on 11-25-2013 3:24 AM
Hi All,
We are trying to configure a EAM ID for ruleset maintenance in GRC. Whenever ruleset has to be modified the user will request for EAM ID and make the changes in NWBC.
Now everything works fine. The user were able to login to GRC system using the EAM ID. But the problem when he tries to launch NWBC, it prompts for login. While troubleshooting what we found is service user ID's are not doing SSO while calling NWBC. Unfortunately the EAM ID's has to be service ID's according to EAM configuration.
Is there a solution for this.
Regards,
Muthu Kumaran
Hi Muthu,
Kindly ref SAP Note #1796682 and #1588075. These nots will help you in resolving your issue.
Regards,
Shaily
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Prashant,
The setup works perfectly fine for all the EAM scenarios. The problem as stated in my first post is only to the EAM ID which allows login into GRC system itself (created for ruleset changes).
According to the configuration all EAM ID's are service user type so does the EAM ID of the GRC system. When login using that EAM ID into GRC the NWBC fails because SSO fails for service user type. The suggestion by Shaily is to implement notes mentioned which suggests to change the user type to dialog. And if I change it the RFC prompts a login.
Any suggestions.
Regards,
Muthu
Hi Prashant,
Here is the summary.,
1. RFC user is maintained in the RFC connections
2. EAM ID's for all target systems works just fine
3. EAM ID for GRC itself works fine but cannot launch NWBC since SSO fails
4. Notes recommended by Shaily suggests to change the user type of GRC EAM ID to Dialog to fix the NWBC issue. But it creates the RFC issue (According to EAM configuration guide and OSS notes the EAM ID's should be of user type service)
Now let me explain why we EAM ID's in GRC system. The scenario is to modify the functions/risks. There is no workflow defined and has to be done manually. Administrators upon approval(manual) for modifying functions/risks will request for EAM ID in GRC to make the changes. Once the ID is issued they will login using EAM ID, launch NWBC to modify the functions/risks. Again upload rules, transport rules in SPRO is not an option for us since it will update all the rules and the corresponding change documents (unfortunately I cannot transport only the function/risk changes).
Suggest me if there is a alternate way.,
- To allow service user to launch NWBC
- To make changes to functions/risks
Thanks.
Regards,
Muthu
User | Count |
---|---|
12 | |
3 | |
2 | |
1 | |
1 | |
1 | |
1 | |
1 | |
1 | |
1 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.