Assign roles to positions
Hi,
How can i assign roles to position.
Kind regards,
Shruti
Check this might help...
http://help.sap.com/saphelp_erp2005vp/helpdata/en/92/e7623c28695c63e10000000a11405a/frameset.htm
Similar Messages
-
How to assign roles to positions?
Hello everyone,
I am new in SAP HR field and my question could be very basic but would really appreciate your reply:
" I am configuring Indirect Role assignment model and want to use it to assign positions to users.
Now, I want to know how are these positions linked to actual roles and from where can I assign some roles to my positions? "
Thanks
HarleenHi Harleen
As you know, we have both Standard and Structural authorizations in SAP HR
1. Standard Authorization
If you want to assign Standard Authorizations to a Position, you need to create Relationship b/w Object type S and AG (You need to have authorization to PFCG T code in this case)
I am not very sure if SAP has provided any standard program to assign the Standard Authorizations which are avaialble against a position to a User.
2. If you want to assign Structural Authorizations to a Position and in turn to a User
Create Structural authorization profiles in OOSP, assign the same to position by creating Infotype 1017 for a Position and run RHPROFL0 program to update the same to the USER (T77UA) who is occupying the position (A008 Relationship b/w S & P and IT 0105 against P)
Hope this helps
Best Regards
Reddy -
Need to assign Role into step type mail in recipent type
Hi Experts,
I need to assign role to for step type send mail recipent type . but in drop down there is not any role option to assign . to achive this i created organization then position and assing job to that position then assigne to role under that job . after all in recipent type i assigned with job . but when i execute workflow i am getting error . even i dirctally assign role to position and then assigne that position to recipent type. when executing my workflow i am getting error .
but if a assigne user to position or job my workflow working properlay. is there any proble to assing Role to Job or position.
please let me know is there any extra thing i need to take care when i assign Role to position or Job .
point will rewarded for right answer.Hello,
Get the users assigned to the role into a container element in the previous step of 'SendMail' step and use the same as the recipient of the Sendmail step.
This would be a better and easy option as Arghadip said.
Hope this will help.
Regards,
Samson -
Not able to assign Composite Role to Position
Hello All,
I am facing following problems.
1) The user is Not able to see Create Report Links, when i checked the Composite Role in PFCG i found that the in USER Tab Organizational Tab was yellow, i did Indirect Reconcillatin in Organizational Tab and then it went GREEN, then i did User Comparision.
I got this Message
"You do not need to perform Prfile Comparision for role " Role Name".
and the Position was removed.
2) Now i am Trying to assing the Role to Position, i am not even able to assign it and the User id is not coming under User id list.
Please suggest.
Thanks,
CB@Point#1: It could be that user master is already compared for your composite role and no further comparison is required. To double check you might just run the comparison again via tcode PFUD or report RHAUTUPD_NEW
@Point#2: For indirect assigment to position make sure organization management is active in your system (the switch HR_ORG_ACTIVE is set in the table PRGN_CUST to YES).
Thanks
Sandipan -
Assign roles to Org. Structure elements
Hello Experts
I,m trying to assign roles to elements of the Organizational Structure (positions, organizational units) so, when we assing a Business Partner with employee role (with a specific user) to a position, it gets all the roles of that position automatically.
In a previous thread I have seen the following procedure:
PFCG > Edit a rol > user tab > Org. Management button > Create assignment > Position > Select a position from combo > Create
But in my case the Org. Management button looks not active.
Is there some preliminary activity to do?
Thanks in advance.
Ceers,
AlanResolved.
The system only displays this pushbutton if you have defined an
active plan variant in the current client, the prerequisite fir
using Organization Management. If you have not defined this
active plan variant, you cannot see Org. Management .
Otherwise, you should choose "Full view" at the start of the transaction.
Bye,
Alan -
Assigning Employees to Positions as Successors
Hi Guru's,
We have deployed HR Renewal 1.0 on EhP6 and planning to implement Talent Management. I went through SAP documentation for Manager Role and read that managers can assign employees to positions as successors.
But, I could not find an application from role SAP_SR_TMC_MANAGER_6 where managers can perform this activity.
Please suggest.
Regards
SadhuHi Harinath,
Are you implementing Talent Visualization by Nakisa also?
Because as I know, Manager can assign employees to successors pool using Talent Visualization by Nakisa.
Please refer to link below about the explanation of Talent Visualization by Nakisa.
http://scn.sap.com/community/erp/hcm/talent-visualization-by-nakisa/blog/2013/01/29/what-s-new-in-visualization-solutions-by-nakisa-40 -
Assigning roles to LDAP users through BIP API
Hi.
My customer has BIP 11g and OIM 9.1.0.2 running on the same weblogic server (11g). Both authenticate against the same LDAP server.
One of our desired next steps is to provision from OIM the BIP roles to each LDAP user so every user gets the correct roles (and access to the correct reports) according to the groups he has on OIM.
I've been searching for info regarding this without success. The BIP API doc does not show any info about assigning roles to users.
We don't need to manage LDAP users, BIP roles, etc... through OIM. We only need to assign BIP roles to LDAP users.
Is it possible to make that assignments through BIP API?
If not, any other ideas? New ideas or different approaches are welcome.
Thanks in advance.In OBIEE 11g which includes BIP the application roles are applied to LDAP users and groups using the Enterprise Manager Fusion Control.
During the upgrade process from OBIEE 10g to OBIEE 11g the groups do get assigned to these roles transparently so there must be some API to leverage this functionality.
I would start there, http://download.oracle.com/docs/cd/E14571_01/bi.1111/e10541/admin_api.htm
There are no specific instructions on accomplishing what you seek but if you have some WLST or Java Skills you should be able to get something prototyped.
Let me know if that helps. -
Error in assigning role to multiple task
Hi,
We are using BAPI BAPI_BUS2175_ROLE_ASSIGN_ADD to assign role to task. It is working fine if we are assigning different role to different tasks. But if we assign the same role to different tasks in a project, it is giving dump while saving the data.
We are using following sequence in the code:
1. BAPI_BUS2172_LOAD to load the project
2. BAPI_BUS2175_ROLE_ASSIGN_ADD to assign role to task
3. BAPI_CPROJECTS_COMMIT_WORK to save the changes.
So when BAPI_CPROJECTS_COMMIT_WORK is executing, it is giving dump as follows.
The exception 'CX_DPR_FATAL_ERROR' was raised, but it was not caught anywhere
along
the call hierarchy.
Since exceptions represent error situations and this error was not
adequately responded to, the running ABAP program
'CL_DPR_AUTHORIZATION_SERVICES=CP' has to be
terminated.
Could you please let me know what may be the reason for getting dump.
Regards,
Anil SalekarI can tell you the table where the the role assignments get stored . It is
DPR_ENTITY_LINK. -
Assigning roles to users programmatically
Hi,
I want to programmatically create roles, assign roles to users etc.
I saw at this thread
ADF Security Policy Store
the folowing scriptlet by Frank Nimphius
try {
IdentityStore idstore = JpsCommonUtil.getValidIdStore("idstore.xml.provider").getIdmStore();
try {
UserManager userManager = idstore.getUserManager();
RoleManager roleManager = idstore.getRoleManager();
Role adminRole = idstore.searchRole(Role.SCOPE_APPLICATION,"admin");
// create user
//TODO check for empty username and password
User newUser = userManager.createUser(this.username,this.password.toCharArray());
roleManager.grantRole(adminRole,newUser.getPrincipal());
} catch (IMException e) {
// TODO
} catch (JpsException e) {
// TODO
return null;
this is a TP3 scriptlet, is it still working on the 11g production?
I try it and i get a JpsException
oracle.security.jps.JpsException
at oracle.security.jps.internal.common.util.JpsCommonUtil.getValidIdStore(JpsCommonUtil.java:1004)
do I have to replace "idstore.xml.provider" with something else depending on my configuration?
thanks
TilemahosHi Frank thanks for the answer,
I check this functionality at WLS embeded LDAP and I shaw your "How-to configure OID for authentication in WebLogic Server" post.
I manage to add users and assign them roles that i created at my application.
But what if I want to have a super user that can create new roles and assign them member roles?
eg.
Developer created roles (policy store):
accessPage1 ( granted all the necesery principals to access page1 )
accessPage2 ( granted all the necesery principals to access page2 )
Super user created roles
Role1 member roles :accessPage1,accessPage2
If i want my application to have that functionallity i must create roles programmatically wont I?
If there another way?
By the way I followed the advices at the following useful links
Chris Muir: http://one-size-doesnt-fit-all.blogspot.com/2008/12/configuring-wls-with-ms-active.html
Frank Nimphius's How-to configure OID for authentication in WebLogic Server
Edwin Biemond's Using OpenLDAP as security provider in WebLogic
Andrejus Baranovskis: Practical ADF Security Deployment on WebLogic Server
And I manage to add users of the Microsoft LDAP at the WLS
but I could't mekae them group members of my application groups (roles)
is this possible?
Thanks -
SECATT for assigning roles to users
Hi All,
How do we make the ECATT to work for the below scenario:
Users already have roles assigned to them. We need to add a new roles to the users which can vary in number based on the users job.
A simple ECATT script that was developed to add a single role to a new user does not work in the above case and gives an error of invalid batch input. How do I create a ECATT to assign role to user who already has a set of roles assigned (number of roles assigned to users differ, so I cannot assume to train the ECATT to assign a role on line X). Is there something I am missing while the ECATT script creation?
We are doing this from a CUA and its very difficult to assume how many roles a user could have.
Thanks,
JayThanks Alex for the insight. For some reason SU10 is slow in the CUA environment and I wanted to avoid it but yes I finally had to use SU10. Talking to one of our ABAPer I came to know that even in their BDC recordings they get the error which I receeived, but he changes his program to skip all the lines with data and then fill the empty line.
In CUA environment, how do we create ECATT to delete a role from many users?
Thanks,
Jay -
What is the purpose of assign roles to portal please describe
what is the purpose of assign roles to portal please describe
Hi,
You assign Roles to Users and not to portals.
Check this to know about Role:
http://help.sap.com/saphelp_nw70/helpdata/EN/45/c0d8e962336000e10000000a1553f6/frameset.htm
So a role has contents that a user can see and also privilages that the user can have (UME Actions).
http://help.sap.com/saphelp_nw70/helpdata/EN/fb/33f520d15f8f4092a60381365620b2/frameset.htm
When a user is assigned certain roles which have contents and also UME Actions, this user sees them when he logs on onto the portal and also has this set of privilages.
Regards,
Praveen Gudapati -
Assigning role to role doesn't work when applying Database security model
I applied Oracle Database security model for BI Publisher.
then I create some roles and users and assigned roles to users in Oracle Database.
i also assigned appropriate folders to each role in BI Publisher.
the users with direct roles worked successfully but i got problem when i assigned roles to a super role, and assigned this role to a super user.
the super user could only access guest folder.
Please help me.
thanks.
Daniel
Edited by: user13344498 on Jul 5, 2010 11:13 PMAdd a Role to a Role:
1. From the Security Center, select Roles and Permissions; this will invoke the
Security Center page. Here you can see the list of existing roles and permissions.
2. Select the Add Roles icon for the Role.
3. Select the desired role from the Available Roles list and use the Move shuttle
button to move it to the Included Roles.
this is from "Oracle® Business Intelligence Publisher User's Guide Release 10.1.3.2 Part No. B40017-01" book, but the security model is BI Publisher Security. -
One CUP request for assigning role to multiple users
Hi,
We assign roles to users in production only through CUP requests.. We use GRC 5.3
Here we have a case where we need to assign one role to 60 users in production(each user may have different roles assigned in the back end) . I can raise one CUP request for all users using " multi-user" option in Copy request . But when we want to make a risk analysis , it will not show risks at user level as each user had different roles and may get different risks by adding new role.
Instead it will give risks if any for only that new role which want to assign. Our manager is not accepting as this is not giving complete picture of risks for each user when we add new role.
Please suggest me if there is any other way where I can make a risk analysis for each user when I created a CUP request for multiple users.
Or the only solution is to create 60 CUP requests ?? this would be too manual
Regards ,
jaagsRaghu,
thanks for the reply, you are right as per the audit .But suppose if it is for 200 users ,creating 200 CUP requests will be impractical right.
there should be some solution for this , because there will be many situations practically where we have to assign roles to N number of users.
Is this possible in GRC 10 ? any idea ?
Regards,
Jaags -
Error in User Management and Assigning Role
Hi,
I have configured LDAP authentication on LiveCycle Server. I get the userlist with LDAP in my admin console under User Management - User & Groups. But as soon I click on any of the LDAP username I am getting error to contact administrator. Same also happens when I check the checbox infront of the username and tries to assing role.
My Livecycle server is on WAS6.1, I also have server setup on my local where the same LDAP i have configured and I am able to access users and assign role. Is there any problem with WAS6.1 ?
I checked the logs and i got following exception in server logs.
[10/24/08 10:57:58:467 EDT] 00000039 IDPLoggedExce W com.adobe.idp.common.errors.Logger$LogConsumer run UserM:GENERIC_WARNING: [Thread Hashcode: 1028668752] | [com.adobe.idp.um.businesslogic.directoryservices.DirectoryServicesManagerBean] errorCode:8193 errorCodeHEX:0x2001 message:getPrincipal public chainedException:java.lang.NullPointerExceptionchainedExceptionMessage:null chainedException trace:java.lang.NullPointerException
at com.adobe.idp.um.businesslogic.directoryservices.DirectoryServicesManagerBean.getCacheKey s(DirectoryServicesManagerBean.java:1583)
at com.adobe.idp.um.businesslogic.directoryservices.DirectoryServicesManagerBean.findPrincip al(DirectoryServicesManagerBean.java:1608)
at com.adobe.idp.um.businesslogic.directoryservices.EJSLocalStatelessDirectoryServicesManage rBean_0dbf3d20.findPrincipal(Unknown Source)
at com.adobe.idp.um.api.impl.DirectoryManagerImpl.findPrincipal(DirectoryManagerImpl.java:13 8)
at com.adobe.idp.um.ui.user.CreateNewUserAction.doExecute(CreateNewUserAction.java:139)
at com.cc.framework.adapter.struts.ActionUtil.execute(Unknown Source)
at com.cc.framework.adapter.struts.FWAction.execute(Unknown Source)
at com.cc.framework.adapter.struts.FWAction.execute(Unknown Source)
at org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:431)
at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:236)
at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1196)
at org.apache.struts.action.ActionServlet.doGet(ActionServlet.java:414)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:743)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
at com.ibm.ws.webcontainer.servlet.ServletWrapper.service(ServletWrapper.java:1075)
at com.ibm.ws.webcontainer.servlet.ServletWrapper.service(ServletWrapper.java:1016)
at com.ibm.ws.webcontainer.filter.WebAppFilterChain.doFilter(WebAppFilterChain.java:145)
at com.adobe.framework.SetCharacterEncodingFilter.doFilter(SetCharacterEncodingFilter.java:1 73)
at com.ibm.ws.webcontainer.filter.FilterInstanceWrapper.doFilter(FilterInstanceWrapper.java: 190)
at com.ibm.ws.webcontainer.filter.WebAppFilterChain.doFilter(WebAppFilterChain.java:130)
at com.adobe.idp.um.auth.filter.AuthenticationFilter.doFilter(AuthenticationFilter.java:154)
at com.ibm.ws.webcontainer.filter.FilterInstanceWrapper.doFilter(FilterInstanceWrapper.java: 190)
at com.ibm.ws.webcontainer.filter.WebAppFilterChain.doFilter(WebAppFilterChain.java:130)
at com.adobe.idp.um.auth.filter.PortalSSOFilter.doFilter(PortalSSOFilter.java:113)
at com.ibm.ws.webcontainer.filter.FilterInstanceWrapper.doFilter(FilterInstanceWrapper.java: 190)
at com.ibm.ws.webcontainer.filter.WebAppFilterChain.doFilter(WebAppFilterChain.java:130)
at com.ibm.ws.webcontainer.filter.WebAppFilterChain._doFilter(WebAppFilterChain.java:87)
at com.ibm.ws.webcontainer.filter.WebAppFilterManager.doFilter(WebAppFilterManager.java:771)
at com.ibm.ws.webcontainer.filter.WebAppFilterManager.doFilter(WebAppFilterManager.java:679)
at com.ibm.ws.webcontainer.servlet.ServletWrapper.handleRequest(ServletWrapper.java:546)
at com.ibm.ws.wswebcontainer.servlet.ServletWrapper.handleRequest(ServletWrapper.java:478)
at com.ibm.ws.webcontainer.servlet.CacheServletWrapper.handleRequest(CacheServletWrapper.jav a:90)
at com.ibm.ws.webHello Do anyone get anything about above exception, or is there any other information needed, please let me know ?
I still cannot found the solution for above problem, and it stops me to configuring users on Adobe LiveCycle ES, we have purchased Livecycle ES version 8.0 -
Error : you are not assigned to a position
Hi Seniors,
I am getting below error though I have assigned proper position in R/3 and also I have linked this with communication info type 105 using PA30. I am not able to see my data in portal.
Please help...
Regards,
RituHi Ranjith/ Luke,
I re-checked the OM- PA configuration and again try to maintain A012 relationship as well... but again the same error ... " You are not assigned to a position "
Please help
Regards,
Ritu
Maybe you are looking for
-
HT4356 How do you conver a Page document to PDF when there is no printer available
I purchased a $400 printer last year..now I cannot use it with my IPAD3 because it has to be an Air Print printer. I need to convert my Page document to PDF and the only way to do that is to go to Print a document...but, when I get there it tells me
-
LaserJet 2605dn washed out colors with new color cartridges
I loaded the 3 new color cartridges, the black still has ink. Now when I print, the colors are washed out . I calibrated color and ran the cleaning utility. Strangely, the demo print page with the bright blue and orange looks just fine. I investi
-
Brainstorming imported Archives (JAVA) versus Z-TABLEs (ABAP)
Hi everybody, we got very complex processes and I would like to ease them: Instead of fixedValues in Message-Mapping we use CSV-files and store them in the imported archives. In different message-mappings we read the CSVs via UDF. The problem is that
-
Would using a Apple Time Capsules be easier to use as you can use the Airport Utility to set everything up? OR would there be better programs out there that would do more than Airport Utility on a non Apple drive? Would using encryption affect the sp
-
BEx Query RRI with authorization object
Hi, I have two queries linked using RRI (Sender and Receiver). Queries have authorization object. Both queries work fine with authorized user if I use them separately. (Query Sender works fine with authorized user, Query Receiver works fine with auth