Hi Praveen,
I have listed down few activities (may not be comprehensive list) which you can follow when moving GRC Access Control transports from DEV to QAS and PRD.
1. Post Installation steps are very important which need to be executed under Tcodes SWU3, OOCU, PFTC, SWE2 and SWDD
2. Activate relevant SAP ICF services
3. Get all required connectors setup in SM59 and make sure they are working correctly (Connection and Authorization tests). RFC IDs must be SYSTEM user type and in Portal RFC ID must be setup with Security Policy as TECHNICAL USER.
4. If you are using LDAP connector, make sure required access rights are assigned to RFC User ID and connection is working
5. If you are using HANA DB connectors, make sure connections are setup in DBCO tcode and make sure the connection is working correctly. Make sure to run this command for technical users used for connection "ALTER USER <user_name> DISABLE PASSWORD LIFETIME". This is recommended only for technical users only, not for database users that correspond to named User IDs.
For HANA DB, make sure all your SQL objects are transported correctly and synonyms are generated correctly.
6. If you are using Enterprise Portal, then make sure RFC user for portal connection has authorization to security zone on portal
7. If you have used CONNECTOR names as generic names like GRC, S4HANA etc then no need to change anything in connector configuration. Else you need to manage connector settings.
8. Run all Sync Jobs and verify if the data is getting synced.
9. Import all system roles into BRM and update role attributes as per your setup
10. Make sure the rule set is transported or uploaded correctly. Generate the rules and verify if the risk analysis is working correctly.
11. For EAM module, make sure required settings are enabled for Audit logs and Transaction logs in all target systems.
Regards,
Madhu
Bluesky
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.