Step 1:-Deploy the AC 10.0 web service and you will find the following in WS Navigaton.
Image may be NSFW.
Clik here to view.
Step 2:-Create a G type SM59 connector. This will connect to the above web service for AUTH extraction and password generation.
Image may be NSFW.
Clik here to view.
Step 3:-Create a G type SM59 connector. This will connect to EP’s SPML interface for PROV.
Image may be NSFW.
Clik here to view.
Step 4:-Maintain the Logical port for WS connector in tx LPCONFIG.
Image may be NSFW.
Clik here to view.
Image may be NSFW.
Clik here to view.
Step 5:-Maintain Connector and Connection Types.
Image may be NSFW.
Clik here to view.
WS will be attached to the LPCONFIG end point SPML1 logical port will be same as Target Connector
Step 6:-Define the EP Group (this will be used in field mapping).
Image may be NSFW.
Clik here to view.
Step 7:-Attach both the connectors (WS and SPML) to AUTH scenario.
Image may be NSFW.
Clik here to view.
Make sure that the following classes are attached to the scenario.
Step 8:-Do same for PROV scenario.
Image may be NSFW.
Clik here to view.
Step 9:- And for ROLMG scenario.
Image may be NSFW.
Clik here to view.
Step 10:-Set as Production system.
Image may be NSFW.
Clik here to view.
Step 11:-Create the group field mapping.
Image may be NSFW.
Clik here to view.
Default connector is the one which will make a runtime call to get the F4 for system field names in figure below.
Image may be NSFW.
Clik here to view.
Define the field mapping for the group applicable to all the system in that group (F4 from default connector)
Image may be NSFW.
Clik here to view.
Define the technical parameter mapping .
Step 12:-Synchronize EP SPML Schema.
Image may be NSFW.
Clik here to view.
Connector is the one for SPML we earlier created
Step 13:-Now sync user, roles, auths from EP.
Image may be NSFW.
Clik here to view.
This is from WS connector.
Step 14:- Deploy GRC Portal Content -add-on portal business package GRC_POR which contains the GRC Portal UI elements to access the GRC suite.
Step 15:Deploy GRC Portal Plugin(GRCPIEP)(Must for GRC AC)
Step 16:- Set the system Alias for GRC system in SAP Netweaver Enterprise Portal as follows:
SAP-GRC
SAP-GRC-AC
SAP_GRC(in case of issue-faced by me in SP8)
SAP_GRC_AC(in case of issue-faced by me in SP8)
*In case of GRC PC is activated then system alias must be SAP-GRC & SAP-GRC-PC,for GRC RM SAP-GRC & SAP-GRC-RM.
Step 17:-Create a same user both in GRC and EP and assign following Portal Roles to the user.
a.GRC Access Control
b.ERP Common
Assign Required GRC Roles to the user in the GRC System.
*In case of GRC PC or RM activated assign GRC SUITE & ERP COMMON Portal Role to the user,additionally GRC Internal Audit Management if required by the user.
Procedure for creating user in the Portal for Accessing GRC Roles.
1.Log on as portal user administrator and access the User Administration function.
2.If the user has been created by the User Management Engine (UME) that is connected to the GRC ABAP system, you do not need to create the user in the portal system.
If not, create a new portal user and assign the system to the user in the User Mapping for System Access tab, along with a mapped user ID and password.
3.After creating the user, go to the Assigned Roles tab and assign the role GRC Access Control to the user who has the power user role SAP_GRAC_FN_ALL in the ABAP system, to enable viewing of all the Work Centers.[Only in case of GRC AC is activated].
Hope this was useful. Please use the comments section to share your feedback and questions.