SP12: CUP: Error for requesttype "change" at auto-provisioning

Similar Messages

• SQL Server Agent Jobs error for Slowly changing dimension

  Hi,
  I have implemented Slowly changing dimension in 5 of my packages for lookup insert/update.
  All the packages are running good in SSDT. And when i deployed the project to SSISDB and run the packages all are running successfully. But when i created a job out of that and run the packages, then 3 packages ran successfully and 2 packages failed. 
  When i opened All Execution Report. I found the following error:
  Message
  Message Source Name
  Subcomponent Name
  Process Provider:Error: SSIS Error Code DTS_E_OLEDBERROR.  An OLE DB error has occurred. Error code: 0x80004005. An OLE DB record is available.  Source: "Microsoft SQL Server Native Client 10.0"  Hresult: 0x80004005  Description:
  "Login timeout expired". An OLE DB record is available.  Source: "Microsoft SQL Server Native Client 10.0"  Hresult: 0x80004005  Description: "A network-related or instance-specific error has occurred while establishing
  a connection to SQL Server. Server is not found or not accessible. Check if instance name is correct and if SQL Server is configured to allow remote connections. For more information see SQL Server Books Online.". An OLE DB record is available. 
  Source: "Microsoft SQL Server Native Client 10.0"  Hresult: 0x80004005  Description: "Named Pipes Provider: Could not open a connection to SQL Server [53]. ".
  Process Provider
  Slowly Changing Dimension [212]
  Then i opened Provider package in SSDT and changed the source reading record limit from 4,00,000 to 15,000 in source query and deployed again and run, then the job succeeded. more than 15,000 failed.
  And in the 2nd experiment, I removed slowly changing dimension task and implemented normal lookup for insert/update, and set the source reading limit again to 4,00,000 and deployed again and run, then the job succeeded.
  Now i am not able to figure out, what exactly is the problem with Slowly changing dimension task for more than 15,00 records in SQL Server  Agent Job run?
  Can anybody pls help me out.
  Thanks
  Bikram

  Hi Vikash,
  As i have mentioned in the above post, below 2 scenarios: 
  "Then i opened Provider package in SSDT and changed the source reading record limit from 4,00,000 to 15,000 in source
  query and deployed again and run, then the job succeeded. more than 15,000 failed.
  And in the 2nd experiment, I removed slowly changing dimension task and implemented normal lookup for insert/update, and set the source reading limit again to 4,00,000 and deployed again and run, then the job succeeded."
  That means i am able to connect to sql server.
  But if i change the 1st scenario and read 4,00,000 records, the job fails and shows the above mentioned error.
  Similarly in the 2nd scenario, if i implement SCD look up,  the job fails and shows the above mentioned error.
  And i am consistently reproducing this.
  Thanks
  Bikram

• GRC CUP 5.3 Auto provisioning Error

  Hello All,
  This issue is occurring in development system of GRC and works as expected in Quality systems.
  Development system of CUP Jco's connected to the development ABAP stack and
  Quality Systems of Cup Jco's connected to the QA ABAP stack .
  All the parameters and the configuration are the same in Dev and QA.
  Now the problem we have is at the last approval stage in the workflow after the approver approves the request (Create/Change) It is erroring out in Auto Provisioning stage with the below message :
  Error provisioning your request. Request no: 75. Error occurred in the system(s) : n/a, error details :
  DEVL1120-TEST_A-USER CREATE-Password is not long enough (minimum length: 10 characters)
  DEVL2120-TEST_A-USER CREATE-Password is not long enough (minimum length: 10 characters)
  If the same approvers goes back into the request and re-approves the Autoprovisioning is completed and the request is closed. For every last approver the first time he tries to approve the message he gets the above errors in development and does not receive the same error in QA.
  The password parameters in the ABAP stack and the Portal Security config are same in DEV and QA. I am not sure if I am missing any information. Any suggestion/Help is appreciated.
  Angara

  Raghu Thanks for your response. Yes I checked all the login parameters in both QA & DEV and compared to those that were user defined Vs Default they were the same with no difference. yet the problem occured in Development system.
  I finally figured out the issue and the surprising part was the error that was issued during auto provisioning is very misleading.
  Our Security team had prototyped CUA and connected to the same development client CUP was connected and forgot to remove the child system from the CUA after their demo was complete.
  By utilizing Debug log mechanisim, it showed the error as BAPI that is used by CUP to create the user was failing due to CUA locking the client with no ability to create the users in child system directly , The error displayed had no connection to the password lenght.
  Thank you all my issue has been resolved and back in business.
  Best Regards,
  Angara Rao

• CUP auto provision to position

  Hello Experts
  I hope you can help me on this issue. We have just implemented CUP (SP14) and have set up auto provisioning, indiirect to a position.
  Despite this CUP is provisioning all requests directly to the User ID. There are no error messages to indicate that provisioning to the position has failed or even if it has been attempted. All back end funtionality is standard and working when tested manually. The CUP logs are not showing anything that I can decipher. It is as if the auto provision configuration indirect to the position is being ignored.
  Any ideas what could cause this behaviour?
  Thanks
  Barry

  Hi Jwalant
  Thanks very much for the reply,
  I am using SAPHR as the data source and for authentication. However we only want the user id to authenticate.
  Auto provisioning is set to indirect with position for Global and by System and I have tried Provisioning at end of request and at end of each path. This should work without using the personnel number in the authentication shouldn't it?
  The users Hr information is being pulled into the request without problem. It seems that CUP is making no effort to provision to the position, it just does it to the user every time.
  Any ideas?
  Thanks
  Barry

• Handling Auto-provisioning failure Manually?

  Hi all,
  WE are going with auto-provisioning for ECC and EP systems.
  I am looking for some suggestions,incase auto-provisioning failed due to some reason.
  I tweaked the connector settings in Portal that will throw some error. Then I configured the escape route for 'Auto Provisioning Failure'. The request goes thro' the escape route to the GRC Admin to fix the auto-provisioning issue. But this is delaying our access provisioning process. I am looking for ways to approve and close the request in case of errors.
  Is there a way to let the user provision manually and document the reasons in the comments and close the request?
  I should just approve and close the request without triggering auto-provision incase of errors.
  Can this be done?
  Thanks in advance..
  Kee

  Hi Siri,
  There are two modes in CUP for provisioning manual and auto however it is not possible for  approvers to switch between these two. This configuration is applicable only all the requests.
  If you have auto provisioning off then in all the request approvers will get "Create User or Assign Role" buttons by which they have to do the manual provisioning.
  The error in auto provisioning is not a usual thing which happen in production environment  and when this happen this should be corrected immediately. If this take some time you can create system level  auto provisioning setting where you can disable the auto provisioning for one system which is causing issue in your environment and provisioning in other system will be working automatically.
  Thanks

• CUP Provisions user to SAP successfully but gives "Auto-Provisioning" error

  Hi All,
  I'm getting an "auto-provisioning" error in CUP when a "Change Account" workflow is approved. The strange thing is, CUP does successfully provision the change to the SAP backend. Yet, the "New Account" provisions successfully without the error.
  Here is an example of the audit trail log from Change Account:
  Request submitted for approval by Dylan Hack(HACKDY) on 06/28/2010 17:14 
  Approved By Dylan Hack(HACKDY) Path AE_AUTO_APPROV_ERROR and Stage AE_AUTOPROV_ERR on 06/28/2010 17:14 
     Approved FI_xxxxx-DEV role for Add action with validity dates 06/28/2010-12/31/9999
     Approved FI_xxxxx-DEV role for Add action with validity dates 06/28/2010-12/31/9999
     Approved FI_xxxxx-DEV role for Add action with validity dates 06/28/2010-12/31/9999
     Approved FI_xxxxx-DEV role for Add action with validity dates 06/28/2010-12/31/9999
  Auto provisioned for request on 06/28/2010 17:14 
     User Provisioning failed for System(s) : DEV. Error Message :
     Role: FI_xxxxx assigned to user: testngin in System(s): DEV.
     Role: FI_xxxxx assigned to user: testngin in System(s): DEV.
     Role: FI_xxxxx assigned to user: testngin in System(s): DEV.
     Role: FI_xxxxx assigned to user: testngin in System(s): DEV.
  Request submitted for reroute by system on 06/28/2010 17:14 due to auto provisioning failure 
     Rerouted in the Path : AE_AUTO_APPROV_ERROR and Stage : AE_AUTOPROV_ERR to Path : AE_AUTO_APPROV_ERROR and Stage : AE_AUTOPROV_ERR
  Note: the role names were replaced with "xxxxxxx."
  The system log gives an error, but it is very vague:
  2010-06-28 17:14:34,682 [SAPEngine_Application_Thread[impl:3]_33] ERROR com.virsa.ae.service.ServiceException
  com.virsa.ae.service.ServiceException
       at com.virsa.ae.service.sap.SAPProvisionDAO.intializeWithChangeUserInputParameters(SAPProvisionDAO.java:762)
       at com.virsa.ae.service.sap.SAPProvisionDAO.changeUser(SAPProvisionDAO.java:3457)
       at com.virsa.ae.service.sap.SAPProvisionDAO.changeUser(SAPProvisionDAO.java:3419)
  Any ideas or suggestions?
  Current software level AC5.3 SP12.
  -Dylan

  Hello Varun,
  Thanks for the thought on this. We don't use User Defaults for Change Account, but do for New Account. You question prompted me to do more testing with very interesting results.
  Results
  New Account with User Defaults configured:
  User provisioned successfully, no Auto-Provision error, Defaults NOT provisioned.
  New Account without User Defaults configured:
  User provisioned successfully, no Auto-Provision error.
  Change Account with User Defaults configured:
  User provisioned successfully, no Auto-Provision error, Defaults NOT provisioned.
  Change Account without User Defaults configured:
  User provisioned successfully, Auto-Provision ERROR, Defaults NOT provisioned.
  In both New and Change Account, the configured User Defaults are NOT provisioned even though the user is provisioned. AC5.3 is on SP12, the RTA is VIRSANH SP12 and VIRSAHR SP10.
  For the Change Account, the user is always provisioned regardless of User Defaults; however, when no User Default is configured, the Auto-Provisioning error occurs. The User Defaults NOT provisioning is a real problem, the CUP error message, I can work around for now.
  What about on your side? Am I the only guy using SP12 here?

• CUP Auto Provisioning Error 260: User Comparison

  I am in the process of configuring the CUP 5.3 module within our ECC and SRM environments.  I believe the path and associated stages are established properly.  I have tested the auto provisioning functionality within both SRM and ECC.  As it relates to SRM, the auto provisioning functionality works without a hitch.  However, when I attempt to auto provision a user into our ECC environment, I receive the following error:
  Auto provisioned for request on 04/07/2010 13:41 
     New User: T00522 created on 04/07/2010 13:42 in System(s): DR4-300.
     User attributes changed for User : T00522 in System(s) :DR4-300.
     Role Provisioning failed for System(s) : DR4-300. Error Message : 260:User master comparison incomplete; see long text
  Speaking with out security team, the only time they have seen this issue was when they attempted to map a user, using PFCG, to a role.  However, I informed them that CUP uses SU01.  They have not experienced such an issue using SU01 and clicking on the user comparison button. 
  Interesting point:  The user record is created and roles assigned to user but have a red light indicator by the role within SU01.  However, when the next day rolls around the role has been changed to a Green light, profile assigned and everything is looking good.  Unfortunately, CUP can't seem to register this and when the Role Owner attempts to approve the role / user request again.  The same error occurs and until I can get around this error, the workflow is not closed out nor is the requester notifiied.
  Questions:
  (1)  How can I fix this issue, I assume it will require a security change to be made within the ECC environment?
  (2)  If this issue can't be fixed, can I get around this issue with a detour or other CUP error processing step?

  Denoted below is the log that corresponds to the 260 comparison error.  Does anyone know what access I am missing within the UME.  I have tested this provisioning process, manually, and do not run into a Comparison error within the SU01 screens:
  2010-04-27 13:44:54,748 [SAPEngine_Application_Thread[impl:3]_31] ERROR com.virsa.ae.service.ServiceException: 260:User master comparison incomplete; see long text
  com.virsa.ae.service.ServiceException: 260:User master comparison incomplete; see long text
       at com.virsa.ae.service.sap.SAPProvisionDAO.executeRoleOperation(SAPProvisionDAO.java:1706)
       at com.virsa.ae.service.sap.SAPProvisionDAO.assignRoles(SAPProvisionDAO.java:1458)
       at com.virsa.ae.service.sap.ProvisionSAPUserDAO.provisionInNonCUA(ProvisionSAPUserDAO.java:1232)
       at com.virsa.ae.service.sap.ProvisionSAPUserDAO.provisionRole(ProvisionSAPUserDAO.java:932)
       at com.virsa.ae.service.sap.ProvisionSAPUserDAO.provisionUser(ProvisionSAPUserDAO.java:118)
       at com.virsa.ae.accessrequests.bo.ProvisioningBO.autoProvision(ProvisioningBO.java:216)
       at com.virsa.ae.accessrequests.bo.RequestBO.autoProvisioningForApprove(RequestBO.java:4572)
       at com.virsa.ae.accessrequests.bo.RequestBO.callAEExitService(RequestBO.java:5565)
       at com.virsa.ae.accessrequests.bo.RequestBO.callExitService(RequestBO.java:5339)
       at com.virsa.ae.accessrequests.bo.RequestBO.approveRequest(RequestBO.java:5191)
       at com.virsa.ae.accessrequests.bo.RequestBO.approveRequest(RequestBO.java:4984)
       at com.virsa.ae.accessrequests.actions.RequestViewAction.confirmRequestApproval(RequestViewAction.java:941)
       at com.virsa.ae.accessrequests.actions.RequestViewAction.execute(RequestViewAction.java:103)
       at com.virsa.ae.commons.utils.framework.NavigationEngine.execute(NavigationEngine.java:271)
       at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:431)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
       at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
       at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
       at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
       at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
       at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
       at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
       at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
       at java.security.AccessController.doPrivileged(AccessController.java:219)
       at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:102)
       at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:172)
  2010-04-27 13:44:54,927 [SAPEngine_Application_Thread[impl:3]_31] INFO  com.virsa.ae.accessrequests.bo.RequestAuditHelper : logMajorAction() :   : intHstId : 3068
  2010-04-27 13:44:54,972 [SAPEngine_Application_Thread[impl:3]_31] ERROR no dtos exist which are in the same state as the passing dto
  com.virsa.ae.core.ObjectNotFoundException: no dtos exist which are in the same state as the passing dto
       at com.virsa.ae.workflow.bo.WorkFlowBOHelper.getIfUnapprovedPathExists(WorkFlowBOHelper.java:2662)
       at com.virsa.ae.workflow.bo.WorkFlowBOHelper.handleWFForNewPathStage(WorkFlowBOHelper.java:2516)
       at com.virsa.ae.workflow.bo.WorkFlowRequestRerouteHelper.rerouteRequest(WorkFlowRequestRerouteHelper.java:68)
       at com.virsa.ae.workflow.bo.WorkFlowBO.rerouteRequest(WorkFlowBO.java:614)
       at com.virsa.ae.accessrequests.bo.RequestBO.rerouteRequestForAutoProvisioningFailure(RequestBO.java:6897)
       at com.virsa.ae.accessrequests.bo.RequestBO.approveRequest(RequestBO.java:5239)
       at com.virsa.ae.accessrequests.bo.RequestBO.approveRequest(RequestBO.java:4984)
       at com.virsa.ae.accessrequests.actions.RequestViewAction.confirmRequestApproval(RequestViewAction.java:941)
       at com.virsa.ae.accessrequests.actions.RequestViewAction.execute(RequestViewAction.java:103)
       at com.virsa.ae.commons.utils.framework.NavigationEngine.execute(NavigationEngine.java:271)
       at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:431)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
       at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
       at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
       at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
       at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
       at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
       at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
       at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
       at java.security.AccessController.doPrivileged(AccessController.java:219)
       at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:102)
       at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:172)
  2010-04-27 13:44:55,394 [SAPEngine_Application_Thread[impl:3]_31] INFO  com.virsa.ae.accessrequests.actions.RequestViewAction : confirmRequestApproval() :   : setting context to true, ending context
  2010-04-27 13:44:55,414 [SAPEngine_Application_Thread[impl:3]_31] INFO  com.virsa.ae.dao.sqlj.RequestDataForwardDAO : findTransactions() :   : sbQuery : SELECT REQNO, REQPATHID, STAGE_NAME, FWDED_BY, APRVRID, ITERATION, FORWARD_TYPE, STATUS FROM VIRSA_AE_RQD_WPFWD WHERE REQNO = ?
  2010-04-27 13:44:55,486 [SAPEngine_Application_Thread[impl:3]_31] INFO  com.virsa.ae.dao.sqlj.SAPConnectorDAO : findAllActiveSAPConnectors :   :  going to return no of records= 3
  2010-04-27 13:44:55,495 [SAPEngine_Application_Thread[impl:3]_31] INFO  com.virsa.ae.dao.sqlj.OracleAppsConnectorDAO : findAllActiveORACLEConnectors :   :  going to return ImmutableList(empty)
  2010-04-27 13:44:55,498 [SAPEngine_Application_Thread[impl:3]_31] INFO  com.virsa.ae.dao.sqlj.PACSConnectorDAO : findAllActivePACSConnectors :   :  going to return ImmutableList(empty)
  2010-04-27 13:44:55,502 [SAPEngine_Application_Thread[impl:3]_31] INFO  com.virsa.ae.dao.sqlj.WSConnectorDAO : findAllActive :   :  going to return ImmutableList(empty)
  2010-04-27 13:44:55,505 [SAPEngine_Application_Thread[impl:3]_31] INFO  com.virsa.ae.dao.sqlj.ApplicationDAO : findAllForContext :   :  going to return ImmutableList(empty)
  2010-04-27 13:44:55,532 [SAPEngine_Application_Thread[impl:3]_31] INFO  com.virsa.ae.dao.sqlj.RequestDataSODConflictDAO : findAllForContext(SqljContext ctx)  :   :  going to return ImmutableList(empty)
  2010-04-27 13:44:55,535 [SAPEngine_Application_Thread[impl:3]_31] INFO  com.virsa.ae.dao.sqlj.RequestDataSODConflictDAO : findAllForContext(SqljContext ctx)  :   :  going to return ImmutableList(empty)
  2010-04-27 13:44:55,540 [SAPEngine_Application_Thread[impl:3]_31] INFO  com.virsa.ae.dao.sqlj.RequestDataMitigationDAO : findAllForContext(SqljContext ctx)  :   :  going to return ImmutableList(empty)
  2010-04-27 13:44:55,579 [SAPEngine_Application_Thread[impl:3]_31] INFO  com.virsa.ae.accessrequests.actions.RequestViewAction : pageLoad() :   : INTO the method
  2010-04-27 13:44:55,580 [SAPEngine_Application_Thread[impl:3]_31] INFO  com.virsa.ae.accessrequests.actions.RequestViewAction : pageLoad() :   : request number : 154
  2010-04-27 13:45:14,055 [SAPEngine_Application_Thread[impl:3]_18] INFO  com.virsa.ae.dao.sqlj.RequestTypeDAO : findAll :   :  going to return no of records= 20

• SP12: Auto-provisioning failed for role with action "keep"

  Hi,
  If you want to keep an exisiting role for a user in CUP. It wasn't possible to change the validity of the role. Therefor you have to set parameter 145 value to 1 in database table VIRSA_AE_ERMCONFIG and refresh cache in CUP(solution with SP11).
  But know we have problemes with the auto-provisioning.
  We can enter the other validity of the role and after that the request provisioning failed. In our workflow the request rerouted to the admin because of escape-route settings. All other new roles in the request are assigned well to the user in the backend system.
  Any ideas?
  Many thanks,
  Alexa

  Hi,
  we actually have the same Problem, that changes to the role validity with action "keep" are not provisioned to the SAP system.
  If it is only possible to change the validity with the action "add" it is not possible to limit the validity of a previously unlimited role. Because as you said another role with the new validity dates is simply added to the existing roles.
  The only workaround would be to delete the old role and add a new one with new validity dates. But in my opinion this workaround is not acceptable for the users.
  Best Regards
  Jonas

• How to change P.O. duplication message type from warning to error for Order

  Hi Experts,
  I have a requirment to change P.O. duplication message type from warning to error for Order only not OrderTemplate.  I can easily change message type in BAdI ISA_BASKET_MSGS, but I can't find the parameter to know if it's Order or OrderTemplate (DocType).   If this BAdI is not good way,  is there other way? and how to please?
  Please advise / help..
  Thanks, Jin

  Thanks Easwer for your help. 
  The info for getting status from function is very clear and I followed you instruction and completed the coding in BAdI and tested it successfully .... Thank you very much.  I need to learn where I can see the system status of the template,  i.e.  I1034 (Order Template) or Order or Quotation .....?  if I need to filter out Quotation, I can easily do it in the BAdI.   Could you please provide me more details?
  Thanks again, Jin
  Thanks again, Jin

• Error occurred during WM processing for posting change delivery

  Hi Experts,
  I am getting the following error when i try to create Outbound delivery aginst PO.
  "L9 612 Error occurred during WM processing for posting change delivery"
  Diagnosis
      The indicator AUFER from the delivery type contradicts the
      storage location constellation that was determined by the
      WM system.
      TVLK-AUFER = '<VAR2>'
      WM = '<VAR1>'
  1.Purchase order is Stock transport order ME21N ( UB)
  2.Try to create Outbound using VL10B and i am getting the above error,
  Thanks in advance.
  Cheers...Gopi

  Hi Gopi,
  Looking at problem you discribed, I am assuming you are using the delivery type other than "NL".
  The reason for this error is the indicator "order required" in delivery type defination set to 'X : sales order required' and you have assigned this delivery type to the purshasing document UB in STO customising. So the requirement of delivery defination of having prior document as sales order is conflicting.. so the error is there.
  Resolution:
  Please change the assigned delivery type to NL to purchasing document type UB in SPRO> MM> Purchase order>set up for STO>assign delivery type and checking rule.
  If you have custome delivery type the go to spro> LE> shipping>deliveries>define delivery type
  change the order required from X to "B".
  Hope this will help.
  Regards,
  Sudhir

• CUP - Initiator for roles not requiring approval (i.e. auto provisioned)

  We recently upgraded to GRC 5.3, SP10 and started noticing that using CUP, for roles that should be automatically provisioned (i.e. no approval required), it is taking between 3 minutes 45 seconds to 5 minutes for the request to be successfully submitted and automatically approved with provisioning.   I was wondering if anyone is experiencing simlar system performance
  Our set-up for auto provisioned role requests is as follows:
  1.  Created initiator INI_NO_APPROVE using role for attribute
  2.  Created stage STG_NO_STAGE  with Approver Determinator = No Stage
  3.  Created path definition PATH_NO_APPROVE with number of stages =2 and initiator = INI_NO_APPROVE
  Thanks!

  F.Y.I.
  As per SAP's recommendation - we applied note:1423983 in all target provisioningn systems and this resolved the issue.

• TS2446 Hello!After I've done my last softwere update I couldn't buy or get any free apps on the apps store.There was an error on my paymant method.I reintrodius my data for the credit card and again error for my credit card.I've changed the credit card an

  Hello!After I've done my last softwere update I couldn't buy or get any free apps on the apps store.There was an error on my paymant method.I reintrodius my data for the credit card and again error for my credit card.I've changed the credit card and the same.why???????

  I have tried all those things I even updated the software to the new iOS system and it still did fix my problem.
  What happened is that my garage band looks like it will open then it shuts down.
  I have lot of important things on my garage band and I'm afraid that if I uninstall it deleting it then reinstalling it all my work on it will be gone and I can't have that happen.
  Everyday I am hoping that when i go to open the app that is will work but it doesn't it gets ready to turn on then it shuts off , the app doesn't even open all the way and turns off.
  I really hope I don't have to erase it.
  It'll say it's ,lading my songs then it shuts down .
  If I waited for the App Store to come up with an update for garage band should I wait till then to update my app so it doesn't get damaged . I don't want to erase it and all my data get erased . I figured if I wait for an update then my garage band will reset itself but won't delete my data. I'm not sure if that will help. Is there anything you or anyone else might know that can help me with this matter ?
  Thank you
  Simachyahi

• Complete List of Error Codes for Customized Change Password Page

  Hi,
  does anyone has a complete list of "Change Password Page Error Codes"?
  The list provided in the document:
  Oracle® Application Server Single Sign-On Administrator's Guide
  10g (9.0.4)
  Part Number B10851-01
  seems to be incomplete. (See: http://download-uk.oracle.com/docs/cd/B10464_01/manage.904/b10851/custom.htm#1009955 )
  I found at least three additional / different error codes:
  auth_fail_err
  pwd_minlength_err
  pwd_numeric_err
  I'm using a JSP Page.
  Thanks for help

  Hi,
  I found the list in the OID Admin Documentation. The list contains the error messages the OID sends to the client. In case of SSO, the client for the OID is the SSO server. So now I know which errors are transmitted to the server, I have to find out what the server sends to the SSO Page for Password change. Probably I should test all cases documented in the OID Admin doc to find the appropriate values for SSO Server.
  Thanks for the tip

• GRC 5.3 CUP auto provisioning of Mitigation Assignment in RAR

  Hello,
  Is there any other workflow that needs to be triggered for the auto provisioning of the Mitigation control id assignment to the userid in RAR system from CUP,  upon request completion?
  I created a request that after the final stage of sox approver, got auto provisioned roles assigned to the user id in the SAP system , but it also stated that auto provisioning failed and got re-routed to the detour path of the security admin as I configured in case of auto provisioning failure. When I look at the error log, it states:
  User Provisioning failed for System(s) : XYZ. Error Message : User type TE is unknown
     Role: ROLEA assigned to user: TESTER1 in System(s): XYZ.
  1). So, even though the approved role is being assigned to the user in the backend system, some other stuff is failing at auto provisioning. And I thought it might be the mitigation control assignment to the userid in RAR. I have the mitigation fields/objects active. But how do I ensure the auto-assignment of mitigation control ids also gets assigned on the same request upon sox approval?
  2). The other question is where is the value of the 'controller' stored when configuring a stage for workflow approver determinator in the sox approver stage? Where is this value picked up from? We don't want to use the RAR mitigation approvers or monitors, we want to use a custom approver id from CUP and then the control id to be assigned upon approval automatically to the userid in RAR via CUP request completion during auto provisioning. Is this possible? The only thing failing for us is trying to determine how to create the custom approver determinator for SOX approver in CUP since it asks for 'attribute' value for workflow type 'Compliant User Provisioning' which doesn't make sense for this.
  And then the above error even though the user role assignment is auto provisioning already but still giving the error as I listed above and re-routing to detour path instead of completing the request. Is it due to auto provisioning failure of mitigation control assignment in RAR?
  Thanks in advance,
  Alley
  Edited by: Alley1 on Sep 20, 2011 1:15 AM

  Hi Karell,
     Here is response to your questions:
  I can use the following CAD in an AE workflow: web service to fetch role approvers. I question this as it is merely a RE workflow service : No. As far as I know the web service is only for RE/ERM.
  Can the Risk Analysis be initiated in stage x automatically once stage (x-1) was completed. So no person involved, it is mandatory however, in my opinion there should be no extra person involved to actually press the button "Risk Analysis" : No. There is no way to automate the risk analysis part. Someone will have to click on the button to check for SoD violations. You can configure to run automatic risk analysis when the request is submitted but this is not 100% perfect. If someone adds or removes role during approval phase, it will invalidate the risk analysis which was run during request submission.
  Can somehow the Risk Owners defined in the RAR componed be asked to approve/reject risk that came out of the Risk Analysis described in my previous point. They should only be contacted when there is a risk indicated. : This is possible by following Babak's workflow.
  Regards,
  Alpesh

• CUP - How to handel requests with no auto provisioning

  Dear Friends,
  We are not using Auto-Provisioning in our CUP component.
  We don't know how to handle a situation when although the request was approved at all stages, the provisioning it self (which is executed manually) does not happen (for example, the security manger forgot to do the changes).
  How can we detect those differences ?
  And if we did detect them, is there a possibility to add some comments to a request that was fully approved.
  thanks
  Yudit

  Hi Yudit,
  Not exactly. It is some manual work.
  CUP>>Informer>>Provisioning
  Run these two reports (select specific period):
  Role Assigned / Removed
  User Processed
  Run t-code RSSCD100_PFCG_USER (You find this repot in SUIM).
  Use the same period as above.
  Export the report to Excel. If many entries, create a function to compare the results orilter the result by Action and compare to CUP reports.
  Good luck,
  Vit