Assigning Authorisation profile to roles

Hi All,
I have created a new authorisation profile by copying from the standard profile and activated the same, I have created a role using  PFCG and assigned it to the user via SU01, but still the user has not  got the required authorisations.
When i try to assign this  profile to the role via PFCG, i am not able to assign
Either i have to select  the  transactions from the menu tab and the  system is creating  new authorisation profile and  assigning it to the user,
can anybody  help me out in assigning the  authorisation profile to the  roles
Regards
Venkat

Hi Venkatesh,
Short of performing an upgrade step via SU25 to convert the profile to a role (which you really don't want to do!), you can't do this to the best of my knowledge.
PFCG is called profile generator because it creates the profiles for you based on what you enter into the menu tab and the corresponding auth values that you maintain within the role via PFCG.
I strongly recommend that you build a role via PFCG and create it with the right combination of menu transactions and auth values.  You can then assign this to the user.  This is the standard way of maintaining authorisations now.
Alternatively you can assign the profile you have created to the user, however if the role build is role based, I would not recommend this approach at all.

Similar Messages

  • How to assign authorisation object to  user

    hi,i have created authorisation object now i want to assign it to role and
    then to user
    how to get this.
    i went into pfcg transaction but i didnt know how to assign authorisation object to
    role and then to user
    can any one tell me how to procedd further?
    Message was edited by:
            venkat s

    Hi Venkat,
    When you create authorization object in RSSM you only assign info object.
    How did you assign respective values?
    once your authorization object is saved you should find it in PFCG. even if you go to expert mode for profile generation
    Check tecnical name.
    Alternatively instead of inserting manually go to selection criteria  and the system will display all active authorization objects  and you can choose your object.
    Jaya

  • How to render web items based on the authorisation profile of the user

    Hello,
    Is there any way to render web items based on the authorisation profile of the user. The only way i can think of is:
    - Write ABAP to look up into the security mapping tables.
    - Convert the ABAP report into RFC-Enabled FM. The selection variables will be part of the import/export parameters of FM and table can be used to display the result.
    - Create HTML template using WAD, write Java Script to call the FM and map the import/export parameter. Display the result in Table.
    But i don't know How to use the Java Script to call Function Module (FM) and get back the authorization through parameter.
    Is anyone know about it or is there any other method to do it? I can't find any solution and it is very critical for me.
    Any help is highly appreciated.
    Rajat

    Hi Rajat,
    Do you mean that you want certain users to be able to use only certain web items? I think you can use the libraries for that and assign them to roles:
    http://help.sap.com/saphelp_nw04/helpdata/en/4e/0f813b420ce60ee10000000a114084/content.htm
    Hope this helps...

  • Programmatically assigning Authorization Objects to roles

    Hi there,
    I have created an authorisation object with eight fields. The fields control which parts of my application are accessible to the user. (Each field is one category, each category has several subcategories).
    What I want to do is the following:
    There shall be a custom authorization dialog, wherein the system administrator can configure the access of the application for a specific user.
    In plain text: I want to develop an interface which makes it possible to assign authorisation objects with specific values to a user or to an already existing role.
    Is there any functionality, that allows me to perform this assignment and regenerate the users profile?
    I already discovered, that the table UST12 contains the connection between the authorization profile of a role and an authorization object, as well as the assigned values. Anyhow, just to write new values to that table has no affect to the authorization when calling "authority-check object" in an ABAP report.
    Does anyone know, whether there are standard functions in the ERP System, that support the changing of authorization objects and the regeneration of roles?
    Thank you very much,
    Gregor
    Edited by: Gregor Bender on Mar 11, 2008 8:41 AM

    >
    Gregor Bender wrote:
    > I already discovered, that the table UST12 contains the connection between the authorization profile of a role and an authorization object, as well as the assigned values.
    Nope, sorry, it's not the connection but only one of the many.... Roles and profiles are stored in quite a lot of different tables so manipulating one table directly will hardly ever get you the desired situation. It may even lead to problems due to inconsistencies.
    For mass regenerating profiles there's transaction SUPC.
    For manipulating the contents of roles/profiles have a look at scripting with SECATT or LSMW in combination with PFCG.
    If you want to write code to add objects to roles you have to look at least in tables AGR_1250, AG_1251 and AGR_1252. The UST* tables are updated when generating profiles and/or comparing users.

  • Two user with same profile and role having different authorization

    Dear All,
    I have very strange case of authorization . We have a new abap developer in our company . Her profile as copied from an exiting abap developer's profile in Development system. But she don't have authorization for lot of transaction that the existing user have. I checked the profile tabs , role tabs . then done the user compare for all the roles , but of no use.
    I did a compare of the two uses using S_BCE_68001430 and could see is that the existing abap user is having authorization starting with T_PXXXXXXXX that is giving him extra rights. These authorization is not present in any of the existing role he is assigned to (checked using S_BCE_68001396). The authirsaction in the roles start with T-DXXXXXXXX
    Will appreciate if any one can give any input . The problem is i need to assign each authorisation the existing user having manually to the new user.
    regards
    Tony

    Thanks for the mail.
    I check the "Reference User for Additional Rights" -- there is no refernce user assgined.
    I checked the table USR04 the no. of Profle for the two users are diffrent and in the table UST04 also the the existing uer is having addtional profiles.
    I like to add one more point Some of the roles of the  two users are composite roles and both the composite and its orignial roles are included the profile of both users.
    Does any one have idea of the authorisations starting with T_PXXXXXXXX
    regards
    tony
    MANDT BNAME          PROFILE    
    100   CHARLHO        B_LSMW_ALL 
    100   CHARLHO        T-D1780054 
    100   CHARLHO        T-D1780057 
    100   CHARLHO        T-D1780058 
    100   CHARLHO        T-D17800581
    100   CHARLHO        T-D1780075 
    100   CHARLHO        T-D17800751
    100   CHARLHO        T-D1780086 
    100   CHARLHO        T-D17800861
    100   CHARLHO        T-D17800862
    100   CHARLHO        T-D17800863
    100   CHARLHO        T-D17800864
    100   CHARLHO        T-D1780087 
    100   CHARLHO        T-D1780088 
    100   CHARLHO        T-D1780247 
    100   CHARLHO        T-D1780304 
    100   CHARLHO        T-D1781182 
    100   CHARLHO        T_P0920411 
    100   CHARLHO        T_P09204111
    100   CHARLHO        T_P092041110
    100   CHARLHO        T_P09204112
    100   CHARLHO        T_P09204113
    100   CHARLHO        T_P09204114
    100   CHARLHO        T_P09204115
    100   CHARLHO        T_P09204116
    100   CHARLHO        T_P09204117
    100   CHARLHO        T_P09204118
    100   CHARLHO        T_P09204119
    100   TESTUSER2      B_LSMW_ALL 
    100   TESTUSER2      T-D1780054 
    100   TESTUSER2      T-D1780057 
    100   TESTUSER2      T-D1780058 
    100   TESTUSER2      T-D17800581
    100   TESTUSER2      T-D1780075 
    100   TESTUSER2      T-D17800751
    100   TESTUSER2      T-D1780086 
    100   TESTUSER2      T-D17800861
    100   TESTUSER2      T-D17800862
    100   TESTUSER2      T-D17800863
    100   TESTUSER2      T-D17800864
    100   TESTUSER2      T-D1780087 
    100   TESTUSER2      T-D1780088 
    100   TESTUSER2      T-D1780247 
    100   TESTUSER2      T-D1780304 
    100   TESTUSER2      T-D1781182

  • Logon is not possible because you have not been assigned to a business role; please contact your system administrator

    Hi experts,
    I'm having a problem when our project approaching the end.
    If I assigned the business role in parameter CRM_UI_PROFILE and PFCG role in SU01.
    It works fine,and the user can logon the web ui.
    Now I created a new organization model and position,assigned the business role and user to the position.
       A PFCG role was also assigned to the business role:
    Then I removed all the roles and profiles in user master in SU01.
    The user can not login CRM WEB UI and the system raised "Logon is not possible because you have not been assigned to a business role; please contact your system administrator".
    Can anybody suggest what the problem is? Is there any other settings I should make?
    I suppose that,since the user was assigned to the position the organizational model, the system can determine the user's business role, and through the business role, the corresponding PFCG role can also be determined.
    Am I correct?
    Thanks.
    Jerry

    Jerry, yes, you're right.
    Let me point you to pretty good explanation right here: Logon is not possible because you have not been assigned to a business role; please contact your system administrator
    So business role determination is taken in three steps (you can observe them in class CL_CRM_UI_PROFILE_DETERM method LOAD_PROFILES):
    1. From user's parameter  CRM_UI_PROFILE (method LOAD_FROM_USER_PARAMETER);
         If  CRM_UI_PROFILE = * then the user needs to have S_DEVELOP authorization object with OBJTYPE = 'DEBUG' (debug authorization).
    2. If not found on previous step: From organizational management (method LOAD_FROM_ORG_MANAGEMENT)
    3. If not found on previous steps: Based on PFCG roles (method LOAD_FROM_PFCG_ROLE);

  • How to find the users who r assigned to profile sap_all through su01

    how to find the users who r assigned to profile sap_all through su01

    you can get into SUIM-->where used lists, check for users with profile SAP_ALL you can get a list of users who have
    it. and you can get into SUIM through SU01 from user information system link.
    you can execute RSUSR002 from SA38/SE38.
    RSUSR002  is the report which gets you the whereused list for profiles within roles, users.
    you can get it from transaction SECR ofcourse you are executing the same report.
    you can get from UST04 table and obviously USR04 also because sometimes you  miss some details from UST04 because of sync problems.

  • Creatkion of customized profiles and roles

    Dear Experts,
    Im new to SAP and SDN.
    My requirement is that i need to create a new profile for technical people
    as z_tech_role giving access to transactions as SE38,S71,smartforms etc.
    Similarly a functional one needs to be developed as z_func_role access to Se16,
    solar01,solar02 ,va01,ad other VA transactions.
    The same for a workflow profile.
    Can you please provide me with steps how i need to create this profile and how to attach roles in it to the profile.
    Thanks in advance

    Hi,
    There is one forum for SAP Security, you've to post this message in that forum to get quick and exact reply..
    Anyways, please follow the help.sap link above povided already.
    Somebasic concepts:
    1. Tcodes are assigned to Roles.
    2. When Roles are generated, they create profiles.
    3. Roles are assigned to Users. (profiles are not directly assigned, except few like sap_all, sap_new etc)
    So what you can do, create a role z_tech_role in PFCG and add transaction SE38,S71.. etc.then maintain authorizations, generate the role. and then go to user tab, add the users whom you want to be assigned with the new role z_tech_role. (role assignement can also be done in SU01, roles tab)
    Thanks,
    Debasis.

  • Error :Authorization check for caller assignment to J2EE security role whil

    Hi Experts,
                 i m working as a portal resource .
    after the deployment of standered Sap e-rec package .
    i m getting some error. i have assigned the recruiter role to one test user.
    Now i m getting two issue:
    1)All the services are appearing in Detailed Navigation Pannel but not in Portal content area..
    2) I m able to see few iview for the test user but those are also in detailed navigation view.
       And few ivews are giving following error :
      i)Internal error
    ii)error 2011-12-19 07:59:57:315 ACCESS.ERROR: Authorization check for caller assignment to J2EE security role [sap.com/com.sap.lcr*sld : LcrInstanceWriterNR] referencing J2EE security role [SAP-J2EE-Engine : administrators].
    /System/Security/Audit/J2EE com.sap.engine.services.security.roles.audit n/a EP-DEV-KRT Server 0 0_97989
    Full Message Text
    ACCESS.ERROR: Authorization check for caller assignment to J2EE security role [sap.com/com.sap.lcr*sld : LcrInstanceWriterNR] referencing J2EE security role [SAP-J2EE-Engine : administrators].
    please suggest what can be  done or what is pending from my side.

    Prajakta2602 wrote:
    Hi Experts,
    >
    > the previous issue got solved..
    > it was due to servies pack miss match and applying notes
    > the Basis guy  checked the SLD logs and accordingly found that the base components J2EECORE and JTECHS required paching as per
    > notes 1445294 and 1175239 were applied.
    > now the issue is:
    >
    >
    >  After implemetation and  i assigning the standerd sap roles
    > 1)Recruiter Administrator
    > 2)Recruiter
    > to the test user .
    > but for few iview it is showing error as in
    > 1) you are not a authorized user
    > 2) internal error
    >
    > please help experts.
    >
    >  i m working on portal side have i to assign any role to that test user..
    >
    >
    > Thnaks & Regards,
    > Prajakta
    You can run a quick check using the below steps:
    1. Check in backend whether there is any authorisation errors... you may use transactions SU53 or ST22 for any ABAP errors
    2. Also check in NWA -> log viewer -> last 24 hours log for the particular user to see any java related issues.
    Regards,
    Mahesh

  • Difference between profile and role

    Can any explain me the difference between profile and role.
    I was given a user Id on ABAP stack of XI.
    My profile: SAP_ALL
    I was not assigned any roles.
    I am not sure if I need different roles or this profile
    would serve the purpose.
    -Naveen.

    Hi Naveen,
    Adding to Gus points a few more inputs.
    Profiles were the menas of assiging authorizations to users until 4.0 Versions.
    Later to the same it was upgraded to the concept of Roles. The crux always remains the same.
    Be it a profile or a role, it contains the Auth Object and the respective values.
    But in present scenario, you can get confused by the profiles that are assignable to Users.
    IN short the following points can be helpful.
    1. The profiles like SAP_ALL;SAP_NEW,S_SPO_ALL etc are standard Profiles delivered by SAP which when assigned to a user in his profile in SU01 would get all the related authorizations.
    ( You must be lucky to have SAP_ALL assigned to ur ID by ur basis guy)
    2. A role is created by assigning a few transactions to this role and when this role is generated, it generates a PROFILE. But this profile is a system generated one and cannot be ever assigned to any user. These profiles can be sorted out as they have the standard naming like T-XXXXXXXX where they are the numbers and it can never be assigned to any user.
    3. Note prior to 4.0 its all Profiles that are assigned to users and later to the same came the concept of Roles and hence this change.
    Hope the answer is helpful in making u undersand a few inputs form my side.
    FYI:
    Method to create a role can be checked out from the link below.
    http://help.sap.com/saphelp_bw21c/helpdata/en/52/6714b6439b11d1896f0000e8322d00/frameset.htm
    Br,
    Sri
    Award points if answer is helpful.

  • Oracle Profile and Role scripts

    RDBMS :Oracle 10.2
    Hi,
    I have several Profile and Roles on my server.
    Can I extract sql to create those Profile and Roles ?
    e.g. I have role datareader, I want to extract its creation script and it include all the privileges assigned to that role
    thanks

    try
    SELECT dbms_metadata.get_ddl('ROLE', 'datareader') FROM dba_roles;
    SELECT dbms_metadata.get_granted_ddl('ROLE_GRANT', 'datareader) FROM dual;
    SELECT dbms_metadata.get_granted_ddl('SYSTEM_GRANT','datareader') FROM dual;
    SELECT dbms_metadata.get_granted_ddl('OBJECT_GRANT','datareader') FROM dual;
    datareader should be in CAPS

  • Error assigning users to application Role in Obiee 11.1.1.7.0

    Hello
    I installed Obiee 11.1.1.7.0 both on Windows and Linux platform and after that, I successfully set Active Directory integration. I have a problem assigning users to Application Role in EM. When I'm trying to search a user on Display name, the Principal userName returned is blank and the error is : Java Null Pointer Exception
    After that I install a fresh copy of 11.1.6.0. After AD Integration, I was able to assign users to Application Role. I made 11.1.1.7.0 upgrade and same error has come. I think this is a bug because same AD settings on 11.1.1.6.0 works.
    The error:
    ava.lang.NullPointerException
    #{viewScope.emas_pagemodel_security_EditAppRole.searchPrincipal}: java.lang.NullPointerException
         Hide Additional Trace Information
    javax.faces.FacesException: #{viewScope.emas_pagemodel_security_EditAppRole.searchPrincipal}: java.lang.NullPointerException at com.sun.faces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:118) at org.apache.myfaces.trinidad.component.UIXCommand.broadcast(UIXCommand.java:190) at oracle.adf.view.rich.component.fragment.ContextSwitchingComponent$1.run(ContextSwitchingComponent.java:92) at oracle.adf.view.rich.component.fragment.ContextSwitchingComponent._processPhase(ContextSwitchingComponent.java:361) at oracle.adf.view.rich.component.fragment.ContextSwitchingComponent.broadcast(ContextSwitchingComponent.java:96) at oracle.adf.view.rich.component.fragment.UIXInclude.broadcast(UIXInclude.java:103) at oracle.adf.view.rich.component.fragment.ContextSwitchingComponent$1.run(ContextSwitchingComponent.java:92) at oracle.adf.view.rich.component.fragment.ContextSwitchingComponent._processPhase(ContextSwitchingComponent.java:361) at oracle.adf.view.rich.component.fragment.ContextSwitchingComponent.broadcast(ContextSwitchingComponent.java:96) at oracle.adf.view.rich.component.fragment.UIXInclude.broadcast(UIXInclude.java:97) at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl.broadcastEvents(LifecycleImpl.java:1086) at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl._executePhase(LifecycleImpl.java:434) at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:207) at javax.faces.webapp.FacesServlet.service(FacesServlet.java:265) at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227) at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125) at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300) at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56) at oracle.sysman.emSDK.license.LicenseFilter.doFilter(LicenseFilter.java:101) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56) at oracle.adf.model.servlet.ADFBindingFilter.doFilter(ADFBindingFilter.java:205) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56) at oracle.adfinternal.view.faces.webapp.rich.RegistrationFilter.doFilter(RegistrationFilter.java:128) at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:446) at oracle.adfinternal.view.faces.activedata.AdsFilter.doFilter(AdsFilter.java:60) at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:446) at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl._doFilterImpl(TrinidadFilterImpl.java:271) at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl.doFilter(TrinidadFilterImpl.java:177) at org.apache.myfaces.trinidad.webapp.TrinidadFilter.doFilter(TrinidadFilter.java:92) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56) at oracle.help.web.rich.OHWFilter.doFilter(Unknown Source) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56) at oracle.sysman.emas.fwk.MASConnectionFilter.doFilter(MASConnectionFilter.java:41) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56) at oracle.adf.library.webapp.LibraryFilter.doFilter(LibraryFilter.java:180) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56) at oracle.sysman.eml.app.AuditServletFilter.doFilter(AuditServletFilter.java:179) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56) at oracle.sysman.eml.app.EMRepLoginFilter.doFilter(EMRepLoginFilter.java:203) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56) at oracle.sysman.core.model.targetauth.EMLangPrefFilter.doFilter(EMLangPrefFilter.java:158) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56) at oracle.sysman.core.app.perf.PerfFilter.doFilter(PerfFilter.java:141) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56) at oracle.sysman.eml.app.ContextInitFilter.doFilter(ContextInitFilter.java:542) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56) at oracle.security.jps.ee.http.JpsAbsFilter$1.run(JpsAbsFilter.java:119) at java.security.AccessController.doPrivileged(Native Method) at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:324) at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUtil.java:460) at oracle.security.jps.ee.http.JpsAbsFilter.runJaasMode(JpsAbsFilter.java:103) at oracle.security.jps.ee.http.JpsAbsFilter.doFilter(JpsAbsFilter.java:171) at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:71) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56) at oracle.dms.servlet.DMSServletFilter.doFilter(DMSServletFilter.java:163) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56) at weblogic.servlet.internal.RequestEventsFilter.doFilter(RequestEventsFilter.java:27) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56) at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.wrapRun(WebAppServletContext.java:3715) at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3681) at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321) at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120) at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2277) at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2183) at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1454) at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209) at weblogic.work.ExecuteThread.run(ExecuteThread.java:178) Caused by: javax.faces.el.EvaluationException: java.lang.NullPointerException at org.apache.myfaces.trinidad.component.MethodExpressionMethodBinding.invoke(MethodExpressionMethodBinding.java:51) at com.sun.faces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:102) ... 67 more Caused by: java.lang.NullPointerException at oracle.sysman.emas.model.security.DialogAdminBean$1.compare(DialogAdminBean.java:567) at java.util.Arrays.mergeSort(Arrays.java:1270) at java.util.Arrays.mergeSort(Arrays.java:1281) at java.util.Arrays.sort(Arrays.java:1210) at java.util.Collections.sort(Collections.java:157) at oracle.sysman.emas.model.security.DialogAdminBean.fetchPrincipals(DialogAdminBean.java:563) at oracle.sysman.emas.pagemodel.security.identity.EditAppRolePageModel.searchPrincipal(EditAppRolePageModel.java:496) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at com.sun.el.parser.AstValue.invoke(Unknown Source) at com.sun.el.MethodExpressionImpl.invoke(Unknown Source) at org.apache.myfaces.trinidad.component.MethodExpressionMethodBinding.invoke(MethodExpressionMethodBinding.java:46) ... 68 more
    Any suggestion?
    Thx
    Gabriel
    Edited by: Gabbriel on Apr 23, 2013 10:46 PM

    We received from Oracle a work-around of this problem.
    It seems to be related to the virtualize flag set to true. I f you set it to false the problem disappear (it works for me).
    (rif. http://docs.oracle.com/cd/E28280_01/bi.1111/e10543/privileges.htm#BABDCJBH)
    There's an open BUG on this problem: Bug 16808088 - 11G JAVA.LANG.NULLPOINTEREXCEPTION ADDING USER TO ROLE AFTER UPGRADE TO 11.1.1.7.
    Hope this works.
    S.

  • How to assign status profile to components in service order

    Hi,
    For my business requirement, I want to assign status to individual components planned in the service order. Even though there is a status button on the component tab, there is no config where I can assign the status profile. We can only assign status profile to the order header and the operations and not to components level.
    As SAP has provided the status button in the component tab, I am hoping that there is a way to assign the status to the parts planned.
    Your help is much appreciated.
    Regards,
    Ram.

    hi all,
    It will be helpful if you give any useful tips on maintaining status for the component level in the service order.
    regards,
    ram.

  • How to assign status profile to Business partner

    Hi Gurus,
    in sap crm 7.0 web ui
    i want to restrict particular user group to only" see" accounts it means only  "display"  view this we can achieve through status profile but how it is configured i don't know...can somebody help me understand it.
    Thanks,
    Gaurav
    Edited by: wwgauravshah on Nov 4, 2011 2:21 PM

    hi PP,
    in sap crm7.0 web ui
    1.i have a requirement that once the account is created manually one at a time and while saving bp, a  "opportunity"/lead transaction should get created automatically, this we can achieve with the help of action workflow ...can some body tell me how to configure it...exactly where we can assign action profile to BP.
    2. once sales manager makes any changes to BP master, change update should trigger action workflow to inform all employee responsible automatically about changes.
    please help me it's critical....
    Thanks,
    Gaurav

  • How to assign status profile to marketing campaign ?

    Dear Friends,
    I am working on Marketing Campaign (SAP CRM 4.0) : I want to customize a new status profile for campaign. I create a new one and I don't know where I assign it to camapign : I searched in SDN and I found a message : "to assign status profile, you have to do when you customize campaign type : Marketing -> Marketing Planning and Campaign Management -> Basic Data -> Define Campaign Types/Objectives/Tactics : in this customizing point, when you define campaign type, here is a status profile field".
    The problem is I did not find any "status profile" field in this customizing point.
    Thanks in advance for your help.

    Hi,
    Pls follow below said path to create User Status profile
    CRM--> Marketing > Marketing Planning and Campaign Management> General Setting --> Change Status Profile for User Status
    Once you create Status profile you can see the same in the profile field of Campaign. You will have to assign this profile in the campaign then you can see the statusses in Change Status field,. But these stausses can not over write the system statusses.
    Hope this will help..
    Rgds
    Mallikarjun

Maybe you are looking for