Fix Business Role / Technical Role assignment in Pending or Failed status

Similar Messages

• SAP CRM 2007 Business role assignment

  Hi all,
  We are using CRM 2007. and we are trying to assign Business roles to users using the PFCG ROLE ID attribute.
  1- We create a PFCG role : "pfcgrole1"
  2- We create a Business Role "Businessrole1" and put PFCG Role id = "pfcgrole1"
  3- assign the user to the PFCG role "pfcgrole1"
  We have two cases :
  CASE 1:The user is assigned to a position in Org management but the position does not have any Business roles assigned.
  RESULT : The user logs in  to CRM, the user gets error message  "Logon is not possible because you have not been assigned a business role"
  CASE 2:The user is not assigned to any  position in Org management.
  RESULT : The user logs in to CRM, everything works fine
  my interpretation : org management has precedence over business role assignment using PFCG roles and blocks Business role assignment even if the position has no Business roles assigned
  Anyone has any idea how to assign business roles using PFCG ROle ID even if the user is assigned to a position without any business roles
  Thanks in advance.

  Please review these old threads first:
  Re: Reg: Business Role
  Assignment pfcg-role to user and assignment pfcg-role to business role
  There is a lot of technical background on how business role to PFCG role assignment works.
  Thank you,
  Stephen
  CRM Forum Moderator

• Organizational Model - WebUI business role assignment

  We have created the organizational model in our system where we have the levels that are tied to a specific business role.   We have been manually assigning all of our users to these organizational model levels in order to have the business role assignment.   I am curious if there is a program or easier way to do this than to have to create the assignment to the employee record manually in the org model.
  Any help would be greatly appreciated. 
  Thanks,
  Darcie

  Hi Robert,
  maintaining the user profile directly may be easier with only a few employees but for large companies this method will end up being more maintenance intensive.
  for Org you only have to maintain it on the Org unit or position and all employees underneath will inherit the role; whether it's 2 individuals or 2000. and if the person is moved into a different position laterally or through promotion there would be no maintenance required as the information would replicate from HR (if you use/have the system) and the person would inherit the new position and role automatically.
  for User parameter if you only have 2 individuals it is easier but 2000 is too much to maintain. there is some automation but would require you to create them and run them yourself.
  pfcg at most companies do not fall under general master data maintenance and would require involvement from the security group and they often do not want to generate empty or unnecessary security/authorization profiles - the maintenance workload is shifted to them also in this case.
  regards.

• Business role assignment get lost

  Hello *,
  from time to time single users report logon problems due to missing business role assignment.
  In these cases business role was assigned via user in tx su01 directly. Whenever it happened the affected user itself is shown for last modifier of user record. But the users of course are not authorized to edit this data.
  We assume that maybe the personalization in web ui could be the reason but up to know the behaviour was not reproduceable.
  Does anyone know this issue?
  Kind regards
  Thomas

  Hi Thomas,
  Sorry but maybe I've explained myself poorly. You said that business roles that were missing are normally assigned directly in SU01. Then, in order to try to understand how they are remove, in SU01 transaction there is a functionality that allows you to see the change history for every add/removal of a role. This will tell you the user that performed the action and which tcode he used.
  Check this functionality that it's available as a menu option in SU01. Maybe it can give you some good clues about what's happening.
  Kind regards,
  Garcia

• Business Role Assignment to User by Organizational Model

  We have created the organizational model in our system where we have the levels that are tied to a specific business role. We have been manually assigning all of our users to these organizational model levels in order to have the business role assignment. I am curious if there is a program or easier way to do this than to have to create the assignment to the employee record manually in the org model.
  Any help would be greatly appreciated.
  Thanks,
  Darcie

  Hi Robert,
  maintaining the user profile directly may be easier with only a few employees but for large companies this method will end up being more maintenance intensive.
  for Org you only have to maintain it on the Org unit or position and all employees underneath will inherit the role; whether it's 2 individuals or 2000. and if the person is moved into a different position laterally or through promotion there would be no maintenance required as the information would replicate from HR (if you use/have the system) and the person would inherit the new position and role automatically.
  for User parameter if you only have 2 individuals it is easier but 2000 is too much to maintain. there is some automation but would require you to create them and run them yourself.
  pfcg at most companies do not fall under general master data maintenance and would require involvement from the security group and they often do not want to generate empty or unnecessary security/authorization profiles - the maintenance workload is shifted to them also in this case.
  regards.

• Business Role Assignment

  Hello All
  Where do we assign Business Roles to Org Unit / Position. Can somebody please provide the navigation.
  I am in training and actually I want to get the business role created by me displayed when I log to CRM Web Client. How to do ...
  Thx
  DM

  Hi DM,
  by using tnrx PPOMA_CRM, Click on the Position which you have created. And then click 'GOTO --> Details Objects' on the top of the GUI page.
  Select the tab Business Role and then create a new infotype.
  Choose your Business Role in the Field 'Business Role' and save.
  Now you have assigned your Role with your org.
  Let me know in case you need any more specific explanation.
  VS
  Edited by: VS on Aug 7, 2009 2:42 PM
  Edited by: VS on Aug 7, 2009 3:06 PM

• Business Role assignment now working as Expected

  Hi All,
  We have a User A, B and C , all these users have Business Role X, when these users were logging in they were gettings screens as per the configuration.
  However now all of sudden Only User A ,though still has same Business Role X , is getting different Work centers,Logical links Mostly standard(Claim management, worklist, calendar,Email Inbox) .
  User B and C who have the same business role are getting correct UI screens.
  We are unable to find what went wrong all of sudden.
  Thanks in advance for your suggestions
  Regards,
  Chandu.

  Chandu,
  If the CRM_UI_PROFILE is set to some UI Profile, this takes more priority(than the UI Profile assigned to the Business Role)
  and shows the Navigation Bar and Work Centre configured for this UI Profile.
  The normal Business Role configs wont work at that time.
  Remove this entry and see, it will solve the issue.
  Regards,
  Masood Imrani S.

• Business Role assignment to user

  Hi all,
     I am learning about the concept of  business roles in CRM. In the forum discussions I see that the business role has to be assinged to the user even though we assign the PFCG role (linked to the business role) to the user. Like SU01 where we assign pfcg role to the user, what is the transaction code to assign the business role to the user.
  Thanks.
  Neha.

  I'm going to chime in and say this question has been discussed to the detail in this forum.  If you would have done a search you would have a pretty good discussion on this topic.
  Re: Reg: Business Role
  That thread covers all your options in detail.
  Thank you,
  Stephen

• Issue regarding Business Role assignment

  Hi All,
  1.
  I have a user Agent1 which is assigned to position POS_IC_AGENT in my org structure.
  In the infotype Business Role I have assigned IC_AGENT (standard) business role.
  IC_AGENT has PFCG role SAP_CRM_UIU_IC_AGENT assigned to it.
  But, when I run the application (for my user Agent1), only telephony buttons are visible on top, navigation bar and work area is empty (nothing is visible there)
  2.
  Now, when I open my user Agent1 in SU01 and assign PFCG role SAP_CRM_UIU_IC_AGENT.
  Now when I run the application everything is visible (telephony, navigation bar and workarea).
  Why is it not visible in first case?
  I think it should work without assigning Role in SU01.. I mean it should have taken settings from Org. structure
  Regards,
  Ashish

  Hi Ashish,
  As far as work center page context is concerned , its decided by the navigation bar profile and business role customizations ( we add work center home and several related stuff etc in navigation bar profile and make them activate/deactivate, visible/invisible through business role customizing ) .
  PFCG role has nothing to do with what you see on the Work Center...it decides whether you can see or not..meaning whether you have authorization for disply of a business object and its related subobjects.
  PFCG role basically determines the authorization objects that will be grated to the particular business role ( to which this PFCG role is linked ) PFCG is about CREATE/CHANGE/DELETE authorizations.
  In first case, its business role linked authorizations. You dont see the work centers may be because USER has not granted the DISPLAY authorization for the business Object related to BP( i.e Account ) , or BO related to account search (BUPASEARCH ) as the IC agent home basically has Account identification home , or account search home...which overrides the PFCG authorizations attached to the business role.
  Remember, individual object authorizations set for a user using transaction PFCG will have more priority over the Business role linked authorizations as 1 business role can be assigned to many users however if one user is not grated to see BP related data, this will still remain enforced even though the business Role PFCG is granting him to see...There is a difference between user specific authorizations and Business Role specific authorization...
  In second case,its user linked Authorizations. When you add the PFCG role in SU01, this is being the User Specific Authorizations which will always have the priority and thus granting the display.
  This is my basic understanding. I am 100% sure that PFCG role only controls the DISPLAY/CREATE/CHANGE related authorizations and lots more in context of authorizations. However what to include & show is decided by Navigation Profile and Business Role customizations.
  If everything is intact in navigation bar profile and business role customizations, and still you dont see anything on the work center, then i am 100% sure that its related to User Authorizations
  Refer pg 56 in CR580, it will clear your doubt.
  Thanks & regards,
  Suchita

• Refreshing business role assignment to org. structure

  Hi Experts,
  I am trying to change the assignment of business role in org. structure but the changes are not coming into effect.
  i.e. initially i have assigned servicepro to my org. strcuture & i am getting the relevant screen on login into WEB UI.
  Now i have changed it  to marketingpro still i am getting the same screen.
  Can any one of you suggest that how i can refresh such changes.
  & can anyone also suggest how i can assign business role directly to users.
  Thanks & regards
  Nanda Kumar

  Hi Nanda,
  I assume the reason for Business Role change not refelecting can be
  1. A Profile assigned in SU3 or
  2. You are trying to open the Web UI from same browser session using a new tab in IE7 (internet explorer), you need to create a new browser session.IE7 tabbed browser does not recognize the changes in SAP GUI, you need to open in a new browser.
  Regards,
  Masood Imrani S.

• Report alle Business Roles assigned to Position

  Hello,
  I'm looking for a report wich brings a coomplete Objectdescription of an incorporate position in a organizational Model. Very important is the information which business role (we use CRM 2007) is assigned to the position.
  I checked already report rhstru00 but I don't know which structure parameters I have to take to get out the required information.
  There must be a way to get this information.
  Thanks a lot in advance!
  Best Regards
  Stephan Jung

  Step1
  U should know the Personnel number of the person u want to assign role.
  Step2
  PA20 to do Org assignment
  Info type = get the position number
  Step3
  Go to PO13 for Position number
  You assign the position number to Role (basically you create a relationship b/w Position number and Role here)
  Define relationship “B   007” Relationship type (Always select this Relationship type)
  Step4
  Go to SU01; create a user ID for THAT Personnel number ( If the user don't have one)
  Step5
  Go to PA30 you define relationship between Personnel # and User ID
  Create Info Type 105, Subtype 0001
  In ID/Number = User ID and save
  For personnel number
  Step6
  Run PFUD
  To update user master record i.e. to enter the role that is assigned to that position in org level. Put the Role name and select Reconcile User Master Data and execute.
  Or
  In SE38 Run report   “RHPROF0”

• Business Role, Technical Profile, Application, Start Page in UI for service

  Hi CRM 2007 gurus,
  I have made all the settings in accordance with C04 to use the UI for the services role (copy of business role SERVICEPRO). Created the relevant PFCG role and a position in the org model; with a user and the business role assigned to the position. But I am getting an empty page on login.
  Then I changed the technical profile from DEFAULT to DEFAULT_IC; then it started giving an error "Permission denied".
  I then changed the start application to CRM_UI_FRAME and the start page to DEFAULT.HTM; then Internet Explorer started exiting on its own after the login.
  Can someone pls tell me what is amiss. Do I need to include some specific application and page as the "Startup Application" and "Start Page" in the technical profile (these are currently blank for the technical profile DEFAULT attached to the concerned business role).
  Points to be won; kindly help asap.
  Regards,
  DP

  Hi Deepak,
  few cents that might help:
  - Your problem is definitely not related to authorization issues. (easily derived by the nature of the error message and the point where it occurs (CL_BSP_WD_STREAM_LOADER))
  - The error message you received is being raised when CRM UI runtime tries to load a runtime repository. In case a runtime repository of a component has dynamic parts (e.g. the shell part itself), the repository is being loaded by the system via HTTP or HTTPS, depending on system settings. This results in the system sending a HTTP(S) request to itself.
  Now, there are two likely reasons for this going wrong:
  a) the system cannot "see" itself on the network (hosts problem, reverse proxy sceanrios, etc.)
  b) the runtime repository doesn't exist at all (ressource doesn't exist). This sometimes happens if component enhancements are active in a client (customizing settings) but the respective enhancement component (development objects) haven't made it into the system.
  c) In your case we can rule out this one: the SICF service for the UI component is not active - in that case the response would likely have been something like "Access forbidden" and you confirmed already all SICF services being active
  To get more clarity, you might want to proceed as follows:
  - Set a breakpoint in the line mentioned in the error message. You can access the source code of the releavant method using SE38 even though the include name looks pretty scary in the message (CL_BSP_WD_STREAM_LOADER=======CM02 or so).
  - In the debugger, check the name of the URL that had been tried to access (The variable should be available some lines above the breakpoint where the request gets sent).
  - try to access the same URL directly from your browser.
  Now, if you still don't get a valid response, b) might be the case. If you get an XML file back, a) might be the case.
  Good luck!
  Peter

• Assignment pfcg-role to user and assignment pfcg-role to business role

  Hello, Gurus!
  What is the difference between direct assignment pfcg-role to user and assignment pfcg-role to business role? What is the effect from assignment pfcg-role to business role?
  As  I see authrizations from pfcg-role assigned to business role have no effect to user...
  Best regards,
  Artuк Litvinov.

  Artur,
  The business role assignment does not give a user that PFCG role.  Instead it is just a mapping table and does nothing more. 
  Therefore that UIU_COMP auth object must exist in the PFCG roles assigned to the user in order for them to use the webclient.  In your scenario let's do the following:
  You have pfcg roles:
  RA
  RB
  You a have business role
  B1
  You have users:
  Joe
  Jack
  Business Role B1 is assigned to role RA which contains UIU_COMP.
  User Joe gets business role B1 and roles RB which does not have UIU_COMP.  This will not let him use the webclient.
  User Jack gets business role B1 and pfcg role RA.  This will work because everything is there.
  This means you need both the correct PFCG plus business role setup to make it work properly.
  Take care,
  Stephen

• Assign some Business roles in the CRm 7.0 i n the UI frame work.

  Hi,
  I need to assign some Business roles in the CRm 7.0 in the UI frame work.
  & how we need to assign the org to the business roles.
  Please provide any doc or any link is more appreciable.
  Thanks & Regards
  Prajith P

  Hi,
  When in the Org Structure, DOUBLE CLICK on the position so that it opens up the details screen.
  From the menu options, Select Goto>>Detail Object>>Enhanced Object Description>>Under the Info Type, Scroll down to business role, select and click on change mode. The business role assigned to that position will be displayed. Here you can assign the required role, save and go back to the org strucutre. Save again. It should be done.
  Regards
  Varun Taneja

• Users assigned to CRM Business Roles

  Is there a report that can show what users are assigned to what Web UI business roles. We have business roles assigned to positions and not PFCG roles. If not, what table to show business roles assigned to positions numbers so I can atleast query names on positions that have specific business roles.
  Thank You,
  Alex

  Hi Alex,
  Normally the AGR_USERs table through SE16 can give you this output
  in AGR_USERS table go and set the ORG_FLAG and COL_FLAG to get the output, you could also do this just for roles
  AGR tables.
  also if you have a proper naming convention please search by   "UIU" string most of the WEBUI roles supplied by SAP has this key word "UIU"
  Also you can go through SPRO ("UI Framework")  to see the default business roles assigned to the "UIU" roles supplied by SAP.