cancel
Showing results for 
Search instead for 
Did you mean: 

Critical Permission level Risk anlysis in GRC10

Former Member
0 Kudos
908

Hi guys,

I'm creating some permission level risk and function Rules without Action in GRC 10. Some reason it is not working for me, I tried everything but it is not working at all.  Here is what I'm setting up; Create Z function and use ^!ZDEBUG as an Action because there is no T-code involved and then go to the permission page and setup permission group same as Action ^!ZDEBUG. I also tried different name as permission group. As soon as I save

^!ZDEBUG has gone from Action column and it saved without it seems like blank Action column.

I'm not sure what I'm missing?  I also try  "^!ZDEBUG" with double quote but still not working.  I was using S_DEVELOP as an object and ACTVT as field value with 02 and OBJTYPE = DEBUG and try to make this work but some how it gives me such a pain.

We are running SPS17 in GRC 10.  Please advise the correct setting. Thanks in advance.

Regards,

Faisal

Accepted Solutions (0)

Answers (2)

Answers (2)

former_member226273
Active Participant
0 Kudos

Hello,

All seems to be correct, only, as mentioned by Plaban, keep the Actions Empty and use ^! in Permission group.

Kind regards,

Yashasvi

former_member197694
Active Contributor
0 Kudos

Hello,

I assume you referred the below Note for special characters in permission rules,if not kindly check

2130951 - Explanation of ^! characters in Permission Only rules

also check the below threads for similar issue,might be useful

Uploading Critical Permissions in GRC Ruleset | SCN

Regards

Baithi

Former Member
0 Kudos

Hi Baithi,

Thanks for the links and information but still can't get it  to work.  I reviewed  the note  2130951 and it explained two symbols ^! and [PG] and looks like [PG] is used for GRC 10 but I have seen lot of blogs where they said ^! symbol is working in GRC 10.

I tried both but for this ^! prefix  all Action column characters has disappeared after saving but when I used this prefix [PG]  ex... [PG]ZDEBUG] it stays after saving  but can't get any result in Risk analysis even though I created a specific role with the value 02 and OBJTYPE = Debug in it. I also regenerate rules whenever I make changes.

I'm confused because when I inserted this function in my risk ID where I selected Risk type as Critical permission I got error  saying that Action should be blank and if I selected critical Action then it saves without any issue but no results.  Can you please let me know where exactly I'm making mistake? I think I should select critical permission as a Risk Type but then it has to save properly.

Please advice how to get this done!

Regards,

Faisal

Former Member
0 Kudos

Hi ,

do not insert any value(not even prefixed with ^!) in action, while creating functions from NWBC. you can see values in file for 'Function action' prefixed with ^!, after you download org. rules.

i have successfully created Critical Permission risks, by only providing values in Permission tab of function

provide error screenshot of saving Critical Permission risks

Regards

plaban

Former Member
0 Kudos

Thank you guys, I got it with this ^! symbol, without this symbol it will not save it.   Thanks for your help...

Regards,

Faisal