Audit log

4006               YES         4              Retrieve
OS Command log

4007               YES         4              Send
Log Report Execution Notification Immediately

4008               YES         3              Send
FirefightId Login Notification

4009               YES         3              Log
Report Execution Notification

4010               Z_SAP_GRAC_SPM_FFID             4              Firefighter
ID role name

4012               2              3              Default
users for forwarding the Audit Log workflow

4013               NO         3              Firefighter
ID owner can submit request for Firefighter ID owned

4014               NO         3              Firefighter
ID controller can submit request for Firefighter ID controlled

4015               NO         2              Enable
Decentralized Firefighting

Any help in resolving this would be highly appreciated.

Thanks and Regards,

Ronnie

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
‎11-12-2013 1:40 PM
0 Kudos

Did you check the actual workflow firefighter log review and the notification settings?

Go to customizing - access control -  workflow for access control- maintain MSMP workflows - maintain path (5) - notification settings

Show replies
Show replies
Former Member
‎11-12-2013 1:55 PM
0 Kudos

Hi T.de Jong,

Appreciate your quick reply. Yes, checked that tooo. I am using the default workflow and have the notification settings for new event set in the default stage as under:

Just wanted to check that while generating the workflow I selected the option - "Do not transport the object". I hope that does not make a difference.

Thanks and Regards,

Ronnie

Former Member
‎11-12-2013 2:00 PM
0 Kudos

Hi Ronnie,

Are you getting any mails in the SOST ?

Thanks & Regards

Japneet singh

Former Member
‎11-12-2013 2:27 PM
0 Kudos

Ok. Can you please check the workflow item details in the GRC backend via transaction code SWI5?

Former Member
‎11-12-2013 2:34 PM
0 Kudos

Hi Japneet,

We not conigured emails and hence I do not think there will be anything present in SOST. Please correct me if my interpretation isn't correct.

Thanks and regards,

Ronnie

Former Member
‎11-12-2013 2:43 PM
0 Kudos

Hi T. de Jong,

It's an empty list in SWI5 - I checked for a couple of dates including today when we used the FF user. All lists for all days are however empty.

Thanks and regards,

Ronnie

Answers (4)

Answers (4)

former_member304001
Active Contributor
‎11-15-2013 5:04 PM
0 Kudos

Hi,

May be useful...

Assign SAP_ALL to WF-Batch user, we had faced similar issue after assigning it worked

Regrads,

Kishore

Show replies
Show replies
chandani_kaur
Active Participant
‎11-15-2013 5:29 AM
0 Kudos

Hello Ronnie,

As your 4007 parameter is set to Yes, then there is no need to schedule GRAC_SPM_WORKFLOW_SYNC job.After unscheduling the job, run the scenario and check if the workitem is received by the controller.

Thanks & Regards,

Chandani

Show replies
Show replies
Former Member
‎03-09-2014 1:42 AM
0 Kudos

Hi Chandani and All,

I am facing similar kind of issue, We are in SP 13 in GRC 10 system and we have implemented Decentralized firefighting. Issue is we do not get Firefighter Log notification email to the controllers in decentralized firefighting.  Below are the details. Please help.

- Configuration parameters are 4002 to 4009 is set to YES

- Configuration for Plugin system is maintained as below.

1000 0 GRC_CONNECTOR Please maintain Plug-in Connector

4000 0 1 Application type

4001 0 365 Default Firefighter Validity Period (Days)

4008 0 YES Send FirefightId Login Notification

4010 0 SAP_GRAC_SPM_FFID Firefighter ID role name

- In SLG1, for every SPM Log sync job, there are 4 internal activities

as below

- ACT_SYNC/

- EAM_SYNC/

- LOG_SYNC/

- Workflow/

- When all the above four internal activities are run we get the log

email, but this is not happening all times. Most of the times the

ACT_SYNC/ activity is missing in SLG1

- Have tried to schedule the GRAC_SPM_LOG_SYNC job even every minute,

most times we do NOT get the emails. Very few times we get the log

email.

- Sometimes when we get the log email, we get it even before the

Firefighter ID session is closed.

- When we get the log email, the log details does NOT have all details

like table name, old data, new data etc.

- We have no problems in getting the login notification email

- Have tried to make the parameter 4009 to NO and run the SPM workflow

sync, even then we did not get the log email.

- We get the log email when we do firefighting via centralized FF.

- and finally the firefighter login notification has date and time details 6 hours earlier. I have found a note( 1661882) in this regard, however this is been fixed in SP 08, and we are now in SP13.

Please help

Regards,

Reyas

Colleen
Advisor
Advisor
‎11-15-2013 2:00 AM
0 Kudos

Hi Ronnie

Do you mean that the the Controller is not receiving a workflow item in the NWBC/POWL inbox to complete the review?

I noticed you mentioned: 

4. The Automatic Workflow customizing command is executed through SPRO

Does that mean you went into TS76308028 and WS76300089 to Activate the Event linkages and ensure the Task is set to General Task for Agents.

This is under Governance, Risk and Compliance > General Settings > Workflow > Perform Task-Specific Customizing (if you look at the help information the steps are all there)

Regards

Colleen

Show replies
Show replies
Former Member
‎09-13-2016 3:01 PM
0 Kudos

Apparently the Task SPecific Customizing is client specific in the IMG.  I had the same issue (GRC 10.1 SP 13) email working but not in work item inbox for Controller.  It worked in client 100, but not 110, I checked the workflow as Colleen recommended, and in client 110 the workflow settings were not there (general was not assigned to TS76308028 and others as Colleen advised).

Former Member
‎11-12-2013 4:49 PM
0 Kudos

Hello Ronnie,

Make sure the notification for controller is set to workflow.

NWBC --> Setup -->  Superuser Assigment--> FireFighter ID's

Thanks

Shaik

Show replies
Show replies
Former Member
‎11-13-2013 11:57 AM
0 Kudos

Hi Mahboob,

Yes, that was set up as Workflow already.

Thanks and regards,

Ronnie.

former_member306258
Explorer
‎11-13-2013 1:22 PM
0 Kudos

Hi Ronnie,

Is the email address maintained in the controller's ID? Also, does the controller have the controller role assigned?

Thanks

aNuar

former_member193066
Active Contributor
‎11-13-2013 3:22 PM
0 Kudos

Hello Ronnie,

if Mail setup is not maintained , still sost will have mail in queue.

to send notification  outside you need scot and

check in smicm about smtp services.

Please check.

Regards,

Prasant

Former Member
‎11-14-2013 10:31 AM
0 Kudos

Hi Anuar

Thanks for your reply. Yes, the controller has the relevant controller role but I do not think there needs to be an email ID associated for sending workflow notifications in the NWBC Inbox. We are not configuring email notifications, just the workflow notificatins in NWBC inbox.

Correct me if I am wrong.

Thanks

Ronnie.

Former Member
‎11-14-2013 10:33 AM
0 Kudos

Hi Prasant,

We are not configuring email notifications, just the workflow notificatins in NWBC inbox and thus I believe we would not be needing SMTP set up.

Correct me if I am wrong.

Thanks and regards,

Ronnie.

former_member193066
Active Contributor
‎11-14-2013 8:09 PM
0 Kudos

Hello,

You mean the workflow are not getting in inbox of Controller?

i got confused when you said notification ..

there is a note for that where in nwbc inbox refresh issue is resolved.

ensure you can see the request in search request and for EAM log review.

if you cannot find there then log review workflow is not triggred.

Regards

Prasant

Ask a Question