AC10.0 RAR risk analysis

GRC Gurus,
I have configured GRC10.0 for AC and trying to run the risk analysis for role/user level but no data is showing up. I could select the connector and roles, but after running the risk analysis no results are coming up.
Any help is appreciated.
Thanks.

Hello Bhanu,
Will you please let me know the solution ??
Even we are facing the same problem.
We can see the system , also see the roles , the users and also ran the background job to execute the risk analysis to perform user, role ,profile analysis from SPRO.
Also note that we have already uploaded txt files for SOD rules.
When we run the report for any user or any role the result is nill .
Please suggest how did you resolve the issue ??
Can you also tell me how can you generate "rule Id" manually for uploaded risk id ?? from NWBC or SPRO
We tried via  SPRO>GRC>AC-->Access Risk Analysis >Sod Rules>Generate SOD Rules
It ran successfully but the rpeort does not give any output !!
Thanks in advance.
Regards,
Victor

Similar Messages

  • GRC Access Control 5.3 - RAR Risk Analysis in offline mode

    Hi expert,
    I'm trying to do RAR Risk Analysis in offline mode following this guide (https://www.sdn.sap.com//irj/sdn/go/portal/prtroot/docs/library/uuid/20a06e3f-24b6-2a10-dba0-e8174339c47c). But to generate User Action file the ABAP have a problem when try to get a COMPOSITE ROLE field for a Role that is asociate to many Composite role as the unique record consists of fields IDUSER, ROLE and ACTIONFROM . Someone know how we can solve this conflict?
    Best Regards!

    I'm sorry, I think I haven't made myself clear enough. The thing is that the User Action File has a "Composite Role" field and we don't know how fill it when the Single Role belongs to multiple Composite Roles. This is because of the primary key, we can't make multiple records for each userid/role combination, each one with one different Composite Role, such as the following example:
    USERIDX/ROLEX/ACTIONX/ACTIONX/PROFILEX/COMPOSITEROLE1
    USERIDX/ROLEX/ACTIONX/ACTIONX/PROFILEX/COMPOSITEROLE2
    USERIDX/ROLEX/ACTIONX/ACTIONX/PROFILEX/COMPOSITEROLEN
    Should we instead do only one record with all the composite roles? What character should we use to separate the composite role names? A ",", a ";"? For example:
    USERIDX/ROLEX/ACTIONX/ACTIONX/PROFILEX/COMPOSITEROLE1_,_ COMPOSITEROLE2_,_ COMPOSITEROLE3
    Hope I explained myself. Thanks for your help.

  • Can you download RAR Risk Analysis reports to something other than Excel?

    When you run a RAR Risk Analysis and go to export the resulting reports, RAR automatically exports this into an Excel spreadsheet.
    Is it possible to export the reports into some other kind of format/tool?  (SQL would be ideal.)
    We are on GRC 5.3 SP13.
    Thanks.

    Our CMG group runs a company-wide risk analysis 2-3 times a year to use in their SOD Review process.  We are looking into loading this report into QuickView to give them more capabilities with using the report.  QV will work with Excel, but you have to load every spreadsheet and every page separately. 
    We are looking to see if we could download it into some other format that would contain all of the report in just one file.  Would make the QV load easier.  Something like SQL would probably be ideal.
    Thanks.

  • RAR - Risk Analysis - Permission Level - V_VBAK_AAT||AUART - Error

    I have a trouble related with risk analysis at permission level, when the V_VBAK_AAT||AUART is activated in two functions of my customized GRC rule-set (VIRSA_CC_FUNCPRM) for controlling some "document types" for tcodes VA01 and VA02. When I execute this customization in RAR, the system says "No match / No conflicts" for the risks where these functions appear, however performing some queries in the back-end systems, I have realized there are more than 80 users in conflict for some of them, given the fact that they have value '*' in object/field V_VBAK_AAT||AUART.
    At a first time I thought that most probably would be related with the fact that these functions are part of risks that combine 3 and 4 functions at the same time, with OR logical activated in document types, but when I searched for the rules generated for these risks I noticed that only 34.000 rules were generated and this no overpass the limit of 45566 rules defined at RAR. Anyway, I performed some tests reducing the number of possible combinations and, basically, whenever the following line is activated, the outcome is u201Cno conflictsu201D:
    D VIRSA_CC_FUNCPRM FN15 VA01 GRC-C21 V_VBAK_AAT||AUART ZSO ZSO OR 0 null
    If this line is disabled, then, several users with conflicts are reported. As mentioned above, these users have value '*'   for object/field V_VBAK_AAT||AUART, so I do not understand why those users are not reported when the line above is activated.
    I have done the following checks, all of them correct:
    - The user/role/profile synchro has been done and all the users has been stored in table VIRSA_CC_
    - All the lines in VIRSA_CC_FUNCPRM part of my customized rule-set have been correctly inserted in the same Oracle table
    - All the combinations of rules has been created (including VA01 and VA02 with V_VBAK_AAT||AUART)
    Any suggestions?
    Thanks in advance

    I've detected the same problem for the following authorization objects:
    - F_BKPF_BLA||BRGRU
    - V_VBRK_FKA||FKART
    - M_MSEG_BWE||WERKS
    RAR reports no conflicts (at authoriztion level) when these objects are activated (of course having users with these conflicts in back-end systems)
    This problem has been proved in the installation of different customer with SAP GRC Access Control 5.3 SP12.
    Anybody else has experienced this issue????

  • GRC 5.3: CUP risk analysis VS. RAR risk analysis

    I've installed and configured RAR and CUP.  When I do a risk analysis simulation in RAR on a user for adding a role, it comes back with no conflicts.  When I go into CUP and make a new request for adding the same role to the same user, it comes back with risk violations, but it looks like they are critical actions that are being flagged.  Why is there a discrepancy, and how do I go about getting the same risks in CUP as I do in RAR?

    >
    Frank Koehntopp wrote:
    > I guess the behaviour is on purpose.
    >
    > In RAR, you can do a selective analysis on only one kind of risk. You usually only need to do that in the remediation process, where this kind of selection is helpful to track down the root cause (although I'd like to have an ALL option in RAR as well...)
    >
    > In CUP, you do want to see any kind of risk that might arise from a role assignement to a user.
    >
    > I have to say, I can not really understand why you'd want to switch off critical action or permission risks here. The user analysis in RAR and CUP serve two different purposes, hence I cannot see a bug here. If you have defined critical risks, why would you not want to see them???
    Hi Frank,
    I understand your point, but we are in the same situation as the others. We do not want to see Critical Action Risks in CUP because this is a separate process (for us) than Permission Level Risks Analysis piece. With our current structure, our Security Admins use RAR to run Permission Level Risk Analysis and mitigates appropriately. A separate compliance group uses the Critical Action reports to see who has what Critical tcodes, etc. We do not mitigate these "risks," we more or less use it as a report.
    I do not understand what you mean when you say "The user analysis in RAR and CUP serve two different purposes" - I feel it should be the same purpose, to ultimatley simulate if adding security to a user will cause SOD violations. If I have CUP configured to do Permission Level Analysis, that's all I want to be seeing in CUP.
    Let me know if I need to clarify further.

  • RAR Risk Analysis Issue in Background Mode - "Failed to Display Result"

    Hi,
    I have strange problem in RAR.
    When I run risk analysis for 20 users in background mode, the job got successful but the spool file is empty. But at the bottom of page there is a message:  "Failed to Display Result".
    The Job log is showing the following message couple of times:
    WARNING: ./virsa/bgJobSpool/19.i (No such file or directory)
    java.io.FileNotFoundException: ./virsa/bgJobSpool/19.i (No such file or directory)
         at java.io.FileInputStream.open(Native Method)
         at java.io.FileInputStream.<init>(FileInputStream.java:129)
         at java.io.FileInputStream.<init>(FileInputStream.java:89)
         at java.io.FileReader.<init>(FileReader.java:62)
    But When I try to run for few users (like 6 memebrs where selection criteria is AUDIT*) in same way, the spool details got displayed this time. But the log is showing strange error messages this time:
    Nov 15, 2010 3:53:53 PM com.virsa.cc.common.util.ExceptionUtil logError
    SEVERE: null
    java.lang.NullPointerException
         at com.virsa.cc.comp.wdp.IPublicBackendAccessInterface$IAuthForUserInputElement.wdGetObject(IPublicBackendAccessInterface.java)
         at com.sap.tc.webdynpro.progmodel.context.NodeElement.getAttributeAsText(NodeElement.java:888)
    Nov 15, 2010 3:53:55 PM com.virsa.cc.dataextractor.bo.DataExtractorSAP getObjPermissions
    FINEST: getObjPermissions: elapsed time=1436ms
    Nov 15, 2010 3:53:55 PM com.virsa.cc.common.message.util.MessagingHelper getMessage
    INFO:
    ********msg: 'com.virsa.cc.common.message.dao.dto.MessageDTO@34d834d8'
    Any ideas please?

    Hi Alpesh,
    You are correct. The issue is due to multi node environment.
    But when I tried to define a custom spool folder path: usr/sap/<SID>/<Instance No>/log/virsa/bgJobSpool (in RAR - Miscellaneous - spool files location for background jobs) & run the risk analysis report in background mode, still RAR is saving the spool files in default location only.
    Can you suggest me if I am wrongly defining the location of folder?
    Should we define the complete location of the folder i.e starting with drive letter or path starting with user/* is sufficient?
    Regards,
    Dasarad

  • CUP-RAR Risk Analysis error

    Hello experts,
    When an approver does risk analysis for adding a role to a user in CUP before approval, the system shows 0 risk(0 risks found), However when the role is added to the user in RAR simulation, there are Risks.
    Similarly,
    When an approver does risk analysis for a role in CUP before approval, the system shows 0 risk(0 risks found), However when the role is analysed in RAR, there are Risks.
    I have checked the Org Rules parameter in RAR (It was set to No as we are not using Org Rules).
    When I set the org rule parameter to Yes, I got exception " Risk analysis failed: EXCEPTION_FROM_THE_SERVICEInconsistency Org Rule Analysis Flag Parameter". I reset the parameter to NO.
    Many thanks,

    Hello Raghu
    Here is the note number: Note 1168120 - Risk Analysis and Remediation 5.3 Support Package (VIRCC).
    Also I would suggest going to:
    1. CUP - configuration -Risk analysis - And see if the web service link for Risk analysis is correct.
    Better would be to go to Netweaver Administration -Webdynpro console -and get the correct link.
    2. CUP -configuration - Mitigation and here also put the correct link for all four options there i.e. (Risk analysis, Mitigation etc),
    Hopefully this should solve the problem .I donu2019t think it is related to org level.
    If problem still persist, kindly paste the log.
    Best Regards
    Asheesh

  • AC10 - Auto risk analysis and auto mitigation

    Hi,
    I was wondering if it is possible to
    - run an automatic risk analysis at the end of an approval stage of the workflow, the same way it is possible to configure at the time of request sending?
    - automatically put a mitigating control in the request for the risks found?
      In our case, there is only one mitigating control for each risk and the assignment of the control is an unnecessary manual task to perform. The mitigation assignment will be approved in a seperate WF by the mitigation owner.
    It seems there is no out of the box solution to this, so any alternative suggestions are welcome.
    Thanks,
    Daniela

    Hi Daniela,
    If I may give my opinion, I would probably break your question down into 2 parts.
    1) Auto Risk analysis at the end of a stage - Making "Risk Analysis Mandatory" at that stage is probably the method. Unfortunately this does mean clicking one or two buttons (so not fully automated). Think AC uses this method to ensure the reviewer is aware of the conflicts caused etc.
    2) Auto Mitigation - For a business access workflow in a 'Live' situation, this is probably not a good idea,  as analysing and making the decision on whether to proceed with the request should really be performed by an actual person responsible for that stage in the work flow e.g. Role Owner or Security Lead etc. You would not want to mitigate all risks automatically (if I have understood correctly that you have a mitigation per risk ID). In theory, an automated mitigation process would mitigate all risks without discrimination.
    On a side note, there is a configuration setting under SPRO for Access controls as follows
    "Risk Analysis- Access Request : Param ID 1072 - Mitigation of critical risk required before approving the request". By enabling this configuration, you could force a mitigating control to be applied to any user requesting Critical Access.
    Hope this helps.

  • SAP GRC AC 5.3 - RAR Risk analysis Error Log

    Hi
    i have scheduled the background job for full sync risk analysis for the first time . the job ended with status error . critical analysis, user,role and profile action analysis is shown 100% . but the user permission analysis shows 49% , role and profile permission analysis show 97% each . where can i check the log for the errors . do i need to run the whole risk analysis job again ? when i check the management reports , risk violations are shown as zero . Please let me know how i can proceed at this stage . thanks
    Regards
    Prasad

    Thanks.
    First time please do for all users. I assume this was first time and it failed, so i will suggest you scheudle for all.
    once these are done, then periodic jobs should be increamental.
    few tips :
    - schedule user sync separate job and once it finish only then scheudle role sync and when role sync finishes, only then schedule profile sync
    - always select system ids from search help (which is F4 in ABAP)
    - best scheudle one job per system id, so that when failure occurs, so that error analysis is easy
    regards,
    Surpreet

  • Risk Analysis failure in CUP

    Hi Experts,
    We have upgraded our sandbox from GRC Access Controls v5.2 to version v5.3 SP7. I am now getting the following error when doing CUP Risk Analysis to RAR:
    Risk analysis failed: Exception from the service : Risk Analysis failed
    Any ideas?
    The Connection Names are the same for CUP and RAR.
    Here is the CUP log for the error:
    2009-05-11 17:17:12,562 [SAPEngine_Application_Thread[impl:3]_36] ERROR com.virsa.ae.core.BOException: Exception from the service : Risk Analysis failed
    com.virsa.ae.core.BOException: Exception from the service : Risk Analysis failed
         at com.virsa.ae.accessrequests.bo.RiskAnalysisBO.findViolations(RiskAnalysisBO.java:199)
         at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.doRiskAnalysis(RiskAnalysisAction.java:1073)
         at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.doAnalysis(RiskAnalysisAction.java:300)
         at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.execute(RiskAnalysisAction.java:109)
         at com.virsa.ae.commons.utils.framework.NavigationEngine.execute(NavigationEngine.java:271)
         at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:431)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.doWork(RequestDispatcherImpl.java:321)
         at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:377)
         at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:461)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
         at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
         at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
         at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
         at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
         at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
         at java.security.AccessController.doPrivileged(Native Method)
         at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:104)
         at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:176)
    Caused by: com.virsa.ae.service.ServiceException: Exception from the service : Risk Analysis failed
         at com.virsa.ae.service.sap.RiskAnalysisWS53DAO.determineRisks(RiskAnalysisWS53DAO.java:586)
         at com.virsa.ae.service.sap.RiskAnalysis53DAO.determineRisks(RiskAnalysis53DAO.java:119)
         at com.virsa.ae.accessrequests.bo.RiskAnalysisBO.findViolations(RiskAnalysisBO.java:182)
         ... 24 more

    Hello All,
    I am having the same issue in CUP
    EXCEPTION_FROM_THE_SERVICERisk Analysis failed
    com.virsa.ae.core.BOException: EXCEPTION_FROM_THE_SERVICERisk Analysis failed.
    The Password for the web service has not expired or the URI is the same as the CCRiskanalysis service and as well the connectors have the same name in RAR & CUP.
    It worked till yesterday and stopped working suddenly. Any help is appreciated.

  • RAR: Error message while running role risk analysis.

    Hi All,
             We are implementing RAR 5.3. When running permission level risk analysis we get the following error message:
    "Error while executing the Job:Cannot assign a blank-padded string to host variable 1.u201D
    This happens only at permission level for just one single role and for all the composite roles that contain this one.
    The rules were generated without any issue and we cannot find anything unusual on that particular single role.
    Any ideas of what could be the cause of this error?

    Hi Iliya:
              Please find below the job log with the detailed error description:
    Mon Dec 15 10:06:37 GMT-02:00 2008 : -----------------------Scheduling Job =>233---------------------------------------------------------------
    Mon Dec 15 10:06:37 GMT-02:00 2008 : --- Starting Job ID:233 (RISK_ANALYSIS_ADHOC) - mm:user10
    Mon Dec 15 10:06:37 GMT-02:00 2008 : ----------- Background Job History: job id=233, status=1, message=mm:user10 started
    Mon Dec 15 10:06:37 GMT-02:00 2008 :  Job ID:233 : Exec Risk Analysis
    Mon Dec 15 10:06:37 GMT-02:00 2008 : Start Analysis Engine->Risk Analysis .....  memory usage: free=1571M, total=1962M
    Mon Dec 15 10:06:38 GMT-02:00 2008 : Rule Loader Syskey => *
    Mon Dec 15 10:06:38 GMT-02:00 2008 : No of Systems=1
    Mon Dec 15 10:06:51 GMT-02:00 2008 : Action rules cache loaded: memory used in cache=56M, free=1512M, total=1962M
    Mon Dec 15 10:06:51 GMT-02:00 2008 :  Job ID:233 : Rules loaded,  elapsed time: 13694 ms
    Mon Dec 15 10:06:57 GMT-02:00 2008 :  Job ID:233 :
    Mon Dec 15 10:06:57 GMT-02:00 2008 :  Job ID:233 : Analysis starts: MM:USER10
    Mon Dec 15 10:07:16 GMT-02:00 2008 : Auth Map cache reloaded successfully
    Mon Dec 15 10:07:32 GMT-02:00 2008 : Cannot assign a blank-padded string to host variable 1.com.sap.sql.log.Syslog.createAndLogOpenSQLException(Syslog.java:85)
    com.sap.sql.log.Syslog.createAndLogOpenSQLException(Syslog.java:124)
    com.sap.sql.types.VarcharResultColumn.setString(VarcharResultColumn.java:66)
    com.sap.sql.jdbc.common.CommonPreparedStatement.setString(CommonPreparedStatement.java:511)
    com.sap.engine.services.dbpool.wrappers.PreparedStatementWrapper.setString(PreparedStatementWrapper.java:355)
    com.virsa.cc.xsys.util.ObjTextReader.lookupByKey(ObjTextReader.java:353)
    com.virsa.cc.xsys.util.ObjTextReader.getFieldValueDesc(ObjTextReader.java:261)
    com.virsa.cc.xsys.riskanalysis.AnalysisEngine.insertPermReportLines(AnalysisEngine.java:2286)
    com.virsa.cc.xsys.riskanalysis.AnalysisEngine.outputPermissionViolation(AnalysisEngine.java:1858)
    com.virsa.cc.xsys.riskanalysis.AnalysisEngine.performActPermAnalysis(AnalysisEngine.java:1182)
    com.virsa.cc.xsys.riskanalysis.AnalysisEngine.riskAnalysis(AnalysisEngine.java:243)
    com.virsa.cc.xsys.riskanalysis.AnalysisEngine.riskAnalysis(AnalysisEngine.java:207)
    com.virsa.cc.xsys.bg.BgJob.runJob(BgJob.java:305)
    com.virsa.cc.xsys.bg.BgJob.run(BgJob.java:183)
    com.virsa.cc.xsys.riskanalysis.AnalysisDaemonBgJob.scheduleJob(AnalysisDaemonBgJob.java:154)
    com.virsa.cc.xsys.riskanalysis.AnalysisDaemonBgJob.start(AnalysisDaemonBgJob.java:81)
    com.virsa.cc.comp.BgJobInvokerView.wdDoModifyView(BgJobInvokerView.java:434)
    com.virsa.cc.comp.wdp.InternalBgJobInvokerView.wdDoModifyView(InternalBgJobInvokerView.java:1223)
    com.sap.tc.webdynpro.progmodel.generation.DelegatingView.doModifyView(DelegatingView.java:78)
    com.sap.tc.webdynpro.progmodel.view.View.modifyView(View.java:337)
    com.sap.tc.webdynpro.clientserver.cal.ClientComponent.doModifyView(ClientComponent.java:480)
    com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.doModifyView(WindowPhaseModel.java:551)
    com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.processRequest(WindowPhaseModel.java:148)
    com.sap.tc.webdynpro.clientserver.window.WebDynproWindow.processRequest(WebDynproWindow.java:335)
    com.sap.tc.webdynpro.clientserver.cal.AbstractClient.executeTasks(AbstractClient.java:143)
    com.sap.tc.webdynpro.clientserver.session.ApplicationSession.doProcessing(ApplicationSession.java:299)
    com.sap.tc.webdynpro.clientserver.session.ClientSession.doApplicationProcessingStandalone(ClientSession.java:711)
    com.sap.tc.webdynpro.clientserver.session.ClientSession.doApplicationProcessing(ClientSession.java:665)
    com.sap.tc.webdynpro.clientserver.session.ClientSession.doProcessing(ClientSession.java:232)
    com.sap.tc.webdynpro.clientserver.session.RequestManager.doProcessing(RequestManager.java:152)
    com.sap.tc.webdynpro.serverimpl.defaultimpl.DispatcherServlet.doContent(DispatcherServlet.java:62)
    com.sap.tc.webdynpro.serverimpl.defaultimpl.DispatcherServlet.doGet(DispatcherServlet.java:46)
    javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
    javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
    com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
    com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
    com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
    com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
    com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
    com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
    com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
    com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
    com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
    com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
    com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
    java.security.AccessController.doPrivileged(Native Method)
    com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:102)
    com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:172)
    Mon Dec 15 10:07:32 GMT-02:00 2008 : Cannot assign a blank-padded string to host variable 1.com.virsa.cc.xsys.bg.BgJob.runJob(BgJob.java:309)
    com.virsa.cc.xsys.bg.BgJob.run(BgJob.java:183)
    com.virsa.cc.xsys.riskanalysis.AnalysisDaemonBgJob.scheduleJob(AnalysisDaemonBgJob.java:154)
    com.virsa.cc.xsys.riskanalysis.AnalysisDaemonBgJob.start(AnalysisDaemonBgJob.java:81)
    com.virsa.cc.comp.BgJobInvokerView.wdDoModifyView(BgJobInvokerView.java:434)
    com.virsa.cc.comp.wdp.InternalBgJobInvokerView.wdDoModifyView(InternalBgJobInvokerView.java:1223)
    com.sap.tc.webdynpro.progmodel.generation.DelegatingView.doModifyView(DelegatingView.java:78)
    com.sap.tc.webdynpro.progmodel.view.View.modifyView(View.java:337)
    com.sap.tc.webdynpro.clientserver.cal.ClientComponent.doModifyView(ClientComponent.java:480)
    com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.doModifyView(WindowPhaseModel.java:551)
    com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.processRequest(WindowPhaseModel.java:148)
    com.sap.tc.webdynpro.clientserver.window.WebDynproWindow.processRequest(WebDynproWindow.java:335)
    com.sap.tc.webdynpro.clientserver.cal.AbstractClient.executeTasks(AbstractClient.java:143)
    com.sap.tc.webdynpro.clientserver.session.ApplicationSession.doProcessing(ApplicationSession.java:299)
    com.sap.tc.webdynpro.clientserver.session.ClientSession.doApplicationProcessingStandalone(ClientSession.java:711)
    com.sap.tc.webdynpro.clientserver.session.ClientSession.doApplicationProcessing(ClientSession.java:665)
    com.sap.tc.webdynpro.clientserver.session.ClientSession.doProcessing(ClientSession.java:232)
    com.sap.tc.webdynpro.clientserver.session.RequestManager.doProcessing(RequestManager.java:152)
    com.sap.tc.webdynpro.serverimpl.defaultimpl.DispatcherServlet.doContent(DispatcherServlet.java:62)
    com.sap.tc.webdynpro.serverimpl.defaultimpl.DispatcherServlet.doGet(DispatcherServlet.java:46)
    javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
    javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
    com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
    com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
    com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
    com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
    com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
    com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
    com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
    com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
    com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
    com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
    com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
    java.security.AccessController.doPrivileged(Native Method)
    com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:102)
    com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:172)
    Mon Dec 15 10:07:32 GMT-02:00 2008 : Job ID: 233 Status: Error
    Mon Dec 15 10:07:32 GMT-02:00 2008 : ----------- Background Job History: job id=233, status=2, message=Error while executing the Job:Cannot assign a blank-padded string to host variable 1.
    Mon Dec 15 10:07:32 GMT-02:00 2008 : -----------------------Complted Job =>233---------------------------------------------------------------
    Regards.
    Leandro.

  • AC 5.3 RAR - combined risk analysis reports for regular auth. and SPM auth.

    Dear All,
    we have users that have regular day-today authorization and also FF authorization.
    Does the Batch Risk Analysis takes into account both authorizations when doing the risk analysis for those users ? will we see it in the reports ?
    Thanks
    Yudit

    ok, so basically the answer is no, in the RAR components we do not have risk analysis for the combinations of the roles assigned to the user and to his FF ID.
    in that case, at what stage does the system checks for those combined risks ?
    is it checked when we manage the risk analysis phase in the CUP request that is asking to assign the FF ID to the user ?
    thanks
    Yudit

  • Different Risk Analysis Results with the same user from 2 different RAR

    Hi..
    I've loaded the same Risks, Rules, etc, into 2 GRC RAR environments (Sandbox and Quality systems); both of them are connected with the same SAP ECC system. But when I do a User Risk analysis (authorization level), the result from Sandbox is different from Quality system. I donu2019t have users or roles mitigated yet, users are synchronized, rules are exactly the same and I donu2019t know what happen??... Please, help me.
    Thanks...

    Hi...
    If I do a Full Sync of users to the same ECC system from both RAR boxes, I got different number of users loaded (i.e. 18757 vs. 18141), similar case with the full sync of roles. (13100 vs.  13150).
    If I load exactly the same set of functions to both RAR systems and I generate the rules, I got the same problem, different number of rules is generated.
    I've verified both RAR configuration and they are the same (excluded users, roles mitigated, etc.)
    Is it a normal behavior? What could be wrong?
    Thanks in advance!!

  • User risk analysis offline mode in RAR

    Hello colleagues
    We are in AC SP14 and trying to perform RA via risk analysis-> user level. When the offline analysis parameter is set to YES we don't receive results, when the offline analysis parameter is set to NO we receive results but they are partiialy in comparison the the results we receive for the same user in the management view -> user violation report.
    So our question is:
    1.     Why the offline analysis=YES is not showing any data when all the prerequisites were performed (the background RAR sync/risk analysis/management view jobs are finished successfully and the configuration parameter of offline analysis is set to yes)?
    2.     Why the offline analysis=NO is not showing the same results as in the management view user violation report that was updated a just 10 minutes before?
    We viewed notes number 1544338 and 1126251 and all is configured an maintained as needed.
    Best Regards,
    Shira

    Hi Saurabh,
    Kindly check the below SAP notes.
    SAP note 1731579-- RAR 5.3 BRA job fails after about 4% - 6% of completion
    1727751 - Alert generation job fails with message "Error in  Alert Generation
    Hope this helps.
    Best Regards,
    Saksham

  • Error during Full Synch Batch Risk Analysis - RAR

    Hi All,
    We are implementation SAP GRC AC 5.3 - SP 9 - RAR
    Currently we have uploaded the text objects and permission objects and performed full sych for User, Roles & Profile with the backend system and it was successful
    Then we have uploaded all the RAR Standard text files for SoD Rules and scheduled a Full Sych for Batch Risk Analysis as a post installation activity. But we got an error as below after 85% of completion and the background job failed.
    WARNING: Error: while executing BatchRiskAnalysis for JobId=12 and object(s):T-RD470878: Skipping error to continue with next object: Batch rolled back. Caused by java.sql.BatchUpdateException: ORA-01653: unable to extend table SAPSR3DB.VIRSA_CC_PRMVL by 8192 in tablespace PSAPSR3DB
    Can somebody please help us in resolving the above error message. Is it something to do with the table space availablity ?
    What are the consequences if we have not scheduled the Full Synch Batch Risk Analysis and start using the tool.We have to add some custom t-codes to the Standard rule set thereby tailoring it to the business requirement.
    Thanks and Best Regards,
    Srihari.K

    Sri,
       As Gangadhar mentioned this is a tablespace issue. You need to make sure to have enough space while running full sync risk analysis job. Please extend your database space and run the risk analysis job again.
    Regards,
    Alpesh

Maybe you are looking for

  • Read a text file and put the text in a TextEdit UI

    I have found code sample for reading file inside webdynpro, but I can't manage to make it works with a text file on the web (ex.: "http:/.../file.txt"). Can someone post the exact code needed for that? Thanks!

  • How to ungroup a set of pictures in playback on powershot sx60

    I often hit the wrong button an a group of pictures I shot get into group set playback.  I cannot find in the manual how to ungroup these pictures - which then stops me from magnifying a image in playback to check it out.  Is there a way? Rose Solved

  • CS5 doesn't exit when GUI closes

    When I close CS5, the user interface disappears correctly but the process continues in the background using up CPU time until I close it with Task Manager. This also happens with Encore.  I've talked to support but they don't seem to have any idea. I

  • Ovi Mail, I can log in, but keep getting asked to ...

    I'm at the end of my tether here, Nokia keep refering me to Yahoo and Yahoo keep refering me to Nokia, what a shambles. As you can plainly see, because I can write this post I'm logged in. Now when I try and access my inbox all I get is a Yahoo! sign

  • Satellite A300-PSAGCE: DVD drive disappear in Win 7

    Ther's any driver thath can solve this problem ?