on 08-03-2015 5:05 PM
Hello,
Could you help us, to create a De-provision request in process Access Request Management, by risk owner?
We have been assign a existing mitigation control, and created newly mitigation control and we managed assign also. But related with the remove we have some doubts. How can we make this step?
Thank you
Inês Costa
Hello Ines,
Yes , in remediation view you can trigger role removal automatically,
actually it creates change request with provision action remove for that role
Regards,
Prasant
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
did u follow these steps.?
Define role for SAP NW Gateway User
SAP_BC_ENDUSER and create a Z role Z_GW_ENDUSER
Insert Auth: /IWFND/RT_GW_USER Template for SAP NetWeaver Gateway User
Define role for Netweaver Gateway Administrator
Copy Role: SAP_BC_BASIS_ADMIN and create Z_SAP_BC_BASIS_ADMIN
Assign the following template auth: /IWFND/RT_ADMIN (Template for SAP NetWeaver Gateway Framework Administrator) into role
Generate the role SAP_BC_WEBSERVICE_CONSUMER and assign to GRC User
/IWFND/RT_ADMIN Template for SAP NetWeaver Gateway Framework Administrator
Execute - SPRO
Create RFC Destination as below
in logon security maintain the user created with access mentioned above.
Click on system alias and create system alias like:
Make sure also that SICF are active
let me know in case you need any other details
Hello Prasant,
Sorry for the delay. We checked this situation, and the points are all setup. However we have some doubts:
1 - In odata - Active and Maintain services, we have two versions of /IWFND/SG_MED_CATALOG, and both are activated (like you can see in the image below)
Exist another services, but they are not activate, and we don't know the impact of this, and if there are any dependence between them.
We don't know if it helps, but the support package that we are used are:
SAP_GWFND 740 0008 SAPK-74008INSAPGWFND SAP Gateway Foundation 7.40
GRCFND_A V1100 0009 SAPK-V1109INGRCFNDA GRC Foundation ABAP
2- In transaction SIFC we have the following points activated:
After to confirm these points, we made the process to remove a role, and the error keeps the same. we checked the transaction /n/IWFND/APPS_LOG and we found this errors:
Probably there are another points of configuration that are missing.
Let us know if there are more steps that we have to check.
Thank you very much.
Regards,
Inês
Thanks for your reply Prasant, we are using IE.
But we have fresh news, about this issue. One good, and two not so.
First - Remediation view don't show any results. This problem was solved. What happened was, we didn´t have a user who had used roles in conflict, so the remediation view, didn't have any results. But know is fine
Second - The grey screen appears to other users (eg: Risk owner), only in a general user (eg: User that we use to customize) we can have results. We have look better the customize to see what is missing.
Third - we aren't able to eliminate, only create and assign. , we have the parameters 1107,1108 and 1109 configured.
We have look better for this process.
Regards,
Inês
Good morning Prasant,
Below, we send you the screenshots related with the second and third issue:
Second issue - For the SD Risk owner if we run the remediation view appears:
Third issue - we think that we are make the correct process. So, we run remediation view through user level
And the results are:
If we check on Mitigate risk appears the following:
Here, we can create a new control, or assign an existing control. But how is process to eliminate? we have some doubts with the eliminate process.
We don't know if this information helps, we hope so.
If you need more information, let us know.
Thank you.
Regards,
Inês
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.