on 08-25-2014 9:16 PM
Hi All.
We have some particular situations in which roles are maintained straight in the backends, instead of through BRM workflows (mainly because we have two different landscapes, with separate development environments but same production environment for SAP ECC).
Is there any way to force a PFCG sync for BRM roles, the same way "PFCG sync" button in the Authorization Data step would do?
I'm thinking about a standard background job, or even a function module we could use to build our own sync job, but other suggestions will also be appreciated.
Thanks in advance,
Marcelo Monsores
Hi Marcelo,
Yes, you are right about getting PFCG synched for a role getting created in some other developement environment, by runing the background job: Repository object synchronization job.
Other than this: Not exactly, but once you create the role in backend connector, you have to import the role in GRC-NWBC with role import method.
So basically everytime you create/modify a role directly in the backend connector, you have to get this role in GRC-NWBC by importing.
Hope this is clear now.
Regards,
Ameet
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello Ameet.
Thanks for your quick response.
I understood the import procedure but I'm not sure about the job. Just to check if I understood correctly:
If I have a role already registered in BRM and update it straight in the backend, without using BRM workflow, once I run GRAC_REPOSITORY_OBJECT_SYNC, tables GRACROLEACT,
GRACROLEPERM, GRACROLEPERMAUTH and GRACROLEFLDVAL (maybe others) should be updated as if I have clicked "PFCG Sync" button in BRM?
I found some info about it here http://wiki.scn.sap.com/wiki/display/GRC/The+Repository+-+GRC+Access+Control+10.0, but got no success when I ran an incremental sync hoping to update authorization data for a specific role. I may have missed something?
Best regards,
Marcelo
Hi Marcelo,
Were you able to find a solution for this?
We are facing the same issue. We create/update our roles in the backend connector system, and do not use BRM workflow.
When GRAC_REPOSITORY_OBJECT_SYNC job is run, this does not update the modified authorization data in the tables you have mentioned.
Do we have to reimport the roles via 'Role import' option everytime a change is made?
Regards,
Sireesha
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.