GRC10 Centralized Emergency Access (Firefighter) prompting to enter username/password

Article revised on – 10-Jan-2014

For many of you this might be a very old issue, but in the recent past I’ve got a couple of emails from my old friends and SAP Security Expert fans. Hence, I thought the solution for this issue deserve a place in this blog.

After following the  post configuration steps of GRC Emergency Access component, you might experience this issue. EAM will  prompt to enter username and password while trying to login to the target system.

This is a known issue in GRC AC 10 SP 06 (ofcourse the current patch level is SP 09) which can be resolved by implementing SAP Notes 1652880, 1655493, 1650687 and 1643539. Implement these notes only if you are on SAP GRC AC10 SP06, else you can proceed with implementing the SAP User Logon Exit. SAP had provided more detailed explanation and the procedure of modifying the user exit in the SAP Note 1545511.

The below content was added on 10-Jan-2014:

I still infer that many of you are experiencing this issue even with the latest SP level. After a detailed study, I understand that the issue is mostly occurring in the systems where CUA is configured.

My first recommendation is to refer SAP note # 1701047.

Further, the RFC connection type should be “Trusted” connection, (means the Trusted = Yes option should be checked and maintained in the backend system). The communication user details should also be maintained in the Logon & Security tab of the RFC connection.

Incase if the issue still persists, you may look at the below alternative solution too:

  1. Change the SCUM settings from Global to Every where?
  2. Change the profile parameter login/password_change_for_SSO value to 0 in RZ11. This parameter suppresses the pop up for password change and it directly takes to NWBC screen. If the parameter cannot be changed and throws the error ‘Invalid value 0 for parameter’, apply the note 1633408 to fix this BASIS issue. (SAP Note: 1736116 – Password change window pops up after Firefighter ID launches NWBC)
Raghu Boddu

Author - Raghu Boddu


Raghu Boddu is a SAP Certified Technology Professional (Security), Comptia Security+ , ITIL V3 Foundation, and PRINCE2 Certified. He is an SAP Security/GRC solution architect with rich expertise in implementation & redesigning of Security in SAP. He is also a master in SAP Forensic Security. He is a regular blogger on topics like Security, Governance & Compliance, Application Security, Technology and other trending topics. He is well known to the community with his easy to understand articles.

VN:F [1.9.22_1171]
Rating: 5.8/10 (6 votes cast)
GRC10 Centralized Emergency Access (Firefighter) prompting to enter username/password, 5.8 out of 10 based on 6 ratings

Share This Post

Related Articles

Leave a Reply

© 2017 SAP Security Expert. All rights reserved. · Entries RSS · Comments RSS
Managed by 7n Domains