User roles and role mapping

Similar Messages

• Report to see user type and roles assigned to users in EP?

  Hi,
  a) Is there any reporting mechanism in EP? Any specific report which throws up user types and roles assigned to the users? There is an option of 'Export' in the user management role but unfortunately it does not give information on User Type.
  b) If  the group is assigned a role, How can we see ( in any report) the roles assigned to a group? In the 'export' option of the 'User Management' this information does not come.

  By default Portal UME comes along with the installation of portal.
  Sometimes we may integrate external users using LDAP. At that time users come from ABAP stack or some active directories.  But you can also create users in the portal UME.  The purpose of using LDAP is to maintain the users centrally rather than creating again in portal.
  You can check them in user administration->identity management and search for the users.
  THere you can see some users will be from UME and some from LDAP.
  User Admin tool is nothing but User Administration only.
  Raghu

• Publish reports to a role and roles to user

  Hi,
  What does it mean ..
  Publish reports to a role and roles to user
  can anybody give a detail what exactly it mean ? In implementation which stage it comes into picture ?/
  Thanks,
  Debasish

  Hi,
  This publishing option is available to you when you open the query in Query designer as 8th button in top panel. To publish in a role , you should have that role to be assigned to you.
  With rgds,
  Anil Kumar Sharma .P
  Message was edited by:
          Anil Kumar Sharma

• Automatic Creation of Roles and Role Mappings in GRC

  Hi,
  we are planning to use SAP Identity Management and SAP GRC Access Management.
  In SAP IDM we have defined several business roles that contain privilieges in SAP systems. When a user is requesting a role, the request will first be sent to SAP GRC for approval and risk checking.
  In order to get this to work, we need to load the business roles of SAP IDM into SAP GRC and we also need to configure the role mapping between the business roles and the technical SAP privileges.
  From what I understood, this could be implemented by loading the required information via Excel filles into SAP IDM.However, this is a quite cumbersome and error-rpone approach an we would like to automate this.
  Is there a way to use e.g. web service calls to create/delete roles and role mappings in SAP GRC?
  BTW: is a documentation of all available GRC web service calls and their parameters available?
  Thanks for your help in advance!
  Best regards
  Tom

  Hi Tom,
  as stated before, the web service description is in the config guide.
  Unfortunately there is no web service to create roles or even mappings in CUP - this is one of many I would also like to se created
  I don't think in your context you will be able to directly send Business Roles to CUP. The role mapping only happens after you send the request, so I'm not sure if that's in time for risk analysis - you will need to try that.
  Are you a customer or a consultant - anyway, feel free to contact me if you need further help integrating CUP and IdM. This is an evolving interface with many possible scenarios, so it's not easy to give you good advise without seeing the full picture.
  Frank.

• Roles and Role List

  Hi all,
  Please explain me about the Roles and Role List used in Projects...
  Thanks
  Dinesh

  Hi
  Roles are using in Projects for two goals -
  A) a basis for project-based security. You might create roles as project roles and assign people to the role in a project. For example, project manger, project admin, project billing person, etc. You then might configure the security access to forms and functions of specific roles.
  B) when implementing Proejct Resource Management, the project roles may be scheduled on a project and serve as a template for resource demand. In that case you might configure the team member role on a project, such as competencies, job information, and security.
  You might want to review Oracle Projects Fundamentals and Projects Implementation Guide for more details.
  Dina

• Is there User Group and Role Reporting in SAP Enterprise Portal?

  I want to know if there is a way to pull users statistics our of SAP Enterprise Portal like you can out of the R3 backend systems.
  I would like functionality similar to the SUIM transaction. I know through user administration you can access any user, even a list of all users, and you can do similar lists with roles and groups. You can then access any of these things individually and look at their assignments. However, I want to do this on a large scale. I want to know for example every group that has a user assigned to it. Evergroup that has roles assigned to it. Or groups that have no user or role assignments. We have approximately 1904 groups in our Production Portal system and I am trying to clean up the groups that have no user assignment, but I don't want to look through them one by one.

  Hi Chris,
  There is no standard report available for this purpose. However all this information is stored in table UME_STRINGS.
  You can write your own SQL queries to generate such reports. However please note that this table is not normalized, and it's a master UME table. You should use it strictly for READ ONLY purpose.
  For a sample code you which i wrote some time back, you might refer:
  http://forums.sdn.sap.com/thread.jspa?threadID=2088099&messageID=10859334#10859334
  Thanks
  Prashant

• Save User-Parameter and Roles

  Hello,
  how can I save userparameters and userroles?
  We use a CUA.
  After a client Copy i have to create all parameter and roles for all the users in this client new!
  How can i solve this problem?

  hello Fabian,
  Did not get your issue. In case you have done client copy involving copy of user master data then  user master of source will show up in target . If you have done without it then no data will be changed.
  Please clearly explain what your problem is.
  Regards.
  Ruchit.

• Users, privileges and roles problem!

  Hi everyone,
  I am using oracle 10.2.0.
  I have a user (dba1) who is the owner of tables in my database. I have connected to sqlplus as sysdba and created the role <b>admin</b> and granted the admin all the privileges.
  SQL> grant all privileges to admin;
  Grant succeeded.
  SQL>Then I granted the <b>admin</b> role to the user dba1:
  SQL> grant admin to dba1;
  Grant succeeded.I have created another role, sel_role and given that role the privileges to select tables. For example:
  SQL> grant select on kund to sel_role;
  Grant succeeded.Now I have created another user, Anton, and have given that user the role sel_role:
  grant sel_role to Anton;
  Grant succeeded.Now when I try to log in as anton and try to use the select statement which is given to Anton by sysdba, using the sel_role, to select the table kund, I got an error:
  SQL> connect anton/oracle
  Connected.
  SQL> select * from kund;
  select * from kund
  ERROR at line 1:
  ORA-00942: table or view does not existWhat could be the solution to this problem?
  Thanks in advance

  Solomon Yakobson wrote:
  Connect as sysdba and issue:
  ALTER USER anton DEFAULT ROLE ALL;SY.Same problem!
  SQL> alter user anton default role all;
  User altered.
  SQL> connect anton/oracle
  Connected.
  SQL> select * from kund;
  select * from kund
  ERROR at line 1:
  ORA-00942: table or view does not exist

• What are Roles and Role entry points in the context of windows azure?

  I am just starting out with my journey towards understanding azure. I have a vague idea about the Web and Worker roles.
  So when I am publish-deploying a website on azure from visual studio, am I doing something with respect to roles? Am I starting up a Web role?!
  RoleEntryPoint: But this is actually related with the web/worker roles and services. My understanding is that the RoleEntryPoint is some code which is executed when you deploy "services" on the azure cloud. These services either have a web role or
  a worker role.
  What is "services" in this context? So what traditional (on-premise) app would be analogous to a service that has a web worker role? A WCF service or WebApi? Or can it be a website? So would a service having a worker role be something analogous to
  a "windows service"?
  And finally RoleEntryPoint. I don't get the use case. From what I've seen,
  say you want to initialize some related services that support your main service, for e.g. a cache server, or a sql database, you have have the initialization logic written in these classes and make the code perform them.
  There are definitely other ways to do this right? You don't need to necessarily tie the deployment of that main service with the initialization of the other services. They could be separate deployments, right?!
  I am a bundle of mistakes intertwined together with good intentions

  Hi deostroll,
  From you post I understand you've read quite a lot about Azure, but I'm affraid there's still some misunderstanding on what all these terms mean.
  Azure is a cloud computing suite of services tiered into three categories: IaaS, PaaS and SaaS. IaaS stands for Infrastructure-as-a-service and is an offering where Microsoft allows you to run your own virtual machines. You will handle everything from software
  patching, network connectivity (from the application level: virtual networks etc.), software installition and configuration etc. Basically everything you would do today on your own premise except for whatever concerns hardware (bare-metal). PaaS stands for
  Platform-as-a-service, and is a middle offerint, where Microsoft selects some VMs and is responsible for periodically patching this machines. You don't have to care about IIS or whatever existing applications there are on the VM either, because it's Microsoft's
  job to do this. Last but not least, SaaS stands for Software-as-a-service, and is the offering where you use a piece of software without even knowing what infrastructure exists behind it: I guess you've used some sort of webmail client before, right? That's
  a SaaS.
  When it comes to Windows Azure, IaaS is offered as Azure VM, PaaS is offered as Azure Cloud Services (formely known as Azure Hosted Services, should you get across documentation that uses that term instead) and SaaS is offered in the form of: Azure WebSites,
  Azure Mobile Services, Azure Media Services and many more.
  When you talk about either web roles or worker roles, you actually talk about two forms of roles that exist in the context of an Azure Cloud Service. Basically, when you create a cloud project from Visual Studio, you end up in adding either Web projects
  which might (but not necessarily) be linked as a Web Role to your Azure Cloud Service. You may also add, to the same solution, Worker Role projects. As you've probably already guessed, whenever you add a Web role, the web project it references is a web project
  in the literal term: ASP.NET Web Project, whether that is WebForms, MVC, MVC WebAPI that's all completely up to you. However, what is a worker role project, you might ask? A worker role project might be though of just as a console application. You basically
  get absolutely no UI, but your code runs as long as it runs inside an infinite loop at some point. If the loop stops, just like a console application, your worker role will stop which will force the Azure FabricController to refresh your role. Consider the
  FabricController has the guardian of all roles, which will auto-magically 'respawn' your roles whenever something goes wrong, whether that's a software issue in your app, in the OS or a hardware failure.
  Moreover, keep in mind that every role in your cloud service project ends up in being created as a separate VM. What this means is that you will have separate VMs for each roles in your cloud service, so even if you create several web projects, you still
  get one machine, with one IIS instances with a single web application (yours) for each of your cloud's roles. Same goes for worker roles.
  I hope this information clears up some of the questions you might have.
  Alex

• WLST 92 - How to Create Global Role and Role Condition?

  I'm currently using WLS 9.2 and trying to use WLST to create a global role and defining a role condition. Anyone know how to do so using WLST for WLS 9.2?
  Trying to:
  - create Global Role, testRole
  - create condition where 'username = testuser'
  thanks!

  Did you find out a solution for this?

• Check users authorizations and role

  Hello!
  How can I check the authorizations of
  Web Dynpro application users and also his role.
  Thanks
  rgds
  sas

  HI,
  Pl go through Following link
  https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/com.sap.km.cm.docs/library/webdynpro/wd%20java/web%20dynpro%20security.pdf
  https://help.sap.com/javadocs/index.html
  use the method isMemberOfRole.
  Regards
  Ayyapparaj

• End User Authorizations and Roles

  Hi,
  What all the authorizations i need to give to an End User, who uses the device.
  Is it necessary for the userid to be same in <b>MI Client, MI server, Backend</b> systems.
  Let me explain wat an end user does
  >logs into MI client
  >performs first synchronization
  >Executes Mobile Application assigned
  >and performs synchronization at the end of the day
  rgds,
  Kiran

  Hi Kiran
     Probably I wanst clear with my reply.  You need to assign both the above mentioned authorizations to the same user who is performing a sync from the MI Client.  S_ME_SYNC is required for the user to perform a sync from MI Client to MI server.  S_RFC is required for the same user so that the data can be transferred from MI server to SAP backend and vise versa. 
  Hope I am clear now
  Best Regards
  Sivakumar

• Administration Menu Localization of User Permissions and Titles of DataGrids into the Roles and Users screens.

  Hey LightSwitch Team,
  I have a LightSwitch Web Application, that is already localized (en-EN and de-DE). Now I have the requirement to localize the names of the User Permissions into the Administration Screen (this is built-in functionality). How can I achieved
  this?
  Another Task is to translate the Titles of the DataGrid into the Users Screen and Roles Screen (Administration Menu), because they are in english language, instead of german (i.e. 'User and Groups', instead of 'Benuter und Gruppen' or 'Users
  and Groups in this Role', instead of 'Benutzer und Gruppen dieser Rolle').
  In addition of this the User Permissions are in the english language too. How can I translate all of them?
  Note: Another texts are already localized (e.g. 'Rolle von Gruppe geerbt').
   Many thanks. Any help would be greatly appreciated.

  Hi AndySta,
  Welcome to lightswitch forum.
  According to your description above, if you want to localize your lightswitch application, you need add a localized resource file, add a Resources File, and then name it Client.de-DE.resx, then call a resource from code. Check out
  https://msdn.microsoft.com/en-us/library/xx130603.aspx
   for further information.
  Best regards,
  Angie
  We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
  Click
  HERE to participate the survey.

• User Profiles, Roles and  Permission folder empty

  Hi,
  We installed Peoplesoft 8.49 Apps 9.0, and 10G Oracle on Windows 2003, everything working perfectly except User profiles and Roles and Permission Folders
  I have ran AE scripts well, even then we are not able to browse those sections
  Any help much appreciated
  Thanks

  >
  We installed Peoplesoft 8.49 Apps 9.0, and 10G Oracle on Windows 2003, everything working perfectly except User profiles and Roles and Permission Folders
  >
  What do you mean by this? What is not working? What are you expecting and what is happening?

• Notification Task needs UME role and other value

  Hi Experts,
  I have a BPM notification task which needs to go to two UME roles (always same) and a UME user (dynamic selection).
  This UME user is already stored in my context data.
  However, when I configure the "To" tab of the notification task, how do I achive this.
  If I select "Choose one or more UME principles" - I can assign the 2 UME roles.  But then how do I get that UME user?
  Please help.
  Thanks,
  Rahim.

  Hi Rahim,
  You want to use an expression and one of the getPrincipal  built-in mapping functions.
  How are your user id and role names formatted? If you have the full UME name you can use getPrincipal  or getPrincipals (for a list of values).
  If you only have the name itself then you use getPrincipalByUniqueName - the identityType parameter is 1, 2 or 3 indicating whether its a user, group or role respectively.  That only returns a single value ... so if you need to process multiple values then suggest you create a EJB-based mapping function using the UMFactory API to do something similar.
  Regards,
  Jocelyn