on 08-25-2014 9:42 PM
Hello Colleagues,
Wonder whether you can provide some guidance on something I am struggling with. I simply want to add an additional stage to GRAC_USER_ACCESS_REVIEW workflow to pass the request back to the Security Team once it is approved by the role owner. This is just to make sure roles marked for removal by role owners during the UAR are appropriate. Can I do this with the standard workflow I am using in GRC, or do I need to create a new rule, agents etc.?
I looked at creating a new stage under GRAC_DEFAULT_PATH. All I see is GRAC_UAR_REVIEWER agent under available agents. Appreciate your help or if you can point me to any available documentation on adding an additional stage to UAR Workflow. I did search in SAP Marketplace, but could not find anything useful.
Kind regard,
Sonny
Hi Sonny,
you can use agent GRAC_SECURITY with rule ID GRAC_MSMP_SECURITY_LEAD_AGENT. Did you try?
Regards,
Alessandro
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Alessandro,
Thanks for your respons. I am just trying what you suggested.
I was able to add GRAC_MSMP_SECURITY_LEAD_AGENT to Rules. When I try to add the Agent, I am getting a system message "Agent should be in customer name-space (x*/y*/z*)". Am I missing a step somewhere or does this need to be a custom agent?
Kind regards,
Sonny
Success!!! Thank you both for your valuable input. I am glad
we have a support forum to help people struggling with these minor issues.
Just want to share my recent experience with SAP Support –
When we started testing the UAR, we were not able to trigger the workflow. I
opened a support message with SAP. It took almost four weeks and eventually ticket
went to the Development team. The developer pointed out the issue within a day.
All it was just that the role we were testing with had the “Provisioning” set
to ‘NO”. I assume the GRC and Workflow knowledge is not passed down to entry
level support personnel yet.
Thanks again,
Sonny
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.