Assign Access Manager roles to end users?

Similar Messages

• Unable to assign all security roles to a user with a new custom security role

  Dear All,
  Happy New Year.!
  I have a query regarding the assignment of Security Roles to new users in CRM. Normally we assign the security roles to new users via an Admin user who has 'System Administrator' security role assigned to him/her. This works perfectly fine, and we can assign
  any desired security role to the new user.
  However, in our case, we need to delegate the user creation rights to some of the client partners. We do not want to give them access to all the Administration functions; hence we created a new Security Role, lets say 'Support User Role'. We have provided
  'Create', 'Append', 'Append To', and 'Assign' rights on 'User' entity for this new security role. With this security role, we are able to create new users now, but we are only able to assign 'Agent' security role, not any other security roles.
  For example, if user 'x' has Security Role defined as 'Support User Role'. If 'x' tries to add a new user 'y', then 'x' is only able to assign 'Agent' security role to 'y', but not any other security role. As per business requirement, 'x' should be able
  to assign some other security roles, including 'Support User Role', to new user 'y'.
  I believe that there is something missing in Security Role configuration, which is causing the above problem. We compared both 'Support User Role' and 'System Administrator' security roles, but not able to figure out which minimum rights we can provide to
  'Support User Role' so that users with this security role can only add new users (with any security role), and that they are not having access on any other Administration features as well.
  Appreciate any help that you can provide on the above issue.
  Thanks in anticipation.

  Hi,
  Can you check if you have organization level Read access for Securitity Role and Organization level Assign access for Security role.
  Refer:-
  http://www.magnetismsolutions.com/blog/paulnieuwelaar/2013/04/22/permissions-required-to-manage-roles-in-dynamics-crm-2011
  Hope this helps!!!
  Thanks,
  Prasad
  Make sure to "Vote as Helpful" and "Mark As Answer",if you get answer of your question

• Integrate IdM roles with Sun Access Manager roles

  Hi all,
  I am currently working on a solution involving Sun Identity Manager 7.1 and Sun Access Manager 7.1 as well. We use AM for overall authentication and SSO across the application, and IdM for user provisioning.
  I need to create roles in Identity Manager, and I would like that when I assign a role to a user in Identity Manager, he gets the same role in my Access Manager repository (Sun LDAP). Identity Manager does provide a way to set attribute values in resources when a role is set. Access Manager on the other hand has both dynamic roles, based on an LDAP search, and static roles.
  What are the important differences between static and dynamic roles in AM?
  Does anybody know a good way to propagate roles from Identity Manager to Access Manager?
  Thanks.

  I found answers to my question. I succeeded in setting the Access Manager role from Identity Manager using the nsRoleDN attribute. Here are some references to begin with:
  About directory server roles:
  http://docs.sun.com/app/docs/doc/820-2493/fvbrn?a=view
  Forum thread reference:
  http://forums.sun.com/thread.jspa?threadID=5208694
  Here are roughly the steps I followed to get this working.
  Access Manager roles setup:
  1. In Access Manager, create a new static role named test_role under the identities realm (in Subjects > Role).
  Identity Manager roles setup:
  1. Create a new role in Identity Manager: tab Roles, click New....
  2. Assign the LDAP resource to synchronize the role with.
  3. On the Assigned Resources line, click the Set Attributes Values button. This shows up the attributes listing allowing you to bind your IdM role to your LDAP repository.
  4. Set the attribute nsRoleDN to the LDAP DN of the role that was created in AM (nsRoleDN must be added in the resource attributes mapping before).
  * In the column Value override, select Text.
  * In the column How to set, select Authoritative merge with value, clear existing. (* See IDM Admin guide about this setting, I am still not sure how it reacts with multi-value attributes)
  * In the text box, enter the role DN text (ex: cn=test_role,dc=com).
  5. Save the role. You can now add the role to a user.

• Need to Assign read-only roles to a user in EP

  Hello,
  I am currently facing a situation wherin I need to assign read-only roles to a user. I need to assign the user admin, system admin and content admin roles to him, but all with read only permissions. Could someone kindly direct me as to how this can be done in EP7.0?
  Thanks in advance and best regards,
  Karthik.

  Hi Karthik,
  first, welcome on SDN!
  About your question:
  Ganesh already showed the way for the PCD. Anyhow, the content admin also can accedd the KM content (if installed); so for KM the settings have to be done, too, i.e. defining only read-permissions for this user on all repositories.
  The same holds for System-Admin - Permissions - Portal Permissions, here under the different sections only read access permissions would have to be set.
  Anyhow, some areas cannot be restricted in this way, for example the User Management. This could be done only via http://yourserver/useradmin and there via ROLE actions (and not per user).
  Still, some areas certainly will stay problematic, so that one maybe would have to strip down the standard roles (create a delta link copy of the content and then remove the problematic areas).
  Hope it helps
  Detlev
  PS: Please consider rewarding points for helpful answers on SDN. Thanks in advance!

• Error while assigning the fallowing role to the user

  Hi,
  ERROR 2007-01-18 14:13:25
  CJS-30196  Role SAP_BC_JSF_COMMUNICATION_RO is not assigned to user SAPJSF
  i am getting the fallowing error while trying to assigning the fallowing role to the user any body through some light in to it.
  Thanks
  kiran.B

  Hi,
  Standard roles are not assigned to users directly.Make sure that copy the role from standard roles then change naming convention like your company specification.
  Ex: standard role : SAP_BC_JSF_COMMUNICATION_RO
  Step:1: go to t-code: PFCG and give the role name in role tab SAP_BC_JSF_COMMUNICATION_RO
  Step:2: press copy button and change the naming convention.
  Step:3: Assign to the user.
  I hope it will help you.
  kiran kumar.v

• Role of End User

  Hi,
  Can any body expalin me what are roles of end users in xi in scenario's like file to file, file to idoc. what exactly he will do in that situation. Whether will he place the file in the source system or what. If error occurs in file to idoc scenario what will he do.
  Thanks in advance
  Regards,
  Prem.S

  >>>If error occurs in file to idoc scenario what will he do.
  Definitely, He won't be happy
  You have options to trigger alerts if something goes wrong
  regards
  krishna

• How to retrieve the Role of a custom sharepoint Group Progrmatically and also assigning the same roles to new user?

   I want to retrieve the roles assigned to custom group progrmatically and assigning the same roles to new user?

  Hi,
  According to your post, my understanding is that you want to retrieve the Role of a custom sharepoint Group Progrmatically and also assigning the same roles to new user.
  To retrieve the Role of a custom sharepoint Group, you can refer to:
  http://www.sharepointfix.com/2011/05/find-rolepermissions-of-currently.html
  To assign the same roles to new user, you can refer to:
  http://msdn.microsoft.com/library/Microsoft.SharePoint.SPRoleAssignment
  Best Regards,
  Linda Li
  Linda Li
  TechNet Community Support

• Error While Assigning Approval Management Roles to User

  Dear All,
  While assigning "Approvals Management...." Roles to the user through User management responsibility and Click on to Apply Button I am getting following Error.
  oracle.apps.fnd.framework.OAException: java.sql.SQLException: ORA-01403
  ORA-06512: at "APPS.UMX_ACCESS_ROLES_PVT"
  Can anybody help me to get rid of this error.
  Thanks In Advance
  Jithindev

  Hi,
  Standard roles are not assigned to users directly.Make sure that copy the role from standard roles then change naming convention like your company specification.
  Ex: standard role : SAP_BC_JSF_COMMUNICATION_RO
  Step:1: go to t-code: PFCG and give the role name in role tab SAP_BC_JSF_COMMUNICATION_RO
  Step:2: press copy button and change the naming convention.
  Step:3: Assign to the user.
  I hope it will help you.
  kiran kumar.v

• Task List Access Manager Role in Shared Services

  Hi
  The documentation says this role "Assigns task lists and tasks to other users". I have assigned this role to a group (in Shared Services), I have given that group Manage and Assign access to the Task List (in Planning), and have even done a security Refresh.
  Yet, when I go in as a user who is in that group, I do not see the Assign Access button in Manage Task Lists.
  Is this a bug or have I missed a step?
  We are on 11.1.2.1
  Thanks!

  Hi,
  Have you tried generating a provisioning report in Shared Services, have a read of :- http://download.oracle.com/docs/cd/E10530_01/doc/epm.931/html_cas_help/provrep.htm
  If that doesn't suit your requirements then you could always have a look at using CSSImportExportUtility to export provisioning to a csv file. The utility is located in hyperion\common\utilities and has a pdf on instructions how to use it.
  Cheers
  John
  http://john-goodwin.blogspot.com/

• Show Roles to end user

  Hi,
  My mission is to show roles to the end user and to give him possibility to make a request for one of the roles.
  However I want to show different roles for different users based on their organizational place.
  And my problem is that I can not find the way to do this.
  For example if I use getObjectNames from com.waveset.ui.FormUtil I get nothing for end-user and I get all of the roles for configurator.
  Does anybody tried to implement this?
  Thank You!

  why not show the exact items allowed for the login user's role? then you don't have to display the role to a specific item.

• Appraisal - tcode access to core and end users

  Hi Experts,
  Please let me know which transaction code access is to be given to Super Users, Core Users and End users from the list below.
  And also, Please let me know if I have missed out any transaction codes related to Appraisals.
  T codes for PMS Basic Setting
  OOHAP_BASIC           Basic Appraisal Template Settings
  OOHAP_CATEGORY           Appraisal Category Settings
  OOHAP_CAT_GROUP     Category Group Settings
  OOHAP_SETTINGS_PA    PA: Settings
  OOHAP_VALUE_TYPE     Standard Value Lists
  T codes for PMS Process
  PHAP_ADMIN     Administrator - Appraisal Document
  PHAP_CATALOG     Appraisal Template Catalog
  PHAP_CHANGE     Change Appraisal Document
  PHAP_CREATE     Create Appraisal
  PHAP_PREPARE     Prepare Appraisal Documents
  PHAP_SEARCH     Evaluate Appraisal Document
  This is very urgent..Your immediate response is highly appreciated.
  Thanks!

  Hi,
  End users are authorized with
  PHAP_CHANGE Change Appraisal Document
  PHAP_CREATE Create Appraisal
  PHAP_PREPARE Prepare Appraisal Documents
  the T.codes
  where they can prepare appraisals, if mistakenly entered wrong appraiser or appraisee they can edit
  For other activities administrators must have autorization
  Regards
  Ratan Puli

• Time management PPT  for end user training

  Hi Gurus
  Can any one send me this end user training PPT
  Regards

  Hi
  as per my knowledge thers is no standard template doc wrt time management User manual
  its document with screen shots with pointers and their details How to maintain( create, Change, Dispaly, delete, Overview)  of the infotypes in a easy way to understand the poress of  time management in End user prospective.
  with following Screen shots
  Planned Working Time
  Attaedance
  Absences
  Substitutions
  Genration of absence quota
  Time Recording Info
  Holiday calender Manitenance
  Adding/Deleting/Changing a holiday calender
  generaion of WOrkschedule after change in Holiday calender
  Fast Entry of time data PA71
  Time Evaluation
  Hope this will help you
  reagrds,
  SriC
  Edited by: Srinivasa Chakravarthy on Oct 20, 2008 4:47 PM
  Edited by: Srinivasa Chakravarthy on Oct 20, 2008 4:47 PM

• Access Manager 1.1: End of Life

  We have released Access Manager 1.2 and thus there is a cessation of support for 1.1 - Please contact our support team for an upgrade to 1.2 

  Do you remember thisfun surveysome of you took a couple of months back? Your inputs along with that of several other IT pros across the globe was the reason why we did what we did, ushering in the 16th Sysadmin Day by letting people 'know' the realyou. While IT users are aware that there are folks they can turn to when they have trouble using their systems or applications, they hardly 'know' what a sysadmin does or what the job entails. So we decided to ask random IT users about 'that IT guy/gal'.Here is a video that captures a few responses from users:https://www.manageengine.com/video-lounge.html#4MOqNC5YrKs&Community?spw
  And here is an infographic based on the responses to the survey:
  https://pitstop.manageengine.com/sysadminday/myths-vs-facts.html?spwThis is a week leading up to your big day. At work and on communities like...

• How to manage HTML DB end users in Oracle Database 10g Express Edition?

  I successfully installed Oracle XE on my Windows/XP PC.
  I followed 'Getting Started Guide' and created a new application using the hr.employees table.
  I could run this application by logging in as hr/hr.
  How can I create other HTML DB end users to run this application?
  I can only create database users in Oracle XE environment.
  Help needed....

  This MyApp application (Application 100) was created by the HR Oracle account.
  I could use
  http://127.0.0.1:8080/htmldb/f?p=100
  to run this application by logging in as hr/hr .
  For the above URL, if I logged in as anotherOracleAccount/password, I got the 'Invalid Login Credentials' message.
  As you said, I could use
  http://127.0.0.1:8080/htmldb/f?p=4550
  to get into HTML DB of the Oracle XE environment by logging in as anotherOracleAccount/password.
  Since MyApp is using the HR-owned 'employees' table, should we grant some privileges on hr.employees to anotherOracleAccount?
  I tried this, I still got the 'Invalid Login Credentials' message.

• Assigned Master Data roles in IBP user management

  Hi All,
  The new update of the IBP 4.0.1 has given a new feature called Assign Master Data under roles to give permissions to the Master Data with respect to versions. But when I add a version and tick version specific Master Data under the versions tab and activate my model, only some set of Master Data is visible under my Planning area. Is there any reason for this? Please let me know.
  Thanks.

  Hi Manaswini,
  We have noticed a similar behavior while trying out the version specific scenarios and copying Master data /Key Figure from one version to another. For some of the planning areas, only few of the Master Data would be visible while for other it works as expected.
  So, I am not sure about the exact reason but if you have any other planning area, you could try activating version specific master data over there.
  Thanks,
  Srikant