on 10-04-2016 6:19 PM
Hello,
Does anybody know how to restrict the users from appearing when you assign a new Firefighter session?
Obviously the "Filtering" in the available list isn't suitable.... (best not to have them there in the first place).
I have sync'ed all users from the ERP system into GRC but by doing so this has pickup all the leaver records also.
These are defined by the User_Group in SU01 and the Valid_To date with the accounts being locked down.
I ONLY require to pull (sync) the "Active" records to limit the available user selection from the dropdown box for Firefighting.
Having dead records in the list isn't good.
Would also only need to run risk analysis (at user level) only for active records.
Thanks
Jon
(Currently using GRC10.1 - / GRCFND_A V1100 0013 )
Hi Jonathon,
If you want to exclude the locked users from repository object sync the below Note should help you. Can you try implementing this your plug-in system
2007402 - Configuration Parameter for Locked Users in Repository Sync
Regards,
Manju
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
hi,
could you clarify, what you meant by FF session.
Is it assignment of FF id to user by admin? For the expired users, you may remove the the role assigned SAP_GRAC_END_USER and the basic GRAC roles, such as SAP_GRAC_FN_BASE. Then sync these expired users.
This will not make the expired users appear.
Regards
Plaban
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello Plaban,
Yes your right, it's the assignment of FF id to a user by admin. When I've sync'ed the users from the backend ERP, they are not in the SU01 so do not have any roles to remove. It seems a little crazy for the system to pull absolutely everything over regardless. The sync program doesn't allow you to specify any criteria.
Thanks
Jon
Hello Jonathan,
Did you happen to go through this thread which will help you?
https://scn.sap.com/thread/3820829
Regards,
Rakesh Ram M
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.