cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Risk Terminator - PFCG - only SOD, no critical action risks shown

Go to solution
Former Member

on ‎08-11-2015 6:29 AM

0 Kudos

Hi guys,

I think I have set up Risk Terminator in Access Control 10.1 in a correct way. Whenever I add transactions into a role via PFCG that would cause SOD conflicts, RT shows me. In Access Control 5.3 it was possible to see also critical Actions, which have been added to a role. I have not managed to set this up ! In my ruleset there are critical actions and critical authorizations (replace in Debugging) as well.

Does RT in 10.1 only support SOD conflicts ?

Thanks !

Max

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

alessandr0
Active Contributor
‎08-11-2015 7:06 AM
0 Kudos

Dear Max,

this depends on the settings done for parameter 1088 (report type for risk terminator). With 1088 you can configure which report type is going to be analyzed (02 - Permission level, 03 - Critical Action, etc.).

Hope this helps.

Regards,

Alessandro

Show replies
Show replies
Former Member
‎08-11-2015 8:22 AM
0 Kudos

Dear Allesandro,

thanks for your reply ! So which value in Parameter 1088 should I set if I want critical Actions (eg SCC4), critical authorizations (eg. S_DEVELOP with activty 02 and object type  DEBUG) and SOD conflicts to be checked in PFCG plugin ?

Thanks !

Max

Former Member
‎08-11-2015 8:34 AM
0 Kudos

Oh, and one more thing: why is there only a T-Code Analysis available in RT ?

In FM /GRCPI/GRIA_BEFORE_PROF_GEN they call the RT with tcodeonly parameter set to 'X'

CALL FUNCTION '/GRCPI/GRIA_RISK_TERM_CALL'     

EXPORTING       

          agr_name     = activity_group       

          tcodeonly    = gc_x     

IMPORTING       

          sodviolation = lv_error.

Thanks,

Max

Former Member
‎08-11-2015 9:05 AM
0 Kudos

Sorry for that many postings ... are you speaking of the RT plugin in the ERP System of the Parameter 1088 in the Access control System. The Parameter exists in both ...

Thanks

Max

Answers (0)

Ask a Question