on 02-12-2014 7:29 PM
We have provided Owner / User- FF / Controller / Admin access in GRC system. User – FF access in Backend system.
Role: ZSAP_GRAC_SPM_FFID was available for Parameter 4010 in config of SPRO in GRC.
The same provided in backend sys for Both IDs. Along with ZSAP_GRAC_NWBS and ZSAP_GRAC_BASE as default access for User-FF Id.
Here are the roles provided accordingly to Systems inbackend and GRC system users.
Systems | ||||||
User type | GRC system | Backend system | D08 | User | User Type | |
Dialog | ZSAP_GRAC_SUPER_USER_MGMT_OWNR | ZSAP_GRAC_SPM_FFID | ZSAP_GRAC_SUPER_USER_MGMT_USER | Service | ||
Service | ZSAP_GRAC_SUPER_USER_MGMT_USER | Provided for dialog IDs |
|
| ||
|
|
|
|
|
| |
Dialog | ZSAP_GRAC_SUPER_USR_MGMT_CNTLR |
|
|
| ||
| Maintained Email ID for Controller ID |
|
|
| ||
|
|
|
|
|
| |
|
|
|
|
|
| |
Dialog | ZSAP_GRAC_SUPER_USR_MGMT_ADMIN | ZSAP_GRAC_SUPER_USR_MGMT_ADMIN | Dialog |
Executed below 4 Jobs for synchronization between G10 and D08.
We have done the below process before executing these jobs and there is no difference in the result screen.
We go to NWBC -> Access Management -> EAM ( Firefighters)
Selecting this User as Firefighter.
Adding Firefighter ID
Here no Fire fighter IDs are found for the Backend System.
Here it is still showing that No records are found. We are searching for this solution since yesterday. The jobs synchronization is done after providing the authorizations for OWNER / User – FFID / Controller but this didn’t help us solving the issue.
We have gone through below links for this solution, where they have mentioned to do the same. But this solution didn’t work.
http://scn.sap.com/docs/DOC-33099 Configure Emergency Access (EAM) in GRC 10
http://scn.sap.com/thread/2109294 FF Owner Assigment : GRC 10.0
http://scn.sap.com/thread/3368058 GRC AC 10.0 EAM : Fire-Fighter ID Not Visible
http://scn.sap.com/thread/2102778 Firefighter IDs Not Populating in GRC 10
Here is the Note suggested:-
1585079 - GRC AC10 - No Firefighter Id available in SPM
Symptom
No Firefighter ID is available when performing the Owner to Firefighter ID assignment.
Other Terms
FFID, GRC Access Controls 10, Superuser Privilege Management, FFID Owner, Firefighters, Controllers
Reason and Prerequisites
Not all necessary configuration is in place, see solution section below.
Solution
Please make sure that you have performed following configuration steps:
1. Integration Scenarios are configured as explained in note 1562760
2. Please make sure the Firefighter role is assigned to Firefighter IDs in the corresponding client system and that the same role has been given as parameter value for configuration parameter 4010. Configuration parameters can be configured in the transaction code SPRO => Governance, Risk & Compliance => Access Control => Maintain Configuration Settings
3. Run User/Role/Profile/Auth synchronization jobs. The Link to run these jobs can be found Under transaction code SPRO => Governance, Risk & Compliance => Access Control => Synchronization Jobs.
Thank you in Advance. Pl suggest.
Hi Vyjayanth
Role: ZSAP_GRAC_SPM_FFID was available for Parameter 4010 in config of SPRO in GRC.
The same provided in backend sys for Both IDs. Along with ZSAP_GRAC_NWBS and ZSAP_GRAC_BASE as default access for User-FF Id.
Just to be clear here - the parameter 4010 role is to be assigned to the FF Id and then run the object repository sync
Which Ids did you assign ZSAP_GRC_SPM_FFID to? Sorry, your table for user access didn't load fully for me to see
Regards
Colleen
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi
On NWBC Screen have you set accounts in following order
The FF Id needs to have the 4010 role assigned as well as the Owner and and Controller for it
Regards
Colleen
HI Colleen
I have just checked, we have not provided correct Firefighter ID / Role privileges to the owners we maintained in Access Control Owners.
That is the reason the Firefighter IDs were not getting displayed after we selected Owners in EAM --> Owners.
I will just assign the FF IDs as suggested by you and get back.
Thanks alot.
Vyjayanth M
Hi Vyjayanth,
This issue might be because the owner and controller are not assigned to the Firefighter ID.
For a Fire-fighter assignment to be done, first we must ensure that owner and controller are defined for the Fire-fighter ID.
1. Define Owner/Controller:-
Create the owner and check as "Firefighter ID owner"- if it is ID based EAM implementation or as "Firefighter Role owner" for Role based EAM implementation.
2. Assign owner to Fire-fighter ID
3. Now Assign the Fire-fighter ID to a Fire-fighter user
Cheers,
Sabitha
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
13 | |
2 | |
2 | |
1 | |
1 | |
1 | |
1 | |
1 | |
1 | |
1 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.