Access request number pending with which approver in backend?

Similar Messages

• Request Number issue with KEA0

  We are facing  a challenge in translation for COPA values.There is a Tcode KEA0 where COPA values are maintained.We have done the translation( Chinese Language)  and when we save, it was not asking for a transport request.
  Please let me know how do we assign a transport request to this scenario.
  Thanks In Advance,
  Chaitanya.

  Hi Srinivas,
    Try the FM's below:
  POPUP_TO_CONFIRM              
    Standard Dialog Popup
  POPUP_EXTRACTION_DATES        
    Dialog box to confirm any processing step (CONFIRM, POPUP)
  POPUP_TO_CONFIRM_VALUES       
    Dialog box to confirm processing step with object specification
  With luck,
  Pritam.

• Migrating Access Database to Web WITH FORMS (not just backend)

  How difficult would this be, what steps would be involved and is Dreamweaver capable of helping?
  The server uses IIS and ASP so compatibility should be fine with access.
  I have enough of a programming history to replace vbasic code with ASP code if I read about the language, but would like to do the least amount of work required.

  Lets just say that Access and Oracle are completly different animals and leave it at that. What I believe you need to do is:
  1. Create an Oracle Database using the Database Creation Assistant. (Keep all the Defaults, and keep track of any passwords that are used.
  2. Using the System (DBA) account, crate a user to hold the Access Schema (Never create objects in the SYS account and you shouldn't do that with the SYSTEM account either.
  3. Run the Access Migration Workbench.

• How to delete i.e. clear the pending access requests list from Access request page in SharePoint 2013

  Hi Team,
  I am site collection admin of a SP13 site. The issue is we have added some of the users manually after we got requests from them for site access. But this has left those users as pending on Access requests page. We don't want that list to stack up.
  I can not decline those requests as those users will be notified with declined mail. I searched for clearing the list of those pending requests but did't find any guidelines for this. 
  Is there any way I can do this. Any help is appreciated thanks in advance  

  You might consider using PowerShell to remove unwanted items from the "Access Requests" list of the web site.  This list holds all of the access requests including pending, declined and approved.  The following example demonstrates removing
  the first item from the list.  Please note, I'm not aware whether or not there are any negative side effects to removing items from this list so doing so would be at your own risk.
  $web = get-spweb https://yoursharepointsite
  $list = $web.lists["Access Requests"]
  $list.items[0].delete()

• How to generate the request number for the changed  script

  Hi guys
      I am having a reqirement, to modify the script which was already transported to production server. I changed the script, but while saving it is not asking any request number.
      On which request number it is getting saved?
      Or is there any methods to generate the <b>request number for the changed script</b>
       Kindly suggest me the procedure with step by step operation.

  Goto Se03 Transaction : 
  select change object directy entries ->execute->select one empty check box ->FORM-> your form name -Execute->

• Emails not getting trigerrred in access request- request type = user creation

  Hi ,
  Can any one help me with solution why emails are not getting triggered in request->request type = user creation. I.e the L1 manager is not getting email when request is submitted.
  The checked SU01 regarding WF_BATCH email(email is maintained) and the request can able to identify the manager,but the manager is not getting any emails. In audit log, it shows with whom is request is pending with.And it is showing nothing in SOST and SLG1.
  The scenario is : In user creation, for a given user..if position is maintained,im submitting position based request using FM   GRAC_IDM_ORG_ASSG_REQ_SERVICES   else if position is not maintained, im submitting user based request using FM   GRAC_IDM_USR_ACCS_REQ_SERVICES(in user based request, emails are getting triggered).
  Thanks
  KH

  Hi,
  Resolved the issue by appyling Note : 1899422
  Thanks
  KH

• Using HR Hierarchy to Route Access requests in AE 5.2 - Possible? How?

  Hi,
        My Client wants to be able to route the Access requests to the Requestors Manager based on the HR Hierarchy.
  Is it to possible to automatically populate the Manager information based on the Requstor on the requestor screen when my authentication systems is a SAP HR backend, if yes where can I find material on this config.
  The workflows now route the access requests to the the 'Manager Approver' stage - the person selected as Manager by the requestor on th request form.
  Thanks a lot in advance.

  Hi,
                   Can you please clarify what screen you are refrring to for the "A002 vs B012" setting.
  Also is to possible to Add "attributes" that are to be used for determining the next stage in a workflow. We would like to use a Role Rating to determine the workflow..situation explained below.
  The Roles being requested are divided into 3 categories and we would like to have 'manager approver' only and  'Auto Provision' for reporting/display roles (1 category).
  and
  have 'manager approver'  'Role Owner approver' stages, Auto provision for change/create roles(2 category)
  and
  have 'manager approver'  'BPO' approval, 'Role Owner approval' stages and manual provisioning for SoX Critical roles (3 category)
  Any help is greatly appreciated.
  Thank you

• GRC Access requests - Audit Log

  Dear All, GRC access requests is noticed with Provisioning failed messages. Access Request Audit Log is displayed with " Log on Failed / CPI - CALL: ThSAPCMRCV " message ( Screen shot enclosed ). Could you please share an insight on these messages and it's resolution. Thanks raj 

  Dear Raj,
  please check with your basis team if the connection to the system works. Basically it seems like you have a connection error as the log on does not work.
  Regards,
  Alessandro

• HOW TO CONFIGURE MANAGER or APPROVER USER IN ACCESS REQUEST MANAGEMENT TO APPROVE OR REJECT REQUEST

  hi sap gurus,
  i configured grc 10 system successfully. I created one user: GR_AR_APP001 and assign following roles:
  SAP_GRAC_ACCESS_APPROVER
  SAP_GRAC_ACCESS_REQUEST_ADMIN
  SAP_GRC_FN_BASE
  SAP_GRC_FN_NUSINESS_USER
  and I maintained GR_AR_APP001 in access control owners as "POINT OF CONTACT", "SECURITY LEAD" and "WORKFLOW ADMINISTRATOR"
  but when i am creating access request for new user and defining MANAGER under user details tab as GR_AR_APP001.
  the user GR_AR_APP001 is not receiving any request for APPROVE or REJECT in his WORK INBOX.
  can u please guide me how to configure APPROVER or MANAGER to approve or reject request.
  I will be very much thankful if you guide me successfully.

  Hi Colleen,
  thanks a lot for your time.
  PIC1: I created one user: GR_AR_APP001
  and assigned all the GRC ROLES.
  PIC2: I assigned owner type to GR_AR_APP001 user : POINT OF CONTACT, SECURITY LEAD and WORKFLOW ADMINISTRATOR in NWBC ACCESS CONTROL OWNERS
  PIC3: I created one EUP 980 (copied from default EUP)
  PIC4: I maintained default manager as GR_AR_APP001 user in 980 EUP
  PIC5: I selected SAP_GRAC_ACCESS_REQUEST process id
  PIC6: I created one agent id as ZGRAC_MANAGER11 in which I added approver user id: GR_AR_APP001
  PIC7: I saved agent id
  PIC8: I added agent id as ZGRAC_MANAGER11 in stage5 in manager stage.
  PIC9: I saved
  PIC10: I maintained EUP 980 (in which I configured manager as GR_AR_APP001 user) in stage 5 task settings
  PIC11: Maintain Route Mapping, I clicked on next
  PIC12 and PIC13: I saved and activated.
  After this process I created one request for new account and selected the manager as GR_AR_APP001 and one request is created with request no 9000000030.
  now I logged into system by user GR_AR_APP001 and checked, there is no request under his work inbox.
  please guide me at least one procedure, how to receive request in approver work inbox so that I can learn other procedures to configure approver as per our organization requirement.
  thanks for your support Colleen.

• Mitigation assignment approval in Access Request Workflow

  Hi Guys,
  I am currently implementing GRC for one of the clients. I have a question with respect to Mitigation assignment approval in Access Request Workflow.
  Below is the Scenario,
  1) User Submits the request
  2) Manager Approves
  3) Role Owner runs the SOD & finds SOD violations. Role Owner assigns the mitigation controls & approves the request
  Clarification:
  Once the role owner approves , depending on the mitigation controls assigned , can this request be routed to the mitigation control owner for approval in next stage? is this configurable with out custom BRF+ rules ? I know there is a workflow separately  (SAP_GRAC_CONTROL_ASGN) for approval of assignment which I suppose is out side of the Access request workflow.
  Please suggest.

  Pavan,
  more or less - as the control assignment workflow is independent the access request doens't wait. So if the role owner set a mitigation the control workflow starts. If you allow the role owner to approve the access request with risks, means if the risk isn't mitigated, then the role owner can proceed.
  To have your scenario working you must set the following in Access Request workflow: Role Owners are not allowed to approve as long as there are risks. All risks must either be remediated or mitigated before approval. That means if the role owner sets a mitigation the assignment workflow starts. As soon as the mitigation is valid (final approval) the access request can be approved.
  Technically both workflows are independent and don't have a relation to each other. But with some settings you can combine them.
  Does this answer your question?
  Regards,
  Alessandro

• Approving the access request gives error in Sharepoint Foundation 2013 / Email notification codepage problem

  Hello
  On our SharePoint Foundation 2013 server approving Access Requests fails with "request approval failed" after pressing the approve button. The user is site administrator, site collection administrator and site owner.
  In the ulsviewer we see the following error:
  System.NotSupportedException: No data is available for encoding 1033.     at System.Text.Encoding.GetEncodingRare(Int32 codepage)     at System.Text.Encoding.GetEncoding(Int32 codepage)     at Microsoft.SharePoint.Email.SPMailMessageHelper.GetSocialNotificationMailMessage(SPWeb
  web, String senderAddress, String senderName, Boolean useSenderAddressAsFromAddress, String recipientAddress, CultureInfo recipientCulture, String subject, String sidebarHtml, String descriptionHtml, String customMessageHtml, List`1 embeddedAttachments)    
  at Microsoft.SharePoint.SPSharingEmailHelper.SendAccessRequestsEmail(SPCachedItemEventProperties eventProperties, SPUser sender, String message, SPUser recipient, String recipientEmailAddress, String strSubject, String body)     at Microsoft.SharePoint.SPSharingEmailHelper.SendRequestorNotification(SPCachedItemEventProperties
  eventProperties, String objRequestedTitle, SPUser reqByUser, SPUser reqForUser, String message, Boolean isMessageUpdate, Int32 status)     at Microsoft.SharePoint.SPAccessRequestsOperationHandler.HandleStatusChangingToApprove(SPCachedItemEventProperties
  properties, Int32 reqByUserId, Int32 reqForUserId, Int32 newStatus, SPUserCollection users, SPGroupCollection groups, IEnumerable`1 roleDefs)     at Microsoft.SharePoint.SPAccessRequestsOperationHandler.HandleRequestStatusChanging(SPCachedItemEventProperties
  properties, SPUserCollection users, SPGroupCollection groups, IEnumerable`1 roleDefs)     at Microsoft.SharePoint.SPAccessRequestsOperationHandler.ItemUpdating(SPCachedItemEventProperties properties, SPUserCollection users, SPGroupCollection
  groups, IEnumerable`1 roleDefs)     at Microsoft.SharePoint.SPAccessRequests.UpdateItem(Int32 newStatus, SPUser reqFor, String convStr, String permType, Int32 permissionLevel, Boolean extendInvitation, String anonLinkType, SPList accReqList,
  SPListItem item, SPUserCollection users, SPGroupCollection groups, IEnumerable`1 roleDefs)     at Microsoft.SharePoint.SPAccessRequests.ChangeRequestStatusCore(Int32 newStatus, SPUser reqFor, String convStr, String permType, Int32 newPermissionLevel,
  Boolean extendInvitation, String anonLinkType, SPList accReqList, SPListItem request)     at Microsoft.SharePoint.SPAccessRequests.ChangeRequestStatus(Int32 itemId, Int32 newStatus, SPUser reqForUser, String convStr, String permType, Int32
  permissionLevel, Boolean extendInvitation, String anonLinkType, SPWeb web)     at Microsoft.SharePoint.SPAccessRequests.ChangeRequestStatus(Int32 itemId, Int32 newStatus, String convStr, String permType, Int32 permissionLevel)    
  at Microsoft.SharePoint.ServerStub.SPAccessRequestsServerStub.ChangeRequestStatus_MethodProxy(XmlNodeList xmlargs, ProxyContext proxyContext)     at Microsoft.SharePoint.ServerStub.SPAccessRequestsServerStub.InvokeStaticMethod(String methodName,
  XmlNodeList xmlargs, ProxyContext proxyContext, Boolean& isVoid)     at Microsoft.SharePoint.Client.ServerStub.InvokeStaticMethodWithMonitoredScope(String methodName, XmlNodeList args, ProxyContext proxyContext, Boolean& isVoid)    
  at Microsoft.SharePoint.Client.ClientMethodsProcessor.InvokeStaticMethod(String typeId, String methodName, XmlNodeList xmlargs, Boolean& isVoid)     at Microsoft.SharePoint.Client.ClientMethodsProcessor.ProcessStaticMethod(XmlElement
  xe)     at Microsoft.SharePoint.Client.ClientMethodsProcessor.ProcessOne(XmlElement xe)     at Microsoft.SharePoint.Client.ClientMethodsProcessor.ProcessStatements(XmlNode xe)     at Microsoft.SharePoint.Client.ClientMethodsProcessor.Process() 449c7b9c-6cec-f09a-9792-3d76c4d7e351
  The server is running on an English Windows 2012 Server and also the English version of SharePoint Foundation 2013 with the June 2013 CU.
  We see exactly the same error when add users to a group with the option "Send an email invitation" enabled.
  Any ideas what could cause this problems?
  Regards,
  Reinhard

  Hi Reinhard ,
  According to your error message, it says that no data is available after  encoding the social notification mail message. It  should be caused by the E-Mail encoding setting.
  For troubleshooting your issue, please check the character set of your E-Mail Settings:
  Verify that the user account that is performing this procedure is a member of the Farm Administrators group.
  On the Central Administration Home page, click System Settings.
  On the System Settings page, in the E-Mail and Text Messages(SMS) section, click Configure outgoing e-mail settings.
  On the Outgoing E-Mail Settings page, make sure
  Character set setting is  65001(Unicode UTF-8).
  Best Regards,
  Eric
  Eric Tao
  TechNet Community Support

• Security - Can I limit the number of computers which can access a PDF?

  I'd like to set the following specific securities over my PDF document:
  1. Password access
  2. Editing (copy/paste) disabled.
  I already know how to do these two in Acrobat.
  3. Limit the number of computers which can open the document. (i.e. I want to prevent the document holder from sending their copy of the PDF to someone else via email, external hard drive, etc.  Once he/she opens the PDF on their laptop, it can't be opened again on any other cpu)
  4. Expiration (i.e. I want to set a 5/10/15/ or 30-day expiration on the document.  Once it's been opened, it will become inaccessible in 5/10/15/ or 30 days' time.....whichever I would specifiy)
  Can someone help me with the last two items?  Your help is much appreciated.
  --Charles

  If (and this is a big IF) all recipients of your PDFs have digital IDs (PKI-based certificates), you can encrypt your PDFs with certificate encryption. In the encryption workflow you add recipients' certificates (with public key only) to the encrypted document. After that only holders of one of those certificates may be able to open your PDFs. This method does not restrict the documents from opening only on specific CPUs and does not prevent documents from being moved from one location to another but rather restricts the ability to open this document to a pre0defined group of people who are identified by their Digital IDs.
  The caveat here is that all these people need to have Digital IDs and send you their public keys.

• GRC 10 Access request with 'System entry only' goes to escape route

  Hello All Experts,
  I am facing same issue but scenario is different which I found not possible with above solution. If I am submitting request with ONLY system, then request will go to AUTO approve and end.
  1) In change authorizations option, end user submits request with only filling SYSTEM option.
  2) Request goes to 1st Stage people, who will add roles into system
  Existing MSMP no roleowner is used as routing condition here, if role approver not FOUND, request takes  ESCAPE ROUTE and goes to Escape Stage with system option and role(if not defined role owner for it)
  3) If role has owner, it goes to Role Owner.
  Can we remove SYSTEM option from request and send it to NO PATH stage instead of ESCAPE route
  OR
  Is there any better way to handle this?  client do not wants to APPROVE requests with SYSTEM entries but ready to handle requests with no role owner request.
  Please help..  **Urgent**

  1. Look at the following link and ensure you have a similar Initiator created and applied in MSMP.
  GRC Request with both System and Role Line Items
  2. Ensure in MSMP you have "no stages" in the path for "system only" requests. Paths with no stages will work on roughly SP10 onwards (from experience).

• SAP GRC AC ARM -Access Request approval

  Dear Community Members,
  my question relates to practice advise in respect to risk analysis type on access request.
  Can anybody share experience with type of analysis on access request.
  According to SAP HELP we have: In the Analysis Type dropdown list, select the relevant analysis type.
  You use Risk Analysis to determine violations pertaining to the authorizations assigned to the role. For example, when the authorizations result in segregation of duties violations.
  You use Impact Analysis to determine authorization violations pertaining to other roles. That is, the authorizations for the selected role, in combination with authorizations for another role, result in violations
  In particular I am interested when I have requested Role A and Role B with both creates SoD risks, would this be catch by access risk analysis during request creation? Assuming user have no role at backend.
  Thanks,
  Filip

  Hi Filip,
  Yes, your understanding is correct.
  Risk analysis in the access request is intended to find out any sorts of risks associated to the roles in the request inaddition to the roles assigned to the user already.
  When Risk analysis is performed, it will take into account all roles which are added to request and show the correct results.
  You can also run the simulation to see what will happen if the role is assigned to user beforehand.
  Regards,
  Shweta
  SAP - GRC

• Is it possible (and if so, how) to automatically approve Access Requests

  SharePoint 2013 (we are using SP 2013 On-Prem.) provides the ability for users to "request" access to a site, or for Site Members to "share" content with users outside of the current site users.  In both cases, however, the request
  for access/sharing is added to the hidden list Access Requests, and a notification sent to the Site Collection Owner/Administrator, who must then "approve" the request before access is actually granted to the outside user.
  We have a use case where we would like to have any access requests (specifically those initiated by Member users to share content with non-site users) automatically approved.  We still want the Access Request list to track all the requests, but we want
  to somehow set all requests to Approved as soon as they come in, so that the Site Owners/Admins do not become a bottleneck where it takes time for access to be granted.
  Is there any way to accomplish this without the need for custom code? 
  I tried leveraging a SPD-based workflow, but there are not properties on Access Request that seem to represent the Approved/Declined selections available in the Request user interface, so there does not appear to be a way (at least via workflows) to set
  a request  to approved.
  Any ideas/thoughts on how to maybe accomplish this? 

  Don't think there is a way to do this OOB.
  --Cheers