on 05-22-2014 1:34 PM
Hi experts
Please could you let me know how/where to check if an approval request email was sent?
I some approvers complaining that they havent received the approval request email from GRC.
Please advise.
Thanks
Ran
Hi Ranjit
SOST will show the messages as Andrejz mentioned
The MSMP Instance Runtime for the Request will show you which messages are meant to be sent based on your MSMP notification configuration.
Using both to these together assist in troubleshooting email communication
Regards
Colleen
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Ranjit
Step 1 - Google "MSMP Instance Runtime
Step 2 - Locate and then launch the transaction which will open a webdynpro
Step 3 - Learn and Discover - it's display only so you can't break anything
You will find lots of references as that transaction is your new best friend for troubleshooting MSMP workflows (very rare to go near SWIA transaction)
You'll find GRC easier if you start searching and reading up a bit when you see a term you are not familiar with
Regards
Colleen
Hi Colleen
Please could I request your help with the below.
I have found the MSMP Instance Runtime transaction GRFNMW_DBGMONITOR_WD and just been given access to it by the client. However when I run it I get a "You are not authorised..." message. Analysed the trace and found that it is failing on S_DEVELOP - OBJTYPE-DEBUG // ACTVT-02. Is this a required authorisation for GRFNMW_DBGMONITOR_WD. Given the criticality of this auth from an audit point of view I'm not sure I'm going to get the auth. The trace did not show any other failures. Do we need to activate a specific object in SU24 for this to work?
Your thoughts please.
Thanks
Ran
Hi Ranjit
you would solve this like any security authorisation issue
Without logging into a system right now I will not be able to answer the exact value. Other objects may be S_SERVICE, GRAC_REP, S_TCODE for the actual transaction code (yes obvoius).
When you analysed the trace was it a full ST01 or was it SU53?
Regards
Colleen
Hi Ranjit
I tested it as well by stripping the access back and then used STAUTHTRACE (much nicer than ST01). You are right - it is asking for S_DEVELOP 02 DEBUG
METHOD check_admin_auth .
DATA: lo_message_manager TYPE REF TO if_wd_message_manager,
lo_api_controller TYPE REF TO if_wd_controller,
lr_auth_node TYPE REF TO if_wd_context_node.
lo_api_controller ?= wd_this->wd_get_api( ).
lo_message_manager = lo_api_controller->get_message_manager( ).
lr_auth_node = wd_context->get_child_node( name = 'AUTH' ).
TRY.
cl_grfn_msmp_authorizations=>check_sap_debug_authorization( ).
lr_auth_node->set_attribute(
EXPORTING
value = 'X'
name = 'CAN_RUN'
).
CATCH cx_grfn_msmp.
MESSAGE e197(grfnmw) INTO cx_grfn_msmp=>m_msg_str. ----> E197 (GRFNMW) matches the error msg
lo_message_manager->report_t100_message(
METHOD check_sap_debug_authorization.
AUTHORITY-CHECK OBJECT 'S_DEVELOP'
ID 'DEVCLASS' DUMMY
ID 'OBJTYPE' FIELD 'DEBUG'
ID 'OBJNAME' DUMMY
ID 'P_GROUP' DUMMY
ID 'ACTVT' FIELD '02'.
IF sy-subrc NE 0.
MESSAGE e219(grfnmw) WITH sy-uname INTO cx_grfn_msmp=>m_msg_str.
grfnw_msmp_raise_msg: cx_grfn_msmp_no_authorization.
ENDIF.
ENDMETHOD.
I recommend raising a customer incident with SAP to get their input as I don't think DEBUG should be necessary for MSMP Instance Runtime - and then let us all know the outcome
Regards
Colleen
Hi Ran,
please use transaction SOST, details here: SOST - Send Request Overview - Application Server Infrastructure - SCN Wiki
Regards, Andrzej
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.