huh?
what should that help?
On 03/07/2010, at 0:12 , Abhiram59 via sap-security wrote:
>
> Posted by Abhiram59
> on Jul 2 at 10:09 AM Mark as helpful
> Hello please find the solution below
>
> Goto SUIM>roles>roles by complex selection criteria then
>
> enter the the authorization object as S_BDC_MONI
>
> then press enter
>
> it will ask for Batch input activity enter AONL
>
> and then enter the given session name then gofor execute
> depends on user group select the role
>
> On Fri, Jul 2, 2010 at 6:33 PM, GRCQuest via sap-security <
> sap-security@groups.ittoolbox.com> wrote:
>
> > Posted by GRCQuest
> > on Jul 2 at 9:05 AM Hi
> > Lucas,
> >
> > Are you running GRC at authorization level or transaction level. If it is
> > at authorization level, in order for the conflict to occur, the profile has
> > to contain the following authoriztion objects and values
> > Auth Obj: V_LIKP_VST, Value of Field: ACTVT = 01 or 02 or 18
> > Auth Obj: V_VBAK_AAT, Value of Field: ACTVT = 01
> >
> > When you look at the detail version of the report of conflicts, it should
> > tell you which role or composite contributes the conflicting values.
> >
> > If you run GRC at transaction level and you can confirmed that the profile
> > do not contains the conflicting values, then you will have to manually
> > declare the conflicts as false positive. This is a known limitation of GRC
> > at transaction level.
> >
> > Let me know if it helps
> >
> > ---------------Original Message---------------
> > From: Lucas
> > Sent: Thursday, June 03, 2010 12:52 PM
> > Subject: GRC issue regarding VA01 and 02 access conflicting with VL06
> >
> > > Hi All,
> > > I am in a situation where we have a inventory display role that contains
> > transactions VL06,VL06F,VL06G, VL06L,
> > > VL06O,VL06P,VL10B,VL10G,VL10H. We have a request for a user to have
> > transactions VA01 and VA02.
> > > While simulating the addition of the sales order access we are getting 18
> > high risk SOD violations
> > > Cover up unauthorized shipment by creating a fictitious sales documents
> > > I'm having a very difficult understanding how a display only role with
> > all activities set to 03 would conflict with the sales order maintenance
> > role.
> > > Any suggestions on what I am missing would be greatly appreciated.
| __.____._ Copyright © 2010 Toolbox.com and message author.
Toolbox.com 4343 N. Scottsdale Road Suite 280, Scottsdale, AZ 85251
| |  henrikmadsen2
SAP Security Helper
Posted helpful replies on 5 threads in a group to earn a Bronze Achievement Related Content White Papers
In the Spotlight  _.____.__ |
Mark as helpful
