Admin can create user for specific company

Hi all,
I have requirement to provide authoriaztion to 3 basis admin in the way that they can use su01, pfcg or any basis related tcode but one should be restricted to one company say 'A' only... i.e. I have 3 basis admin A, B and C on single system and 3 comanies say DEF, PQR and XYZ . Now A can create use id for DEF company only...same for the rest of the user and company..
Is it possible n what way ?
Rgds
D L

Of course this can be done.
Here you would be using the S_USER_GRP authorization object.
Giving access this authorization will allow user A to only manage users in group DEF
S_USER_GRP
ACTVT 02
GRP 'DEF'
Giving access this authorization will allow user C to only manage users in group XYZ
S_USER_GRP
ACTVT 02
GRP 'XYZ'
Create user groups via transaction SUGR.
Read more at:
http://help.sap.com/saphelp_nw70/helpdata/EN/fa/f63f4222fab16be10000000a155106/frameset.htm
Good luck
Regards Fredrik

Similar Messages

Create users for my application

Hi! I'd like to make an administrative page so I can create users for my application. Let's say that I have following fields: username, first name, lasta name, password, etc.
Does anyone have an example? Or a short description about what I have to do.
Thanks a lot!

Thanks Jes. I looked at that thread. As it's said there, I created my custom table of users and a function with 2 parameters(username and password).
I was thinking to make a process which calls my function and take as parametres the (:P101_USERNAME,:P101_PASSWORD). I wrote some code in my function. But when I want to create the process, I got the next error:
ORA-06550: line 3, column 1: PLS-00103: Encountered the symbol "END" when expecting one of the following: := . ( % ; The symbol ";" was substituted for "END" to continue.
My function is this:
create or replace function "AUTENTIFICATION"
(p_username in VARCHAR2,
p_password in VARCHAR2)
return BOOLEAN
is
if p_username IS NULL or
p_password IS NULL then
return false;
end if;
if p_username NOT IN
(select username
from users) then
return false;
end if;
if p_password NOT IN
(select passw
from users
where username = 'p_username') then
return false;
end if;
And in the PL/SQL Page Process I'm trying to put the following:
AUTENTIFICATION(:P101_USERNAME,:P101_PASSWORD) , when I get the error.

Error while creating user for a domain

i am developing a web-application which is hosted on tomcat server.
it is creating domains and users at another remote domain server.
localy it is working fine..
but when i test it online..
the problem is,
sometimes it works fine ,the domains are being creted at remote server..
but sometimes it delivers error that domain at remote server can not be created.
Is it due to fact that theat some errornous code in the buffer of application have older versions of applications causing the error ?
Code::
if(strPlanId.equalsIgnoreCase("3")) {
 //Create domain account for planid=3 plantype=Cp
 blnOK=false;
passwordGS comes from database
strUrl="http://sosync.net/sosync/admin?pwd="+passwordGS+"&action=user_createdomain&domain="+strSubDomain+".gosync.net&adminpassword=aspire3002&diskquota="+longdk;
 u=new URL(strUrl);
 uc=(HttpURLConnection)u.openConnection();
 code=uc.getResponseCode();
 if(code == 200) {
 rUrl="/TransCompleteServlet";
 blnOK=true;
 uc.disconnect();
 } else {
 rUrl="/GSView.jsp?page=GSError.jsp?REQ=Unknown";
 if(blnOK) {
 String strUrlUser="http://gosyncdesk.net/gosync/admin?pwd="+passwordGS+"&action=user_createuser&username="+strEmailId+"&password="+strPassword+"&domain="+strSubDomain+".gosync.net&communityname=Default&firstname="+user.getFirstName()+"&lastname="+user.getLastName();
 URL u1=new URL(strUrlUser);
 HttpURLConnection uc1=(HttpURLConnection)u1.openConnection();
 code=uc1.getResponseCode();
 response1=uc1.getResponseMessage();
 if(code == 200) {
 rUrl="/TransCompleteServlet";
 String strUrlTZ="http://gosyncdesk.net/gosync/admin?pwd="+passwordGS+"&action=user_setuserpreference&username="+strEmailId+"&domain="+strSubDomain+".gosync.net&name=web_timezone&value='"+timeZone+"'";
 u=new URL(strUrlTZ);
 uc=(HttpURLConnection)u.openConnection();
 code=uc.getResponseCode();
 if(code != 200) {
 rUrl="/GSView.jsp?page=GSError.jsp?REQ=Unknown";
 } else {
 rUrl="/GSView.jsp?page=GSError.jsp?REQ=Unknown";
 mailUtil.sendMail_admin("Error In Creating User for the Domain","While creating domain for "+user.getEmail()+" user could not be created due to following reason: "+response1+" GoSync UserName:"+strEmailId+" GoSync Password:"+strPassword+" GoSync Domain :"+strSubDomain+".gosync.net and URl String was :"+strUrlUser+"");
 }

if the problem is caching try setting the useChasses to false
uc.setUseCaches(false);

Create user for CPS in _ UPPER CASE LETTERS _ if using JSM on SolMan

only create users for CPS in UPPER CASE LETTERS if using JSM on SolMan
Dear CPS Admins,
If you plan to use Job Scheduling Management (JSM) on SAP Solution Manager together with CPS by Redwood please always create any users in CPS only with upper case letters to avoid issues in the communication between SolMan and CPS.
The user creation for CPS is done in the UME (Java user administration, alias /useradmin).
Actually the CPS user itself is only created in CPS during the first logon.
Both CPS and the Java UME are case sensitive. So you can create users in uppercase, lowercase or mixed letters. But of course the system does still not allow duplicate names. So you can either create MUELLERP, MuellerP or muellerp - but not multiple of them.
Now, if the SolMan communicates with CPS for Job Scheduling, the actual user name is taken in some kind of a "trusted RFC like" way and checked on the CPS system connected to the SolMan. If the current SAP user does not exist on CPS no activities are possible, neither in read mode (read existing CPS jobs) nor in write mode (change existing jobs or create new ones).
Unfortunately the Solution Manager transmits the current user name to CPS only in upper case letter. So if the CPS user was not created in UPPERCASE letters in CPS the communication will fail. Therefore, think about creating CPS users in UME only in UPPERCASE letters. Changing this later is difficult to impossible.
Best regards,
Peter

hi,
I tried to reproduce your issue but I was not able to create a UME user with lower case letters.
UME automatically converted the user name into upper case after saving. So even if I enter "cps" as user name UME stored the user name as "CPS".
(maybe that happend because of the existing SU01-UME integration in our SolMan system)
If UME would be case sensitive I would expect that it is possible to create the user "CPS", "cPs" and "cps".
Regarding the SolMan-CPS connectivity:
Transaction SU01 allows only upper case letters (in user name and alias). Since you're starting from an ABAP system only user names with upper case letters are supported. It's a technical constraint of the ABAP user management that user names consist of upper case letters only.
Kind regards,
Martin

Group Admin can add user to group but can't update user account in SAM SDK

Hi
I have created a user X and Group Y, and I have assigned the created Group Y Admin Role to user X and made user X a member of Group Y.
Now User X can create users but can't see them when doing a search.
Also if using the SDK this user attempt to add a user he created as a member of Group Y the LDAP return an error that user X dosen't have enough permissions to update the membership attribute of the new user account that he created.
Funny enough looking in the LDAP, the user is actually added as a member of the Group.
So the Group was updated correctly but the suer account is not.
Does anybody now a fix for this issue or is it fixed in any patches to SAM 7.1

Hi,
Did the issue happen only for you or for multiple users?
Please login on other well worked Lync client from other computer with your Lync account to test the issue.
Please also use another well worked Lync account login your Lync client and test the issue.
You can disable your Lync account from Lync Server Control Panel and clear all SIP related information from AD, then re-enable your Lync account from Lync Server Control Panel to have a try.
Here is a similar case may help you:
http://social.technet.microsoft.com/Forums/lync/en-US/09032674-3927-4898-8f93-f3e6f3eab540/lync-2013-cannot-add-remove-or-move-contacts-or-groups-at-this-time?forum=lyncprofile
Best Regards,
Eason Huang
Eason Huang
TechNet Community Support

How to create users for iFS9R2???

On iFS9R1 and earlier it was possible to create users from the web GUI using an administrative user's account. On iFS9R2 it wasn't possible, I only could create groups or folders, there wasn't even a menu entry under "new".
Or did I miss or faulty configured something?
+Lutz

Matt,
I'm using the iFS credential manager. And yes, I can create users using the iFS Manager tool. But with earlier releases it was also possible to create users from the iFS web GUI. Strange thing is that from the iFS Manager it is not possible (at least I didn't find one right now) to delete users, from the web GUI it is!
Anyway, seems the best way would be OID as this is also be used by the new iAS and it might avoid the need for having two seperate user managements.
Thanks for the hint!
+Lutz

Needed validation when creating user for employee in HRUSER transaction

hi All,
I wanted to put validation in HRUSER TCode when we are creating user for an employee by selecting exit module for user name and password
in my scenario I want to remove the first alphabet of user name that is P and with that I want to set a default password can anyone suggest me includes.
Please find the attached snap.

Solved it for myself
refer the link:
Dear all,
Regards,
Siva

Create users for teradata in ADAM / Acitve Directory

Hi
I was wondering if you could help me with the ability to create a user in AD / Adam? I am trying to write the powershell code to create users for Teradata connectivity. the manual process is to use adsiedit and create the users through groupof names class.
This is what I have that is NOT working and was looking where to go from here.
$dom=[ADSI]"LDAP://OU=Users,OU=dev,OU=tdev,dc=acme,dc=com"
$obj = $dom.Create('GroupOfNames', 'CN=ASmith')
$obj.SetInfo()
any help would be greatly appreciated.
Thank you
John R Remillard

Hello,
You should ask in the
Windows PowerShell forum.
Karl
When you see answers and helpful posts, please click Vote As Helpful, Propose As Answer, and/or Mark As Answer.
My Blog: Unlock PowerShell
My Book:
Windows PowerShell 2.0 Bible
My E-mail: -join ('6F6C646B61726C406F75746C6F6F6B2E636F6D'-split'(?<=\G.{2})'|%{if($_){[char][int]"0x$_"}})

Tax Code Mandatory in Purchase Order for specific Company Code / Country

We are doing Roll Outs of SAP into different countries.
In a particular Country / Company Code we want Tax Code to be mandatory in Purchase Order without disturbing the settings for other Country / Company Code.
Can anyone provide some idea to resolve this?
Thanks in advance

Hi,
You can create a seperate document type for that country and make it mandatory in the document specific screen varient
SPRO>MM>PUR>PO>DEFINE SCEEN LAYOUT AT DOCUMENT LEVEL>COPY NBF
Make tax code field mandatory and assign it to new document type for that country
Or user user exit or BADI ME_PROCESS_PO_CUST
Thanks
Diwakar

Error in the ISA User Admin to create users

Hi all
i am not able to create the users thru the ISA user admin. while creating the user for new contact persons we are getting the error as " User Does not Exist" and also while creating the user for existing contact persons we are getting error as " User already Exists". in our project landscape CUA also part along with CRM and Portal. i am not able to find out from where exactly we are getting the error either from CRM side or else from CUA side.
Regards
suresh babu

Hi,
You can open any process in an iview which is assigned to a page and to a role. Once you click on this role, the process will get initiated and the webdynpro application will be displayed.
If you open the instantiating url, it will ask for the input parameters that are to be passed to the application and initiates the application. It does not display your webdynpro page.
For the iview you have created, Assign this iview to a page, and then assign it to a role. Assign the role to your user id and then open the role. Also mention in the iview parameters if any role based information has to be passed.
Award points if helpful.
Regards,
Sujana

Delete authorization for specific Company Code

All,
For a specific transactions, our users may only run the transaction for a specific company code. Transaction is TPM55A
What authorization object do I need to add to my role, so the users have only authorization for let's say Company code range 1000 - 1050.
Many thanx for help
kr,
Stef

Hi Stef,
Please try to add this authorisation object manually F_BKPF_BUK- Authorisation object for company code.
In the filed BUKRS you can maintain the company code as you required for the users.
I hope this may help you in resolving the issue.
Thanks
Karthick

Project Lite - Admin tasks - Creating Users

We have a dedicated team who will only set up new users on O365/Project Online, can we use a Project Lite license for these staff who are only creating new user accounts?
They won’t be doing anything else in Project Online other than creating users.

Hi Dom,
In terms of the licence, I believe Dale is correct here. However, having a Project Lite Licence does not restrict you from what you can do in Project Web App (to my knowledge at least), and so this is open to "abuse". In terms of Project
Lite, it is aimed at TEAM MEMBERS, who plainly do not perform an admin role. Your local Microsoft Licencing Specialist should be able to provide ultimate clarification.
https://products.office.com/en-us/project/project-lite
Ben Howard [MVP] | web |
blog |
book | P2O

Create User for Target (Terminal Adapter) with private key authentication through web service

Hi
I have a question about Terminal adapter.
My current aim is to create process "Execute script through ssh on remote Linux system" with input parameters ( login, path to private key, path to script)
It was very helpful to find this discussion https://supportforums.cisco.com/message/3543289#3543289 .
Is there a way to create Public-key Authenticated Admin Runtime User with private key for authentication by using NB webservice ?

I will second Shaun's comment...
Unfortunately, it looks like this is not possible in 2.3.X. (That is you can create the user but the fields you need to use to configure that user properly do not appear to be exposed to the Northbound Web Service).
It looks like something that will be fixed in a future release of Process Orchestrator.
Svetlana

Error in creating user for solaris

Hi.....
I am using IDM 6.0 version and configured resource solaris in IDM...but when tried to assign a user to solaris....the user is getting created in solaris box and resource exit for that user...but when tried to click on user for display or to update getting the Error
ERROR:Unresolved rule: getDefaultShell.
I dont know what to do...can any one help me please.....

I got solution to my question i had to import shellrule file from /sample directory to IDM.

How to create users for B2B console in SOA Suite 11g?

Hi,
I have installed SOA Suite 11g and created a new user in weblogic server and assigned groups Deployers, Monitors & Operators. On trying to login(http://hostname:port/b2bconsole) using this new user, im not able to login and the below error is logged.
"There are no trading partners for this user".
Can someone plesae guide me on how to create a new user for B2B as i dont want to grant adminstrators group to developers.
Thanks,

Hi,
Please login as the weblogic server boot user into b2bconsole and then go to users tab of the host trading partner
and search for the newly added user [ provide full username ]
and then assign the role as administrator / monitor from there.
once this is done.. the newly added user should be able to login to the b2bconsole..
monitors have read only access and less priveledges..
Regards,
Vijay

Admin can create user for specific company

Similar Messages

Maybe you are looking for