cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Provisioning log is not available on Access request type Change Account

Former Member

on ‎04-04-2014 8:41 PM

0 Kudos


Hi,

So I have and issue when I try to submit a request to add a role to a user and I'm trying to understand what could be the reason for it.  Basically I have a workflow that works perfectly for a "Change Request".  I can see that all the steps are executed and then at the end of the request when is suppose to do the actual role assignment I see the message "Provisioning log is not available" then the approval path is finish and the request is closed but when I take a look at the user in the back end the role is not assign.  In terms of access I have try giving SAP_ALL to WF-Batch, nothing shows in Yellow or Red on SLG1 and in SPRO->AC-> User Provisioning -> Define request Type I see "Change Account" with SAP_GRAC_ACCESS_REQUEST.  What else can I do to troubleshoot this error?

Note: I when back to the  to the AC 10.0 Pre-Implementation From Post-Installation to First Access Request and everythings looks right in terms of the AC Configuration settings.

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

FilipGRC
Contributor
‎04-04-2014 8:53 PM
0 Kudos

Hi Jonathan,

I presume you have setup gloval provisiong settings, correct?

On what service pack are you in? Does the user exist in backend?

Filip

Show replies
Show replies
Former Member
‎04-04-2014 9:36 PM
0 Kudos

Hi Filip,

Global Provisioning Settings as in Global Settings for the Workflow (SAP_GRAC_ACCESS REQUEST) then yes.  I actually created a BRF+ for "super user" access VS regular users access and the super user provisioning works just fine. As far as service pack goes this is what I see:

GRCFND_A  -> SP-Level 0013

GRCPINW -> SP-Level 0005

And yes the user exist in the backend, Im just running a user change request on my ID.

Colleen
Advisor
Advisor
‎04-04-2014 11:39 PM
0 Kudos

Have a look in your IMG request type configuration for actions To make sure it has similar values to create

FilipGRC
Contributor
‎04-05-2014 1:38 PM
0 Kudos

Hi Jonathan,

In my question I was referring to SPRO - GRC/access control/user provisioning / maintain provisioning settings. Those need to be setup (min. global provisioning settings) in order to have role being assigned to user at the end of path.

Change account option you can see under request type is referring to change user master data(e.g. password/ account validity / details).

Is this system maintain by CUA? If so settings have to be different (see CUA settings in SPRO)

I would recommend moving to SP14 as in SP13 there were many bugs, by the way I believe the worst SP ever since beginning of AC is SP13 (maybe due to number), as it destroys many working functionality.


Filip         

former_member192837
Participant
‎04-07-2014 7:35 AM
0 Kudos

Hi Filip Nowak, It will be great if you can share problems arise in SP13 for community benefit. Regards Dilip

Former Member
‎04-07-2014 2:41 PM
0 Kudos 


Filip Nowak wrote:




 


I would recommend moving to SP14 as in SP13 there were many bugs, by the way I believe the worst SP ever since beginning of AC is SP13 (maybe due to number), as it destroys many working functionality.





     

Thanks for the warning, Filip; I think we must have implemented a lot of those SP13 "corrections" that not only failed to fix the symptom but actually made matters worse and either had to be reverted or had to be reinstalled with an updated/ improved version. By now, I think the smart course is to go to 10.1; I have heard it is much better.

Good luck!

Gretchen

FilipGRC
Contributor
‎04-07-2014 9:26 PM
0 Kudos

Hi Dilip,

Sharing issues with standard service pack on this portal would not be the best idea, I believe. What I can advise is not to use User Access Review functionality with SP13 at all, as what was working in SP12 simply does not work anymore. But I can answer your question in slightly different way. Please take a moment an look at number of notes created as a part of SP14 and you will understand what I mean. All together there are 739 notes with 101 notes for Access Request area. I believe if something is working in stabilize mode you do not need to create 101 notes to fx it. The other details can be found at:


https://websmp130.sap-ag.de/sap(bD1wbCZjPTAwMQ==)/bc/bsp/sno/ui_entry/entry.htm?param=69765F6D6F6465...


Regards,

Filip


FilipGRC
Contributor
‎04-07-2014 9:27 PM
0 Kudos

Any progress on the topic?

Former Member
‎04-07-2014 9:39 PM
0 Kudos

Hi Filip,

So far no progress, the global provisioning settings were setup and request type configuration looks good as well.  I'm trying to get some more information in terms of CUA but I'm 99% sure we are not using  or going to use it.  I'm looking in to how much effort it will take to do the upgrade to SP14 or if it's even a possibility.  Other than that it looks like everything in the configuration is ok.

Ask a Question