Automating Portal Role Assignment

Similar Messages

• Can portal role assignment be transported to another portal?

  Hi, Gurus:
  i need to transport portent, role, uses, etc from one portal (EP6 on NW04 )to another (EP7 on NW04s).
  can you tell me that if portal role assignment can also be transported?
  same question to ume role.
  very confused at this area.
  hope i can get your advice
  Thank you
  Br,
  Nikko

  Strictly speaking the user/group/role assignment is not part of the normal transport process in that it will not make those mappings when you transport the content to the next system in your architecture.
  However - you can export users / groups which includes the mappings details.  This can be used in your downstream systems.
  Subsequent transports of objects do not "break" existing mappings.
  Haydn

• No Portal Roles assigned issue

  Hi Experts ,
  We had recently integrated CRM with portal , but some users inspite of having the portal roles assigned to their id were getting an Access Denied page (we had customized the "no portal roles assigned " error page ) . Knowing the dependency of portal on IE and browser settings , this issue is sometimes resolved by clearing cache , cookies , and changing a few browser settings etc on IE 6.0 . If this doesn't work then upgrading to IE 7.0 definetly helps . Since this is just a workaround , I would like to know if anyone has experienced such a thing before and has a solution for this . Your inputs will be highly appreciated .
  Regards
  Mayank

  Hi Mayank,
  This is an error which happens when there is No roles assigned to the user. I am not sure how your systems are designed for User Management. Say for example in some cases LDAP is used to maintain Group to User Relationships and Portal Roles are connected to Groups therfore all users in the group is assigned to the Role. In some cases UME is used.
  Having said that you can disable the cache for the browser. You have to compromise with the performance however, this will ensure that everytime the user logs in, the request will always go to the server.
  Regards
  Avik

• Massive portal role assign to users

  Hello, im trying to assign a portal role to almost 5000 users, as extra information, the portal has ABAP UME. How can i achieve this in a more practical way than doing it handly?
  Regards.

  Hi,
  Since UME is ABAP ,map the portal role with backend role in portal and then write some cat scripts in backend to assign the role to massive users
  Thanks
  Bala Duvvuri

• Role Mapping For Portal Role Assignment and ABAP Role Assignment

  Summary:
  - Under the GRC configuration of Roles> Role Mapping we are trying to utilize the  role mapping feature in GRC for associating a dependent role to a main role.
  - We want to use this role mapping feature for the purposes of adding an Enterprise Portal role for every ABAP role that gets approved for the user in an ABAP component system (i.e. ECC, BW, CRM etc). We will have a 1:1 mapping of Enterprise Portal role to ABAP role defined in the role mapping section in GRC.
  - We want to set up the workflow in such a way that the main role (ABAP role) is the only role that needs to be approved. The dependent role (Enterprise Portal role) should be added or not added based on the approval or denial of the main role (ABAP role). In other words if the role owner for the abap role approves the abap role, then both the abap and EP role will be provisioned by GRC and if the role owner rejects/denies the role, then neither the abap or EP role will be provisioned by GRC.
  Problem Description:
  Our Scenarios we tested:
  Scenario 1:
  Main Role:  Attached to Initiator A & workflow A (routes to single approver based on role)
  Dependent Role:  Attached to Initiator B & workflow B (routes to auto approval or no approval)
  *Problem with the Scenario 1setup above, the dependent role will always get approved & provisioned regardless of the approval or denial of the main role. 
  Scenario 2:
  Main Role:  Attached to Initiator A & workflow A (routes to single approver based on role)
  Dependent Role:  Attached to Initiator A & workflow A(routes to single approver (same as main approver) based on role)
  *Problem with the Scenario 2 setup above, the dependent role will always also need to get approved by the same approver as main role and it opens the possibility that the approver may accidently approve the main role and deny the dependent role, which is not the ideal setup as we inherit the risk of human error.
  Questions:
  1. Does the dependent role need to be defined in an initiator at all since it will never directly be requested directly?
  2.  If the dependent role does need to be in the initiator file, please describe how to properly setup the initiator and workflow stage & path so that we can maintain the desired relationship with the main role approval dependency? (if the role owner for the main role approves the main role, then both the main role and dependent role will be provisioned by GRC and if the role owner rejects/denies the main role, then neither the main role or depedent role will be provisioned by GRC
  Edited by: Rene Griffith on Feb 26, 2010 10:22 PM

  I tested this set up.
  1.  Defined ABAP role as Manin role
  2.  Defined Non-ABAP role as dependednt role
  3. ABAP role  is set up in initiator requiring business approval.
  4.  Non-ABAP role is set up in initiator with no approval required.
  Results Where Business Approver approves the ABAP Role
  1. Only the ABAP role is displayed in approver view which is desirable.
  2.  ABAP role is approved and Non-ABAP role and ABAP role is provisioned.
  Results Where Business Approver rejects the ABAP Role
  1. Only the ABAP role is displayed in approver view which is desirable.
  2.  ABAP role is rejected but  Non-ABAP role is provisioned which is not what we want.  We want the Non-ABAP role not to provision if the ABAP role is rejected by the business approval.
  Thanks again for your help.

• Automation of role assignment

  Is there a way of automating the import of User/Group/Role Data provided under the User Administration tab to bulk assign users to a role? We have explored doing this via the Active Directory route but current contraints have ruled this out for now so I would like to explore the faesability of this option.
  Thanks in advance

  Hello Keith,
  We had a similar requirement and did an EXCEL sheet with the following block of data for about 1000 users. We repeated the same block of data 1000 times but each time with a different userid.
  [User]
  uid=P00006673
  role=pcd:portal_content/myfolder/com.sap.pct.erp.ess.bp_folder/com.sap.pct.erp.ess.roles/Travel_Terms_Conditions
  group=Z_SAP_ESS_CM;
  [User]
  uid=P00042346
  role=pcd:portal_content/myfolder/com.sap.pct.erp.ess.bp_folder/com.sap.pct.erp.ess.roles/Travel_Terms_Conditions
  group=Z_SAP_ESS_CM;
  [User]
  uid=P00040063
  role=pcd:portal_content/myfolder/com.sap.pct.erp.ess.bp_folder/com.sap.pct.erp.ess.roles/Travel_Terms_Conditions
  group=Z_SAP_ESS_CM;
  [User]
  uid=P00006655
  role=pcd:portal_content/myfolder/com.sap.pct.erp.ess.bp_folder/com.sap.pct.erp.ess.roles/Travel_Terms_Conditions
  group=Z_SAP_ESS_CM;
  ..............etc
  1000 blocks.
  We did use some code in Excel to do this 1000 blocks automatically. Let me know if this is your requirement.
  Regards,
  Gopal.

• Portal role assignment

  We are facing problem of Roles getting automatically de-assigned to users in EP. We would like to know the following:
  1)       If this is a known issue with EP 6.0?
  2)       If yes how to correct it.?
  3)       How to find when this role got deassigned?

  Hi...
  which Eportal you are using kindly confirm about it.
  if it is EP 6 then atleast SP12 should be install on your system.
  if all this are already there then check system configuration on your EPORTAL
  goto system administration -> system configuration -> UM configuration --> check for Data sources and LDAP server settings.
  in LDAP server settings check for "Unique Attribute for UME Unique ID" the value should be the samaccount.
  Note : after using this setting all user will loss there roles assigment. so please confirm with your IT head team before doing this.

• Customizing Message "No portal roles are assigned for this user"?

  Hello,
  we would like to give the user some hint on who to speek with in case he has no portal roles assigned.
  So we would like to customize the messaage "No portal roles are assigned for this user" to some customer spezific text or to redirekt to a customer specific iView.
  I would appreciate any kind of hints.
  Best regards,
  Lutz Rottmann

  Hi,
  Check these threads.
  Customizing message "No portal roles are assigned for this user"
  No portal roles are assigned for this user
  Regards,
  Harini S

• Cusomize message "No portal roles are assigned for this user"?

  Hello,
  we would like to give the user some hint on who to speek with in case he has no portal roles assigned.
  So we would like to customize the messaage "No portal roles are assigned for this user" to some customer specific text or to redirect to a customer specific iView.
  I would appreciate any kind of hints.
  Best regards,
  Lutz Rottmann

  Hi,
  Check this thread.
  Customizing message "No portal roles are assigned for this user"
  No portal roles are assigned for this user
  Regards,
  Harini S

• Is there a way to automatically map CRM Roles to Portal Roles

  <b>Scenario:</b>
  When a new user registers on our portal he is assigned a CRM Role, however, he still needs to be assigned a Portal Role. Since we will have many users registering through our portal we do not want to assign roles to users manually. We want this to be an automated process, which requires almost no administration after the initial configuration.
  <b>Solution we are looking for:</b>
  Ideally we would like to do some configuration on the Portal side that would some how pull roles from CRM user store and map them on to appropriate Portal roles. In our case the reverse would also be ok as well, i.e. we do some configuration on the CRM side that would push the appropriate role to the Portal and do the Portal Role assignment.
  Does anyone know how to do this? I am very new to portals so a detailed explanation would be very helpful.
  Thanks for all the help!
  Muhammad Osman Yousuf

  No, the portal role will not be the same for the same CRM Role.
  So for example...
  On the CRM side we have CRM_ROLE_A, CRM_ROLE_B, and CRM_ROLE_C and on the Portal sider we have PORTAL_ROLE_A and PORTAL_ROLE_B.
  All mappings given are possible...
  CRM_ROLE_A = PORTAL_ROLE_A
  CRM_ROLE_B = PORTAL_ROLE_A and PORTAL_ROLE_B
  CRM_ROLE_C = PORTAL_ROLE_B
  The solution you mentioned, will it work with the above mappings?
  Thanks for all the help!
  Muhammad Osman Yousuf

• How to remove default "Home" portal role from every portal user

  Hi
  My Portal system is configured on our BW UME.
  When ever I create a Used ID in BW,A portal account is created for the same user id.
  With out any portal roles (navigational) assigned to the user.
  Ex:
  Lets say I created a user u201CTesteru201D in BW and assigned him the relevant BW Roles (ABAP).
  When I logon to Portal using u201CTesteru201D, I can see a TAB u201Chomeu201D under which worksets Company,Work,Teams,Documents and Portal Information
  I checked the user account in Portal for tester there are no portal roles assigned to himu2026u2026.
  My requirement is not to display Home (tab)u2026.how can is that Home is assigned to all portal users and how can I remove it so that the users will be displayed with only navigational role that I assigned.
  Thanks

  Hi,
  In User Admin of Portal  search for eu_role and see check assigned users and assigned groups tab and see if this is added to the users or group.
  If you find it assigned to any users or any group delete the assignment and it should be gone.
  Hope this helps.
  Cheers-
  Pramod

• No portal roles are assigned for this user.If this problem persists, contac

  I am trying to access portal first time using j2ee_admin user. It is saying "No portal roles are assigned for this user.If this problem persists, contact your system administrator."
  iam using abap+java enginee how config in abap enginne ,iwant which role to assign  j2ee_admin  user
  i already asiigned sap_j2ee_admin,SAP_BC_JSF_COMMUNICATION,SAP_BC_JSF_COMMUNICATION_RO   but it show same problem
  please help me..
  Edited by: Mugala Balu on Aug 7, 2010 5:53 PM
  Edited by: Mugala Balu on Aug 8, 2010 7:48 AM

  Balu,
  Well this issue has been discussed many a times in forums. You would have to point your data source to ABAP system.
  Check this thread in [here|J2EE Failed to start  , after changing UME datasource;.
  Good Luck!
  Sandeep Tudumu

• Assigning Portal Roles

  Hi All,
  We have installed EP 7.0. The problem we are facing is : The "Portal Content" folder is not displayed under the "Browse Category" of content administration & system administration.
  Why is it so? Do we need to add some other portal Roles to the user? If so.., which role we should add?
  Also we are trying to add the portal role ID
  " com.sap.pct.pdk.JavaDeveloper". But when we search for this role , we could not found this role. Whether the role has been renamed?
  Kindly provide your suggestion on the above queries.
  Regards,
  Eben.

  Hi,
  Re: How to create and assign role
  Portal:How to assign a Folder to a Role in Protal
  I hope the above links will help you,
  Regards,
  Harish

• Weird problem with role assignment in Portal

  Hi,
  In our newly installed Portal for eRecruitment Production System we encounter a weird problem with assigning roles to users.
  When I open User Administration and search for roles, it displays the Portal roles perfectly.
  However, when I search for a user in User Administration and click on it when found, I am unable to find any roles to assign! So I am unable to find any roles, when I want to modify the assigned roles for a particular user, while the roles do exist and can be found on its own. How is this possible? Am I missing something here?
  We have installed SPS 15 and use ABAP as user store. We have used reverse proxy and web dispatchers in this case.
  Thanks in advance and best regards,
  Jan Laros

  Found some entries in the default trace from this morning:
  #1.#005056A15F78006A000004F400006D310004520B11DB3CE8#1216107404407#com.sap.security.core.jmx.impl.CompanyPrincipalFactory#sap.com/tc~wd~dispwda#com.sap.security.core.jmx.impl.CompanyPrincipalFactory.static Set evaluateDatasourcesToSearchFor(String[] requestDatasourceIds,     String privateType, Locale locale)#JALAROS#58762##nun.efteling.nl_POP_9750151#JALAROS#581700b0524011ddc029005056a15f78#SAPEngine_Application_Thread[impl:3]_36##0#0#Error##Java###Error while connecting to remote producer {0}
  [EXCEPTION]
  {1}#2#PRODUCER_0KTHQ3YTJV#com.sap.security.core.persistence.remote.CommunicationException: Cannot display remote roles of selected producer. The producer has removed your consumer instance from their portal.
          at com.sap.portal.ivs.global.roles.RemoteProducerAccessImpl.sendToRemote(RemoteProducerAccessImpl.java:497)
          at com.sap.portal.ivs.global.roles.RemoteProducerAccessImpl.checkConnectivity(RemoteProducerAccessImpl.java:220)
          at com.sap.security.core.jmx.impl.CompanyPrincipalFactory.evaluateDatasourcesToSearchFor(CompanyPrincipalFactory.java:656)
          at com.sap.security.core.jmx.impl.CompanyPrincipalFactory.simplePrincipalSearchByDatasources(CompanyPrincipalFactory.java:3172)
          at com.sap.security.core.jmx.impl.JmxSearchHelper.getSimpleEntitySearchResult(JmxSearchHelper.java:74)
          at com.sap.security.core.jmx.impl.JmxSearchHelper.calculateSimpleEntityTable(JmxSearchHelper.java:1182)
          at com.sap.security.core.jmx.impl.JmxServer.calculateSimpleEntityTableByDatasources(JmxServer.java:1061)
          at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
          at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:85)
          at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:58)
          at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:60)
          at java.lang.reflect.Method.invoke(Method.java:391)
          at com.sap.pj.jmx.introspect.DefaultMBeanInvoker.invoke(DefaultMBeanInvoker.java:58)
          at javax.management.StandardMBean.invoke(StandardMBean.java:286)
          at com.sap.pj.jmx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:944)
          at com.sap.pj.jmx.server.interceptor.MBeanServerWrapperInterceptor.invoke(MBeanServerWrapperInterceptor.java:288)
          at com.sap.engine.services.jmx.CompletionInterceptor.invoke(CompletionInterceptor.java:409)
          at com.sap.pj.jmx.server.interceptor.BasicMBeanServerInterceptor.invoke(BasicMBeanServerInterceptor.java:277)
          at com.sap.jmx.provider.ProviderInterceptor.invoke(ProviderInterceptor.java:258)
          at com.sap.engine.services.jmx.RedirectInterceptor.invoke(RedirectInterceptor.java:340)
          at com.sap.pj.jmx.server.interceptor.MBeanServerInterceptorChain.invoke(MBeanServerInterceptorChain.java:330)
          at com.sap.engine.services.jmx.MBeanServerSecurityWrapper.invoke(MBeanServerSecurityWrapper.java:287)
          at com.sap.engine.services.jmx.ClusterInterceptor.invoke(ClusterInterceptor.java:776)
          at com.sap.pj.jmx.server.interceptor.MBeanServerInterceptorChain.invoke(MBeanServerInterceptorChain.java:330)
          at com.sap.security.core.jmx._gen.IJmxServer$Impl.calculateSimpleEntityTableByDatasources(IJmxServer.java:717)
          at com.sap.security.core.wd.jmxmodel.JmxModelCompInterface.calculateSimpleEntityTable(JmxModelCompInterface.java:396)
          at com.sap.security.core.wd.jmxmodel.wdp.InternalJmxModelCompInterface.calculateSimpleEntityTable(InternalJmxModelCompInterface.java:443)
          at com.sap.security.core.wd.jmxmodel.wdp.InternalJmxModelCompInterface$External.calculateSimpleEntityTable(InternalJmxModelCompInterface.java:746)
          at com.sap.security.core.wd.umeuifactory.UmeUiFactoryCompInterface.getSimpleEntityTable(UmeUiFactoryCompInterface.java:471)
          at com.sap.security.core.wd.umeuifactory.wdp.InternalUmeUiFactoryCompInterface.getSimpleEntityTable(InternalUmeUiFactoryCompInterface.java:517)
          at com.sap.security.core.wd.umeuifactory.wdp.InternalUmeUiFactoryCompInterface$External.getSimpleEntityTable(InternalUmeUiFactoryCompInterface.java:894)
          at com.sap.security.core.wd.relaterole.RelateRoleComp.searchNewRoles(RelateRoleComp.java:259)
          at com.sap.security.core.wd.relaterole.wdp.InternalRelateRoleComp.searchNewRoles(InternalRelateRoleComp.java:282)
          at com.sap.security.core.wd.relaterole.AssignParentRolesView.onActionSearchNewRoles(AssignParentRolesView.java:215)
          at com.sap.security.core.wd.relaterole.wdp.InternalAssignParentRolesView.wdInvokeEventHandler(InternalAssignParentRolesView.java:261)
          at com.sap.tc.webdynpro.progmodel.generation.DelegatingView.invokeEventHandler(DelegatingView.java:87)
          at com.sap.tc.webdynpro.progmodel.controller.Action.fire(Action.java:67)
          at com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.doHandleActionEvent(WindowPhaseModel.java:420)
          at com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.processRequest(WindowPhaseModel.java:132)
          at com.sap.tc.webdynpro.clientserver.window.WebDynproWindow.processRequest(WebDynproWindow.java:335)
          at com.sap.tc.webdynpro.clientserver.cal.AbstractClient.executeTasks(AbstractClient.java:143)
          at com.sap.tc.webdynpro.clientserver.session.ApplicationSession.doProcessing(ApplicationSession.java:313)
          at com.sap.tc.webdynpro.clientserver.session.ClientSession.doApplicationProcessingPortal(ClientSession.java:733)
          at com.sap.tc.webdynpro.clientserver.session.ClientSession.doApplicationProcessing(ClientSession.java:668)
          at com.sap.tc.webdynpro.clientserver.session.ClientSession.doProcessing(ClientSession.java:250)
          at com.sap.tc.webdynpro.clientserver.session.RequestManager.doProcessing(RequestManager.java:149)
          at com.sap.tc.webdynpro.clientserver.session.core.ApplicationHandle.doProcessing(ApplicationHandle.java:73)
          at com.sap.tc.webdynpro.portal.pb.impl.AbstractApplicationProxy.sendDataAndProcessActionInternal(AbstractApplicationProxy.java:860)
          at com.sap.tc.webdynpro.portal.pb.impl.localwd.LocalApplicationProxy.sendDataAndProcessAction(LocalApplicationProxy.java:77)
          at com.sap.portal.pb.PageBuilder.updateApplications(PageBuilder.java:1257)
          at com.sap.portal.pb.PageBuilder.SendDataAndProcessAction(PageBuilder.java:325)
          at com.sap.portal.pb.PageBuilder$1.doPhase(PageBuilder.java:826)
          at com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.processPhaseListener(WindowPhaseModel.java:755)
          at com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.doPortalDispatch(WindowPhaseModel.java:717)
          at com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.processRequest(WindowPhaseModel.java:136)
          at com.sap.tc.webdynpro.clientserver.window.WebDynproWindow.processRequest(WebDynproWindow.java:335)
          at com.sap.tc.webdynpro.clientserver.cal.AbstractClient.executeTasks(AbstractClient.java:143)
          at com.sap.tc.webdynpro.clientserver.session.ApplicationSession.doProcessing(ApplicationSession.java:313)
          at com.sap.tc.webdynpro.clientserver.session.ClientSession.doApplicationProcessingStandalone(ClientSession.java:713)
          at com.sap.tc.webdynpro.clientserver.session.ClientSession.doApplicationProcessing(ClientSession.java:666)
          at com.sap.tc.webdynpro.clientserver.session.ClientSession.doProcessing(ClientSession.java:250)
          at com.sap.tc.webdynpro.clientserver.session.RequestManager.doProcessing(RequestManager.java:149)
          at com.sap.tc.webdynpro.serverimpl.defaultimpl.DispatcherServlet.doContent(DispatcherServlet.java:62)
          at com.sap.tc.webdynpro.serverimpl.defaultimpl.DispatcherServlet.doPost(DispatcherServlet.java:53)
          at javax.servlet.http.HttpServlet.service(HttpServlet.java:760)
          at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
          at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
          at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
          at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:387)
          at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:365)
          at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:944)
          at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:266)
          at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
          at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
          at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
          at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
          at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
          at java.security.AccessController.doPrivileged(AccessController.java:180)
          at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:100)
          at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:170)
  #1.#005056A15F780060000004FD00006D310004520C6A35F87C#1216113181849#com.sap.engine.services.security.roles.SecurityRoleReference##com.sap.engine.services.security.roles.SecurityRoleReference#J2EE_GUEST#0####399cb180524e11dd9849005056a15f78#SAPEngine_Application_Thread[impl:3]_37##0#0#Error#1#/System/Security/Audit/J2EE#Java###{0}: Authorization check for caller assignment to J2EE security role [{1} : {2}] referencing J2EE security role [{3} : {4}].#5#ACCESS.ERROR#service.naming#jndi_all_operations#SAP-J2EE-Engine#administrators#
  #1.#005056A15F78005C00000C0500006D310004520C6A394185#1216113181992#com.sap.engine.services.jmx.connector.p4.P4ConnectorServerImpl##com.sap.engine.services.jmx.connector.p4.P4ConnectorServerImpl#J2EE_GUEST#0####39aa6d20524e11ddaee2005056a15f78#SAPEngine_Application_Thread[impl:3]_29##0#0#Error#1#/System/Server#Java###Runtime exception occurred while processing external JMX request [ JMX request (java) v1.0 len: 150 |  src: 2 target-node: 9750150 req: getAttribute params-number: 2 params-bytes: 0 |  ]
  [EXCEPTION]
  {0}#1#com.sap.engine.services.jmx.exception.JmxSecurityException: Caller J2EE_GUEST not authorized, only role administrators is allowed to access JMX
          at com.sap.engine.services.jmx.EngineAuthorization.checkMBeanPermission(EngineAuthorization.java:88)
          at com.sap.engine.services.jmx.auth.UmeAuthorization.checkMBeanPermission(UmeAuthorization.java:77)
          at com.sap.engine.services.jmx.JmxServerFrame.checkMBeanPermission(JmxServerFrame.java:98)
          at com.sap.engine.services.jmx.MessageClientSecurityWrapper.checkPermissions(MessageClientSecurityWrapper.java:76)
          at com.sap.engine.services.jmx.MessageClientSecurityWrapper.invokeMbs(MessageClientSecurityWrapper.java:38)
          at com.sap.engine.services.jmx.ClusterInterceptor.invokeMbs(ClusterInterceptor.java:196)
          at com.sap.engine.services.jmx.ClusterInterceptor.getAttribute(ClusterInterceptor.java:512)
          at com.sap.engine.services.jmx.MBeanServerInterceptorInvoker.invokeMbs(MBeanServerInterceptorInvoker.java:84)
          at com.sap.engine.services.jmx.connector.p4.P4ConnectorServerImpl.invokeMbs(P4ConnectorServerImpl.java:61)
          at com.sap.engine.services.jmx.connector.p4.P4ConnectorServerImplp4_Skel.dispatch(P4ConnectorServerImplp4_Skel.java:64)
          at com.sap.engine.services.rmi_p4.DispatchImpl._runInternal(DispatchImpl.java:313)
          at com.sap.engine.services.rmi_p4.DispatchImpl._run(DispatchImpl.java:199)
          at com.sap.engine.services.rmi_p4.server.P4SessionProcessor.request(P4SessionProcessor.java:136)
          at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
          at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
          at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
          at java.security.AccessController.doPrivileged(AccessController.java:180)
          at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:100)
          at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:170)

• Modify the default "No portal roles are assigned..." message iView

  Hi,
  When a user with no roles assigned is trying to access the EP6 SP9 portal, he/she is facing a warning message:
  "No portal roles are assigned for this user.If this problem persists, contact your system administrator."
  accompanied by a 'log off' link.
  Is it somehow possible to change the look and feel and/or behaviour of this message?
  For instance, we would like the message appearance to be more 'friendly' and with a link where they can find further assistance, etc.
  With best regards,
  Robin

  The window for logoff is part of the masterhead. So i think you can modify the masterhead pasr file for that.
  Its location is at...
  usr/sap/<instance>/JC00/J2EE/cluster/server0/apps/sap.com/irj/servlet_jsp/root/web-inf/deployment/pcd.
  In this folder you can find the com.sap.portal.masterhead.par.bak
  this file can be imported to your developer studio and can be editted and uploaded.
  hope this helps
  Cheers
  gEorgE