GRC V10 SPM: login notification

Similar Messages

• Option with GRC 5.3 CUP to consolidate the Login Notif. for Xple Systems

  Hi,
  We are setting up a GRC environment for provisioning accounts for users in Dev and Test  SAP systems. We are planning to use a single request to provision accounts to 15-20 systems simultaneously and we are checking ways to consolidate the login notification to the user.
  With our current setting to auto provision the account, the user will get separate mails for each systems. Is there any tweak that will help in consolidating the different mails for different systems to a single one with the same UID and password.
  I know there may not be any standard way of doing this, but then there can be fresh ideas from experts.
  Thanks, Anil

  Sorry, Anil. There is no way to configure those provisioning emails. You can change the wordings or remove them but you won't be able to consolidate them.
  Regards,
  Alpesh

• Unsuccessful Login Notification Does Not Reset To Zero

  Dear all,
  os: OUL5x64
  ebs R12 12.0.6
  db 10.2.0.4
  when users connect to the application and login with the wrong password
  On 12.0.6 in Production:
  When attempting to login the applications Find that Unsuccessful login notification always
  displays a cumulative count of unsuccessful logins every time. It does not reset to zero
  after you successfully login.
  Please advise how to fix this notification.
  Thanks,

  Hi,
  Please see (Note: 848921.1 - Unsuccessful Login Notification Does Not Reset To Zero).
  Regards,
  Hussein

• GRC v10 AC Owners

  Good day,
       OK, it seems that I am missing something with GRC 10.  We are upgrading from CC4.0 to GRC 10.  I believe I have everything configured through SPRO correctly.  I can run a risk analysis on end users and I get results.  I am now at the point where I put the mitigations into the system but I have seem to run into a snag.  When I go to master data > Mitigation, I start to fill in the information but when I try to add a AC Owner I get "No Results Found".
       I have tried adding a Owner to a risk and then going back, I have also added a user under "Access Management" tab with "Access Control Owners".  I have reviewed almost every node in SPRO and I can not seem to find where I am missing something.
  I am sure it is simple since I can not find any documentation on this almost anywhere.  We are currently running GRC v10 SP5.  We are only planning to use the RAR (5.3 term) portion of AC not the other part (Example: Risk Terminator).  Please let me know if there is a simple solution to get a user populated in the AC Owner tab.
  Kind Regards,
  Paul

  Some of the GRC Roles ..
  SAP_GRAC_ACCESS_APPROVER                   Role for Access Request Approver 
  SAP_GRAC_ACCESS_REQUESTER            Role for End user  
  SAP_GRAC_ACCESS_REQUEST_ADMIN     Role for Access Request Administrator 
  SAP_GRAC_ALERTS                                   Generate, clear and delete SOD Alerts
  SAP_GRAC_ALL                                           Super Admin for AC  
  SAP_GRAC_BASE                                        Base Role for all Access Control Users.
  SAP_GRAC_CONTROL_APPROVER          Create AC MIT control, approve, assign, alert and perform Risk analysis
  SAP_GRAC_CONTROL_MONITOR                 Ability to assign MIT control to Risk and perform risk analysis
  SAP_GRAC_CONTROL_OWNER                 Create AC MIT control.  
  SAP_GRAC_DISPLAY_ALL                         Display Access To All AC Objects.
  SAP_GRAC_END_USER                                     End User as a GRC Guest
  SAP_GRAC_FUNCTION_APPROVER            Approve Function for Workflow  
  SAP_GRAC_NWBC                                            View Access Control Information Architecture. 
  SAP_GRAC_REPORTS                                   Ability to run all AC reports.
  SAP_GRAC_RISK_ANALYSIS                 Ability to Perform Risk Analysis 
  SAP_GRAC_RISK_OWNER                       Risk maintainence And Risk Analysis 
  SAP_GRAC_ROLE_MGMT_ADMIN            Role Management Admin   
  SAP_GRAC_ROLE_MGMT_DESINGER         Role Management Designer   
  SAP_GRAC_ROLE_MGMT_ROLE_OWNER     Role Owner    
  SAP_GRAC_ROLE_MGMT_USER                      Role Management Business User  
  SAP_GRAC_SUPER_USER_MGMT_USER     Super User Firefighter   
  SAP_GRAC_SUPER_USER_MGMT_ADMIN     Super User Administrator Role  
  SAP_GRAC_SUPER_USER_MGMT_CNTLR     Super User Controller Role  
  SAP_GRC_MSMP_WF_ADMIN_ALL     MSMP Overall Administrator   
  SAP_GRC_MSMP_WF_CONFIG_ALL     MSMP Overall Configurator   
  SAP_GRAC_RULE_SETUP                       Ability to define Access Rules 
  SAP_GRAC_SETUP                                    Ability to setup Access Control 
  SAP_GRC_FN_BASE                            GRC - Base role to run applications
  Hope it helps ..
  Vikas

• WebServices in GRC v10.0

  Hi all,
  I have three questions to WebServices regarding SAP GRC v10.0:
  1. Is it possible with v10 to check permissions via WebServices (SAPGRC_AC_IDM_*) only with the RAR component? In v5.3 it was only possible, if CUP was installed too.
  2. Contain the WebService SAPGRC_AC_IDM_RISKANALYSIS in v10 a analysis of critical permissions? In v5.3 only SoDs and critical actions was checked.
  3. What is the task of the parameter includeCrossSystemsAnalysis of the WebService VirsaCCRiskAnalysisService in v10? In v5.3 the value of this WebService has no impact to the SoD check (it SHOULD be:
  includeCrossSystemsAnalysis == true ==> cross system SoD check
  includeCrossSystemsAnalysis == false ==> single system SoD check
  But doesn't matter what's the value of the parameter. There is always a cross system check. Has this changed in v10.0?
  Regards
  Peter

  Hi Peter,
  AFAIK the web services have not yet been published.
  If you had the web service return violations without the requirement for CUP, what would you do with that information?
  I hear that question a lot, I would really like to understand the ideas behind it.
  To one of your other questions: cross system check is only possible for dedicated cross system risks. If there are no such risks defined, this will not yield any results no matter what the value of the parameter is.
  Thanks,
  Frank.

• I want to disable login notification in my browser?

  I enabled login notification, so now I have to name my computer to sign into facebook.

  See http://www.etalkindia.com/talk/computer-software-troubleshooting/257-using-hindi-internet-windows-xp-hindi-typewriter-layout-tutorial.html

• Login Notifications, Email Alert

  I need login notifications just like facebook. I want to know if somebody else is using my skype account. is this too much to ask. This is for everybody's peace of mind. A much needed security please.

  We are installing a PC at a remote location where users have been known to not always play by the rules. The PC will automatically log into a locked down standard user, but there are some users that might want to access the Admin account. We have auditing enabled, but would also like to get an email alert when someone attempts to log into the admin account.I was able to stumble across this article on HowToGeek: http://www.howtogeek.com/123568/how-to-get-email-notifications-whenever-someone-logs-into-your-compu...It explains how to get an email when someone logs in, but not for failed login attempts.The PC is running Windows 7 Pro in a workgroup setup.
  This topic first appeared in the Spiceworks Community

• SAP GRC v10 and OIM 11g SoD

  Hi,
  I need some information about implementing integration with SAP GRC v10 and SoD. Does anyone of you has any experience in that configuration?
  We have only base information in SAP UM Connector doc and on metalink either. Dooes anyone work with SAP GRC v10 and OIM 11g?
  best
  mp

  See if this helps:
  http://www.oracle.com/technetwork/testcontent/oimconnectordatasheet-saperp-134222.pdf
  regards,
  GP

• I have to tell Firefox that I am logging in from "home" every time I log into Facebook. Firefox will not let me unclick ""Send me an email" under Login Notifications in Facebook "My Account" settings. Why? (to both questions)

  I have to tell Firefox that I am logging in from "home" every time I log into Facebook. Firefox will not let me unclick ""Send me an email" under Login Notifications in Facebook "My Account" settings. Why? (to both questions)

  It started last week - I normally use Chrome to play my games in Facebook - but I started getting "Sorry, this feature isn't available
  right now"..... When I used IE..... no problem - a friend said to install Foxfire, which I did, but I made the mistake of having my bookmarks and whatever transferred from Google as it is the browser I used most often and it has all my bookmarks, but
  now it does the same thing when I try to log into Facebook. - I have no problem with any other website.  I deleted both Google and Foxfire and tried to start over - I cleared History and checked all the boxes hoping that this would help - but it did not.
   I can't understand why I can get in with IE, but not Google or Foxfire.  Do you have any suggestions.......
  On Friday, it started working again - and everything was fine.  But on Sunday evening I ran the History Clean in Google and when
  I went to log back in, I couldn't and got the same "Sorry" message and has stayed this way since. 
  I ran a Norton scan of the entire computer, a Hitman scan, a CCleaner scan, ...  all to no avail. Problem still exists.
  I tried to run a restore program prior to the problem, but I am getting error messages like mad.
  there has been two Windows Updates in this time frame and I don't know if this has anything to do with it or not - but my Restore program does not work.
  NYCsDancer -- if its working via Internet Explorer, we can't help you much. Most of the time it has to do with Cookies, or your Java Version. I'd reach out to Google's forums for assistance with Chrome
  https://support.google.com/chrome/?hl=en#topic=3227046
  or Firefox support for assistance with Firefox
  https://support.mozilla.org/en-US/products/firefox
  Or as S.Sengupta said  reach out to the Facebook Help center....
  Entrepreneur, Strategic Technical Advisor, and Sr. Consulting Engineer - Strategic Services and Solutions Check out my book - Powershell 3.0 - WMI: http://amzn.to/1BnjOmo | Mastering PowerShell Coming in April 2015!

• GRC AC v10 SPM WF - Workflow Item not showing up in WF Inbox

  GRC AC v10 - SP12
  The outlook email notification for the Workflow Item goes out, but there is nothing in the NWBC Inbox for the WF Item. Subsitution is setup correctly.
  Any ideas?
  -john

  Hi John
  this is probably be a silly question but what substitution did you set up for ZFF_CTL_01? I assume the item is in that user's inbox. Which user is meant to be receiving?
  I also noticed this KB article (1589130) which mentions the delegated person needs GRAC_REQ authorisation. Have you checked if security access issue?
  There was also mention that the delegated approver does not appear in the MSMP instance runtime (your screen shot suggests same situation unless you have not set up the delegation). SP14 delivers the fix or refer to  1915928 - UAM: Delegated Approver is not visible in the Instance status
  Possibly have a look at both of them to see if they resolve your issue.
  Regards
  Colleen

• Delay sending email to controller regarding FF_ID login notification

  Hi all,
  We have just donde the configuration for SPM and we are experiencing some delay (about 5, 7 minutes sometimes) regarding email notifications to controller when FF_ID login is done.
  Anyone of you have ever experienced this? Is there something that can be configured or depends on the system load?
  Many thanks for all. Best regards and happy weekend.
    Imanol

  Hi,
  It depends on the backend background job frequency which is scheduled for email. Suppose the job is scheduled to run at the interval of five minutes and the login is done just after the completion of job, then mail will wait till next job gets triggered. Check the job schedule.
  Let us know if there is any other reason and solution....because it is just my understanding but not my expereienced analysis.
  Regards,
  Sabita

• GRC AC: regular Email notification about role or account expiration

  Hello all,
  Is it possible to use GRC AC for sending email notifications to users about role or account expiration?
  For example 1 week before SAP account expired.
  Or should we use some external application for this job?
  Thanks,
  Anton,

  Hi Anton,
  CUP is not designed to for sending email notifications to users about role or account expiration.
  If you want this functionality, please open an enhancement request following the note below.
  Note # 1083615 - GRC Access Control Enhancement Process.
  Best Regards,
  Sirish Gullapalli.

• GRC Request Rejected - Closing Notification Incorrect

  Hi All,
  I came across a scenario where if the entire request has been rejected by the approver, then closing notification shows "No provisioning logs avaialble"
  This is wrong as it should show proper message for rejected requests.
  We are on GRC SP13. I found a SAP note which talks about this issue, but it is applicable for SP9.
  1708300 - UAM : Incorrect message in the request closing email
  1594181 - MSMP Notification Closing template correction
  If anyone has come across the same issue, please help with this issue
  Regards,
  Sai.

  Hi Sai,
  Your expectation is correct, but %PROVISIONING% catches the data only once request is processed as per provisioning setting, wherein case of rejections it does not reaches to provisioning stage, so it does not catches reason Rejected/cancelled.
  Solution:
  You can check with SAP to modify the logic for provisioning to catch these reasons through %PROVISIONING% variable through notification rule GRAC_NOTIF_VAR_RULE_AR
  Solution with present situation:
  Remove notification event END_OF_REQUEST from "Process Global Settings"  as well as from notification settings at stage level.
  If you have two stages:
  Notification setting for stage 1:
  Notification Event: Rejected-->>Template ID: GRAC_AR_REJECTED or the custom one if you want text changes-->>GRAC_USER
  Notification Event: Approved-->>select template as per your requirement of notification
  Notification setting for Stage 2:
  Notification Event: Rejected-->>Template ID: GRAC_AR_REJECTED or the custom one if you want text changes-->>Recipient ID: GRAC_USER
  Notification Event (As for last stage): Approved-->>Template ID: GRAC_AR_CLOSE (Standard with variable %PROVISIONING%)-->>Recipient ID: GRAC_USER also for Requester.
  This way user will get provisioning details only for approved requests and text for rejection for rejected requests.
  BR,
  Mangesh

• Failed Login Notification via SMTP

  Hello,
  I am looking for a way to generate an SMTP message in response to a failed login attempt (admin interface access or failed user login attempt). Any suggestion on how I might make this happen is appreciated.
  Thanks.

  Hi.
  I'm not sure what device type you're talking about, but if it's SNMP capable, most IOS devices support traps on failed logins, or if that's not supported, and syslogging is, the device (again, if running IOS) can send a syslog trap for the failed login attempt to a NMS server that supports email notification of events (such as Ciscoworks (LMS)-Device Fault Manager).
  Is this the kind of thing you're looking for?
  HTH,
  -Joe

• GRC 10 Work Inbox Notification or Universal Work List instead of SMTP

  Hi,
  I wanted to check with you all if there is a possibility to get SAP internal Work Inbox or UWL notification instead of outlook/SMTP notification.
  The scenarios this will be required for us are
  1. User ID details communication at the end of the request.
  2. Notification if access is approved/ rejected.
  3. Notification for Firefighter approved or rejected.
  4. BRM role approval notification
  Kindly let me know if we can pull the notification from Outlook/SMTP to internal SAP Mailbox.
  Regards,
  Prasad Chaudhari

  Hi Guru,
  If I am not wrong the items mentioned send notification to outlook/smtp and not work inbox. The work inbox will get request for approval and uar/sod review.
  Are you talking of some parameter/settings to change this behaviour?
  Thanks,
  Prasad Chaudhari