07-21-2016 4:49 AM
Hi,
ARA has been implemented in our earlier CRM 5.0 system for which access was controlled and risk rules defined at action and permission level. However. the system will be upgraded to CRM 7.0 which will have Business roles linked to PFCG roles for which we will not be able to use the same risk rule set.
I tried looking for some documentation on this topic but wasn't able to find any. Any help or input regarding this would be really helpful.
07-21-2016 5:02 AM
Hi,
if you are talking about CRM Business roles, then
Business roles in CRM system does not provide T-codes/Webdynpro/Services/Auth. objects, but the PFCG linked to the business role does.So, your Ruleset still holds good.
if you talking about GRC Business roles, then PFCG roles assigned to user in CRM, will need to be assigned to GRC Business roles. Then also, your existing Ruleset holds good.
Note: you would have to do Auth. sync for the CRM system.
Regards
Plaban
07-22-2016 8:17 AM
Thanks for your reply. However, as we were earlier maintaining transactions in the Actions tab and their related authorization objects in the permissions tab for CRM 5 but in CRM 7, we do not have those transactions but external services which have alphanumeric names. We aren't able to figure out how to add those to the function.