Assign users to role

Similar Messages

• About assigning users to role

  Hi all.
  Could I assign users to a role by web dynpro callable object?
  I mean , there is a inputfield in web dynpro view,if I enter a name ,will call some methods to assign the name to a role.

  Hi
  Ya it is possible through IRole and IUser API, take help form following thread and code
  1.[GP|https://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/e3f07a7a-0601-0010-ebbd-b9cfb445b814]
  2.[example how to Call to IUSer and IRole|https://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/e0957cb6-5103-2a10-6d9d-a0a4d68c8bf1]
  3. In second thread the user data is populated here you have to put your code
            example IRole  role;
                       role.addUserMember(arg0)
                          role.removeUserMember(arg0)
  Hope you will come to the solution.
  Best Regards
  Satish Kumar

• Reg:Assigning users to roles dynamically

  Hi all,
     i've different set of users for whom i can assign the roles based on their functionality. But the thing is that i can create them  and add delta links in the portal. But i don't want to do this  as manually .. and let me know in detail UME...
  Can we assign roles to users based on some logic or conditions.If yes ...Please direct me how to do it..
  Reply awaited....
  Regards,
  sitara
  Edited by: sitara kola on Mar 8, 2008 2:47 PM

  I do not know if this works for you but you can use virtual groups to automatically assign users to groups. Say you want to group users by department. Create virtual groups for the department attribute. Then assign the roles you want to assign to the marketing virtual group and the sales virtual group. When you create a new user and assign them to the marketing department, the user is automatically assigned to the marketing group as recieves the required roles.
  See the documentation: http://help.sap.com/saphelp_nw04s/helpdata/en/43/fcfa2942ed7067e10000000a1553f6/frameset.htm
  -Michael

• Assigning users to role using Security API

  Hi,
  I am trying to assign portal users to portal role using the IRoleFactory and IRole class of Secutiy API from my web dynpro application.
  For getting the role , i can use either the uniqueId of the role or the uniqueName of the role.(Using methods of IRole class, getRole(uid) or getRoleByUniqueName(uname)).
  The UniqueId of roles contains some hash values and cannot be used. For example ROLE.PCD_ROLE_PERSISTENCE.6dT95vZpyNWQHm59z7B9FxAM/fg=.
  And the for getting the role using the uniqueName, i need to give like pcd:portal_content/other_vendors/<folder name>/<my prefix>.<rolename>. Which is also not feasible.
  Is there any way to get the role only using the role name that we give while creating it?
  Thanks and Regards,
  Venkat

  Hi,
       Check if this helps.
  try  {
       IRoleFactory rfact = UMFactory.getRoleFactory();
       IRoleSearchFilter isf = rfact.getRoleSearchFilter();
       isf.setDisplayName ("*",ISearchAttribute.LIKE_OPERATOR,false);
       ISearchResult rit = rfact.searchRoles(isf);
       while(rit.next()!=null){
           String roleName = (String) rit.next();
           IRole role = rfact.getRole(roleName);
           response.write("nRole:" + role.getUniqueName());
    }catch(Exception e){
         response.write("exception");
  U will get list of roles. U can pass these directly or use String tokenizer to separate the role name alone using '.' as separator.
  Regards,
  Vijai

• Error assigning users to application Role in Obiee 11.1.1.7.0

  Hello
  I installed Obiee 11.1.1.7.0 both on Windows and Linux platform and after that, I successfully set Active Directory integration. I have a problem assigning users to Application Role in EM. When I'm trying to search a user on Display name, the Principal userName returned is blank and the error is : Java Null Pointer Exception
  After that I install a fresh copy of 11.1.6.0. After AD Integration, I was able to assign users to Application Role. I made 11.1.1.7.0 upgrade and same error has come. I think this is a bug because same AD settings on 11.1.1.6.0 works.
  The error:
  ava.lang.NullPointerException
  #{viewScope.emas_pagemodel_security_EditAppRole.searchPrincipal}: java.lang.NullPointerException
       Hide Additional Trace Information
  javax.faces.FacesException: #{viewScope.emas_pagemodel_security_EditAppRole.searchPrincipal}: java.lang.NullPointerException at com.sun.faces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:118) at org.apache.myfaces.trinidad.component.UIXCommand.broadcast(UIXCommand.java:190) at oracle.adf.view.rich.component.fragment.ContextSwitchingComponent$1.run(ContextSwitchingComponent.java:92) at oracle.adf.view.rich.component.fragment.ContextSwitchingComponent._processPhase(ContextSwitchingComponent.java:361) at oracle.adf.view.rich.component.fragment.ContextSwitchingComponent.broadcast(ContextSwitchingComponent.java:96) at oracle.adf.view.rich.component.fragment.UIXInclude.broadcast(UIXInclude.java:103) at oracle.adf.view.rich.component.fragment.ContextSwitchingComponent$1.run(ContextSwitchingComponent.java:92) at oracle.adf.view.rich.component.fragment.ContextSwitchingComponent._processPhase(ContextSwitchingComponent.java:361) at oracle.adf.view.rich.component.fragment.ContextSwitchingComponent.broadcast(ContextSwitchingComponent.java:96) at oracle.adf.view.rich.component.fragment.UIXInclude.broadcast(UIXInclude.java:97) at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl.broadcastEvents(LifecycleImpl.java:1086) at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl._executePhase(LifecycleImpl.java:434) at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:207) at javax.faces.webapp.FacesServlet.service(FacesServlet.java:265) at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227) at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125) at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300) at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56) at oracle.sysman.emSDK.license.LicenseFilter.doFilter(LicenseFilter.java:101) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56) at oracle.adf.model.servlet.ADFBindingFilter.doFilter(ADFBindingFilter.java:205) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56) at oracle.adfinternal.view.faces.webapp.rich.RegistrationFilter.doFilter(RegistrationFilter.java:128) at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:446) at oracle.adfinternal.view.faces.activedata.AdsFilter.doFilter(AdsFilter.java:60) at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:446) at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl._doFilterImpl(TrinidadFilterImpl.java:271) at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl.doFilter(TrinidadFilterImpl.java:177) at org.apache.myfaces.trinidad.webapp.TrinidadFilter.doFilter(TrinidadFilter.java:92) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56) at oracle.help.web.rich.OHWFilter.doFilter(Unknown Source) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56) at oracle.sysman.emas.fwk.MASConnectionFilter.doFilter(MASConnectionFilter.java:41) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56) at oracle.adf.library.webapp.LibraryFilter.doFilter(LibraryFilter.java:180) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56) at oracle.sysman.eml.app.AuditServletFilter.doFilter(AuditServletFilter.java:179) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56) at oracle.sysman.eml.app.EMRepLoginFilter.doFilter(EMRepLoginFilter.java:203) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56) at oracle.sysman.core.model.targetauth.EMLangPrefFilter.doFilter(EMLangPrefFilter.java:158) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56) at oracle.sysman.core.app.perf.PerfFilter.doFilter(PerfFilter.java:141) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56) at oracle.sysman.eml.app.ContextInitFilter.doFilter(ContextInitFilter.java:542) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56) at oracle.security.jps.ee.http.JpsAbsFilter$1.run(JpsAbsFilter.java:119) at java.security.AccessController.doPrivileged(Native Method) at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:324) at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUtil.java:460) at oracle.security.jps.ee.http.JpsAbsFilter.runJaasMode(JpsAbsFilter.java:103) at oracle.security.jps.ee.http.JpsAbsFilter.doFilter(JpsAbsFilter.java:171) at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:71) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56) at oracle.dms.servlet.DMSServletFilter.doFilter(DMSServletFilter.java:163) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56) at weblogic.servlet.internal.RequestEventsFilter.doFilter(RequestEventsFilter.java:27) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56) at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.wrapRun(WebAppServletContext.java:3715) at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3681) at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321) at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120) at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2277) at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2183) at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1454) at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209) at weblogic.work.ExecuteThread.run(ExecuteThread.java:178) Caused by: javax.faces.el.EvaluationException: java.lang.NullPointerException at org.apache.myfaces.trinidad.component.MethodExpressionMethodBinding.invoke(MethodExpressionMethodBinding.java:51) at com.sun.faces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:102) ... 67 more Caused by: java.lang.NullPointerException at oracle.sysman.emas.model.security.DialogAdminBean$1.compare(DialogAdminBean.java:567) at java.util.Arrays.mergeSort(Arrays.java:1270) at java.util.Arrays.mergeSort(Arrays.java:1281) at java.util.Arrays.sort(Arrays.java:1210) at java.util.Collections.sort(Collections.java:157) at oracle.sysman.emas.model.security.DialogAdminBean.fetchPrincipals(DialogAdminBean.java:563) at oracle.sysman.emas.pagemodel.security.identity.EditAppRolePageModel.searchPrincipal(EditAppRolePageModel.java:496) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at com.sun.el.parser.AstValue.invoke(Unknown Source) at com.sun.el.MethodExpressionImpl.invoke(Unknown Source) at org.apache.myfaces.trinidad.component.MethodExpressionMethodBinding.invoke(MethodExpressionMethodBinding.java:46) ... 68 more
  Any suggestion?
  Thx
  Gabriel
  Edited by: Gabbriel on Apr 23, 2013 10:46 PM

  We received from Oracle a work-around of this problem.
  It seems to be related to the virtualize flag set to true. I f you set it to false the problem disappear (it works for me).
  (rif. http://docs.oracle.com/cd/E28280_01/bi.1111/e10543/privileges.htm#BABDCJBH)
  There's an open BUG on this problem: Bug 16808088 - 11G JAVA.LANG.NULLPOINTEREXCEPTION ADDING USER TO ROLE AFTER UPGRADE TO 11.1.1.7.
  Hope this works.
  S.

• Error while assigning the fallowing role to the user

  Hi,
  ERROR 2007-01-18 14:13:25
  CJS-30196  Role SAP_BC_JSF_COMMUNICATION_RO is not assigned to user SAPJSF
  i am getting the fallowing error while trying to assigning the fallowing role to the user any body through some light in to it.
  Thanks
  kiran.B

  Hi,
  Standard roles are not assigned to users directly.Make sure that copy the role from standard roles then change naming convention like your company specification.
  Ex: standard role : SAP_BC_JSF_COMMUNICATION_RO
  Step:1: go to t-code: PFCG and give the role name in role tab SAP_BC_JSF_COMMUNICATION_RO
  Step:2: press copy button and change the naming convention.
  Step:3: Assign to the user.
  I hope it will help you.
  kiran kumar.v

• Unable to assign all security roles to a user with a new custom security role

  Dear All,
  Happy New Year.!
  I have a query regarding the assignment of Security Roles to new users in CRM. Normally we assign the security roles to new users via an Admin user who has 'System Administrator' security role assigned to him/her. This works perfectly fine, and we can assign
  any desired security role to the new user.
  However, in our case, we need to delegate the user creation rights to some of the client partners. We do not want to give them access to all the Administration functions; hence we created a new Security Role, lets say 'Support User Role'. We have provided
  'Create', 'Append', 'Append To', and 'Assign' rights on 'User' entity for this new security role. With this security role, we are able to create new users now, but we are only able to assign 'Agent' security role, not any other security roles.
  For example, if user 'x' has Security Role defined as 'Support User Role'. If 'x' tries to add a new user 'y', then 'x' is only able to assign 'Agent' security role to 'y', but not any other security role. As per business requirement, 'x' should be able
  to assign some other security roles, including 'Support User Role', to new user 'y'.
  I believe that there is something missing in Security Role configuration, which is causing the above problem. We compared both 'Support User Role' and 'System Administrator' security roles, but not able to figure out which minimum rights we can provide to
  'Support User Role' so that users with this security role can only add new users (with any security role), and that they are not having access on any other Administration features as well.
  Appreciate any help that you can provide on the above issue.
  Thanks in anticipation.

  Hi,
  Can you check if you have organization level Read access for Securitity Role and Organization level Assign access for Security role.
  Refer:-
  http://www.magnetismsolutions.com/blog/paulnieuwelaar/2013/04/22/permissions-required-to-manage-roles-in-dynamics-crm-2011
  Hope this helps!!!
  Thanks,
  Prasad
  Make sure to "Vote as Helpful" and "Mark As Answer",if you get answer of your question

• Portal:  Tab displayed but not assigned to any roles of user

  HI Experts,
  I have a problem need your great help.
  When I logon portal as a specific user, there are 5 tab in home page. When I check the role list, 3 tabs doesn't assigned to any roles this user owned.
  Then I try to copy current user into a new user, and logon in . There are only 2 tabs left, which belonged to assigned role.
  How those 3 tab assigned into this user? Can we assign iView/Page/Workset directly to user without  role?
  Any suggestion appreciate. Thanks so  much!
  Edited by: Jalyn Liang on Nov 13, 2009 9:29 AM
  Edited by: Jalyn Liang on Nov 13, 2009 9:30 AM

  Jalyn Liang ,
  You can find if the user id belong to a particular group with the following ways,
  Log in as an admin and go to User Admin -> Users- > Seach -> Enter the user Id and serach for the user -> Select the 5th icon with the  tool tip ->Assigned Groups"
  or
  User Admin -> Group -> Search for the group.
  or
  You can use UME API to find out whether the is belowng to a group though coding.
  Ram

• How to assign Users to process roles?

  Hi All,
  I have designed a process and I have consolidated all the roles,
  when I intiate the process from the runtime workset it asks to assign users to these roles(I have consolidated all the roles to three mail roles). The problem that I am facing is that the user should not see this screen, depending upon the user login id the approvers should be automatically assigned to the respective roles.
  Is this possible...
  Kindly guide me
  Thanks in Advance
  Sivaprasath

  Hi Sivaprasath,
  assuming that I've got you wright you could try to model the following using the callable object "business logic" and the callable object "assign user to process role".
  With the help of the first CO you can implement the logic to assign the respective approvers to the users (initiator) and let the processflow go on directing it to the appropriate step where the above mentioned second CO assigns the user to the process role (using the result states of the bussiness logic CO)
  At least you are supposed to need an appropriate Parameter that you can consolidate with the User ID.
  Just a quick idea, hope this will work with you.
  Greetings
  Berndt

• User-id / Roles  assigned in Solution Manager system

  Hi Friends,
  I need an information regarding following:
  User-id / Roles  assigned in   SOLMAN Dev system   
  SM59 Destinations in Solman dev system  & user-id/pwd used  for connecting to Satellite systems
  User-id/ Roles assigned in   Satellite systems  - EG: ECC , PI , SCM ,BW   for SOLMAN Related User-ids 
  SM59 Destinations in  Satellite systems  & which user-id /pwd is used for connecting to   Solman dev system
  Kindly suggest me how I can get all the above information.
  Thanks & Regards,
  Solman Starter

  All users are created in SOLMAN_SETUP with the proper authorizations, just follow the guided procedure. In LMDB, you can set up the RFC connections to your satellite systems after you pushed the system information with RZ70 / SLD data supplier.

• Assigning user roles in my application in a programatic way

  Hi,
  How can I assign user roles in a programatic way when I am using the Sun One 7 server? Is that possible?
  Thanks,
  Wanderley.

  Sorry, but I need to know HOW can I assign roles( RolesPrincipals) to the container Subject (using JAAS)?
  When I am using, for instance Tomcat, I assign the roles to the container's Subject defining the Roles Principals in server.xml. Like this:
  <Realm className="org.apache.catalina.realm.JAASRealm"
               userClassNames="br.com.caf.security.auth.LoginPrincipal"
               roleClassNames="br.com.caf.security.auth.RolesPrincipal"/>Doing that, Tomcat will know which Principal to return when I call "request.getUserPrincipal()".
  In JBoss I implement a LoginModule (org.jboss.security.auth.spi.AbstractServerLoginModule) that defines who is my User (LoginPrincipal) and his Roles (RolesPrincipal).
  How can I assign user and his roles to the container's subject in Sun One?
  Thanks,
  Wanderley.

• Assigning Group(of users)  to Role when starting a process programmatically

  Hi All,
  I m starting a process programmatically(using startProcess()).
  Process initiation is working fine, but i need to assign a 'Group' to the role, and not a user. It is a portal group, available at portal end only. How can this be done?
  Please guide.
  Thanks and Regards,
  Sakshi

  you can use the following code
  import com.sap.caf.eu.gp.process.api.GPProcessFactory;
  import com.sap.caf.eu.gp.process.api.IGPProcess;
  import com.sap.caf.eu.gp.process.rt.api.IGPProcessRoleInstanceList;
  import com.sap.caf.eu.gp.process.rt.api.IGPRuntimeManager;
  import com.sap.security.api.IUser;
  public void startProcess( java.lang.String processId )
     // retrieve the Runtime Manager
     IGPRuntimeManager rtm = GPProcessFactory.getRuntimeManager();
     // create an empty role assignment list
     IGPProcessRoleInstanceList roles = rtm.createProcessRoleInstanceList();
     // get the process role number
     int rolenum = process.getRoleInfoCount();
     // iterate over the required roles
     for (int i = 0; i < rolenum; i++) {
        // create a new role instance by specifying the role's unique name
        IGPProcessRoleInstance roleInstance = roles. createProcessRoleInstance(process.getRoleInfo(i).getRoleName());
        // add a user to the role instance
        roleInstance.addUser(roleUser);
        // add the new role to the assignment list
        roles.addProcessRoleInstance(roleInstance);    
  Thanks and Regards
  shanto aloor

• USER MANAGEMENT-CO "Assign users to process role"

  HI,How can I assign the CO "Assign users to process role" to one or more users inside of a process?
  Thanks.
  Regards
  David Valenzuela

  Hi David,
  I am not sure whether a callable object can be assigned to more than one user or not, but for assigning one single user to a callable object inside a process, follow the following steps:
  1)Put the callable object in an action.
  2)Put the action in a block.
  3)In the block, under the <b>Roles</b> tab, you will be able to see an item called <b>Processor of <<i>name of action containing this callable object</i>></b>. You don't need to do anything. If you wish, all you can do here that you can consolidate roles of more than one action under a single name such that one user is assigned to all those actions. For the time being, don't do anything.
  4)Put the block in the process.
  5)In the process, under the <b>Roles</b> tab, you would be able to see the same item <b>Processor of <<i>name of action containing this callable object</i>></b> and a drop down in front of it. Choose <b>Initiation Defined</b> from the drop down.
  6)In the process itself, open the <b>Default Roles</b> tab, and now you would be able to see the same item <b>Processor of <<i>name of action containing this callable object</i>></b>. Just click the <b>Add Default</b> button, search for the user, and assign him to this <b>Processor</b>.
  These steps will make sure that when you run the process, the CO <b>Assign users to process role</b> could be opened by only the user you assigned this CO to.
  Bye
  Ankur
  Do reward points if it helps!!

• Assigned users for a role

  Hi
  I am looking for auditing feature in Portal. I created a portal role,say ABC in portal and added an iView to that role. When ever I create any user, I am assigning this role to that user. Now I want to know the users associated to this role ABC. Under User Administration tab, when I look at Assigned Users for this role, I don't see any users. But when I see the roles assigned to any user, I can see this role assigned to this user. I don't want to go to all users and check whether this role is assigned or not.
  Also, I want to know the users who all are accessing the iview in role ABC currently. Can you please help me with these points.
  Thanks in advance
  Tejo

  Hi Tejo,
  check below thread
  Read all the users assigned to a portal role
  Koti Reddy

• Re-assign a different role to a lot of users

  Hi,
  I need to change the assigned role for a large number of users >5000. I know I can do this using bulk actions eg
  command,user,waveset.roles
  Update,user1,|Remove|oldRole
  update,user1,|Merge|newRole
  Update,user2,|Remove|oldRole
  update,user2,|Merge|newRole
  However this results in two actions per user and thus doubles the time taken to process each user.
  Does anyone have a method, workflow etc that will enable me to change the role of a user but in only one task.
  Regards
  Steve

  I think this answer is a little late, but if I have to change a number of users i do not want to go through the normal workflow and open work Items für thousands of users.
  I use Python to open and edit the XML User Export. The result of this will be imported via "lh import" It is quite simple to search for roles or similar and edit Attributes, delete the role, add new roles etc. With lh import I have the possibility to import without the standard checkIn of a View.
  Regards