BP Role and Scenarios (B2B , Web, ... )

Hi ,
Somebody has a list of the "BP Role" and what BP Role Type we have to use for what scenarios ? Also if new "BP Role" are available compare to CRM 4.0 ?
Thank you .

Anyone has information on the BP roles and scenarios ?
Thank you .

Similar Messages

WEB UI account creation with role and grouping

Hi All,
I can create account in SalesPro->Account Management-> Account - New
I don't have an option of selecting BP Role or Grouping for number range...
Should i be using any other WEBUI Role in order to create Account with an option of BP Role and Grouping
Thanks
Amish

Hello there,
The BP Role which will be used and even the number ranges are generally not used for Web UI usage. Instead we provide different configurations of the same Account Creation view based on the Component Usage and three different keys.
The functionality you are looking for can be achieved by creating different configurations.
To create different configurations of the same view in Web UI please search on the below link :
[http://wiki.sdn.sap.com/wiki/display/CRM/CRMWebClientUIFramework|http://wiki.sdn.sap.com/wiki/display/CRM/CRMWebClientUIFramework]
Please reply if this helps.
Best regards,
Vinamra.

Automatic Creation of Roles and Role Mappings in GRC

Hi,
we are planning to use SAP Identity Management and SAP GRC Access Management.
In SAP IDM we have defined several business roles that contain privilieges in SAP systems. When a user is requesting a role, the request will first be sent to SAP GRC for approval and risk checking.
In order to get this to work, we need to load the business roles of SAP IDM into SAP GRC and we also need to configure the role mapping between the business roles and the technical SAP privileges.
From what I understood, this could be implemented by loading the required information via Excel filles into SAP IDM.However, this is a quite cumbersome and error-rpone approach an we would like to automate this.
Is there a way to use e.g. web service calls to create/delete roles and role mappings in SAP GRC?
BTW: is a documentation of all available GRC web service calls and their parameters available?
Thanks for your help in advance!
Best regards
Tom

Hi Tom,
as stated before, the web service description is in the config guide.
Unfortunately there is no web service to create roles or even mappings in CUP - this is one of many I would also like to se created
I don't think in your context you will be able to directly send Business Roles to CUP. The role mapping only happens after you send the request, so I'm not sure if that's in time for risk analysis - you will need to try that.
Are you a customer or a consultant - anyway, feel free to contact me if you need further help integrating CUP and IdM. This is an evolving interface with many possible scenarios, so it's not easy to give you good advise without seeing the full picture.
Frank.

How to create a report of users in ucm about their roles and permission

Hi All ,
I need to create a report and it should contain all the users in ucm as well as their roles and permissions. Basically the report would be for the admin who can see all the users in a single report and can know about the roles and access of each and every users.
How to create such report ?? I have tried from web layuot editor but the default report template i.e stdUserReport in user datasource does not contain more than three fields..Is there any method to get such kind of report???
Please suggest!!

There was an example component to demonstrate this kind of function. Under Stellent in version 7.5
I do not know if they hand it out anymore but it is not on the standard samples page for Oracle. You may want to open a Support SR to ask for it. It should still be around in their servers if they can get permission to hand it out as a sample again.
Sample CustomReports component to demonstrate how to create customized reports
CustomReportsBundle.zip
Date:     October 30, 2006
Sample Version:     version=2006_10_20 (build 1)
Product and Version:     Content Server
Sample Status:     This is a Stellent Sample. Stellent Samples are free and include non-supported add-ons, utilities, tutorials or programming examples. It may require additional configuration or security auditing for maximum effect. It is not supported by Stellent without a consulting engagement.

Invoking a scenario using web service

Hi Experts,
Could anyone pls suggest how to pass variables from SOAP to ODI 11g(11.1.1.6.3)
Here we are using wsdl utility to invoke a scenario using web service and trying to pass a variable like the below
The scenario is triggered successfully without passing a parameter.
But when i try to pass a variable like the below,am getting error
Variables name='PROJECT_CODE'
Variables value='JI-2015'
In ODI 11g, i have generated a scenario with a variable PROJECT_CODE as a declare variable and tried triggering from both the environments
From ODI 11g:
When I try to trigger the scenario from wsdl, in that variable step(in operator), I got error as ODI-17546: Specified variable not found in the Repository
But in the work repository SNP_VAR table I could still see the variable name under VAR_NAME column.
From ODI 10g:
When i try to do the same from odi 10g, the scenario execution is success.
But the variable had taken only NULL value instead of taking the value which i passed from wsdl.
Could you pls advise where am going wrong

variable should be passed in the soap message by adding variables elements. Refer to Note ID [1499852.1]
<Variables>
<Name>Project.Variable1</Name>
<Value>Variable1Value</Value>
</Variables>
<Variables>
<Name>Project.Variable2</Name>
<Value>Variable2Value</Value>
</Variables>
<Variables>
<Name>Project.Variable3</Name>
<Value>Variable3Value</Value>
</Variables>

Interaction of BW Roles and BWA Explorer Security

We secure all our BW users via roles these roles have Analysis
authorizations embedded in them which restrict access to specific
infoproviders and values in these based on authorization relevant
infobjects.
When we try to create a BWA Explorer object in RSDDTPS we are forced to
assign a userid and an analysis authorization directly in
the "Authorizations" tab. Our security group only wants to have too
assign roles to users either via SU01 or CUA.
Configuration
BO 2008 Enterprise Server (connected to BW system)
BW system (Netweaver 7.01 EHP1)
BWA 7.2
1) How can we create BWA Explorer objects on a infoprovider without
directly assigning users in Authorization Tab and how can we make the
system ignore whatever is on this tab and base access to a BWA explorer
object on the roles assigned to the user via SU01/CUA.
2) If a User has roles assigned in BW that give them access to a
specific infoprovider will this automatically also give them access to
a BO Server published BWA explorer object built on that infoprovider.
Related to this do we also need import the same roles and assign to the
user in CMS server with link to BWA Explorer Server or does the user
automatically get access to BWA Explorer as long as BWA Explorer is
published on BO Server.
3) If the user in BW is assigned roles that limit values based on an
authorization relevant object is this restriction enforced in the
values returned in published BWA Explorer for the user. Example
Authorization Relevant object is Profit Ctr and the user has two value
roles one contains access to all profit center that role up to a
hierarchy node limited to the USA and the other contains hierarchy
analysis authorization limiting access to all profit centers rolling up
to hierarchy node representing Europe. When a user access's the BWA
Explorer object which contain profit ctr will the values be limited
only to USA AND Europe Profit centers or will the BW value based
security be ignored.
Please provide advice on above questions and document resources on how
BW role based security interacts with BWA Explorer.

Hi Expert,
I need a solution for same scenario, anyone can give inputs.
Regards,
Ganesh

SharePoint's role and its task assignment

SharePoint's role and its task assignment list below:
*Workflow
*App
*PowerShell
*SharePoint migrering
*Enterprise Content Managment
*Business Intelligence
*social business platform
*SharePoint analyst
*SharePoint Enterprise Search
*Document management
*SharePoint Cloud
*SharePoint BDC (Business Data Catalog)
What more am I missing that is important to add?
Please remember that I'm a newbie in SharePoint 2013.

I understand you have added ECM but I would also add Records Management, Machine Translation Service and Community Sites.
If you want to add features then you should also include Office Web Apps, Cross Browser Support and Responsive Web Design.
Amit

How to pull Roles and Policies from backend using SQL query in OIA

Hello,
I have Roles and Policies defined in OIA with mapping each other and there is no direct extract report from OIA Web console.
Is there any oracle SQL query by which we can get the data and filter the Policies based on the role ?
Note: We have one Role having more than one Polcies defined in OIA.
Appreciate your help.
Thanks

I am quoting this from MOS Doc Id "Why would multiple session records be present in the User Sessions screen in P6 Web, and why might some of them have different IP addresses? (Doc ID 1600172.1)"
Multiple sessions show up for users since different sections of P6 Web have their own sessions associated with them. If a user is authorized to use multiple areas of the software they will have multiple sessions each time they log in. Additionally, if users are closing their browsers before logging out of P6 Web Access you might see some past sessions still appearing in the list. These will eventually be cleared out by background jobs, however you can also reset the sessions in the software by clicking the "Reset User" link (Administer > User Sessions > Manage User Sessions), or by choosing the "Reset All Users" link (Administer > User Sessions > Manage User Sessions) to do this for all past sessions.
Multiple IP addresses for sessions can happen when a user logs in from different machines. For example, a person may login at their desk, but then go to a colleagues workstation to discuss a project, and log in from there. Doing so will leave them with multiple IP addresses in the session records.
Hope this helps
Regards,
Sachin Gupta

Roles and .wars in WebLogic

          I have a .war file whose web.xml file defines a security role of LoggingRole. No
          matter what I do, I cannot successfully login and access the web-app. I am running
          on WebLogic 7.0 on Windows 2000.
          I tried going into the admin console and defining a role named LoggingRole then
          adding the Administrators group to it. Then I make sure there are some users in
          the Administrators group. Everytime I try to use those users to login, it fails.
          If I delete the secuirty constraints from the web-app it works fine. if I install
          the web-app on other servlet engines wit hthe security, it works. Any ideas?
          Here is the relevant snippet of the web.xml:
               <security-constraint>
                    <web-resource-collection>
                         <web-resource-name>System Viewer</web-resource-name>
                         <url-pattern>/menu2</url-pattern>
                    </web-resource-collection>
                    <auth-constraint>
                         <role-name>LoggingRole</role-name>
                    </auth-constraint>
               </security-constraint>
               <security-role>
                    <role-name>LoggingRole</role-name>
               </security-role>
          Thanks,
          brian


          In WL6, normally you should have something like <security-role-assignment>
          <role-name>developer</role-name>
          <principal-name>developer</principal-name>
          <principal-name>customer</principal-name>
          </security-role-assignment>
          in your weblogic.xml. I never try this in WL7 and hope it will work.
          The alternative is, open your weblogic admin console, following the following
          steps: (Left pane) Deployment->Web Applications->YourWebApplication, then (right
          pane)Edit web application descriptors. On the next screen, (Left pane)Web AppExt->Security
          role assignment->.... If you don't have Web AppExt, you should be able to create
          one when you see this screen. After you assign tghe roles, click persistent and
          a new web.xml and a new weblogic.xml will be generated and you can use them for
          future use.
          "Brian Pipa" <[email protected]> wrote:
          >
          >I have a .war file whose web.xml file defines a security role of LoggingRole.
          >No
          >matter what I do, I cannot successfully login and access the web-app.
          >I am running
          >on WebLogic 7.0 on Windows 2000.
          >
          >I tried going into the admin console and defining a role named LoggingRole
          >then
          >adding the Administrators group to it. Then I make sure there are some
          >users in
          >the Administrators group. Everytime I try to use those users to login,
          >it fails.
          >If I delete the secuirty constraints from the web-app it works fine.
          >if I install
          >the web-app on other servlet engines wit hthe security, it works. Any
          >ideas?
          >
          >Here is the relevant snippet of the web.xml:
          >     <security-constraint>
          >          <web-resource-collection>
          >               <web-resource-name>System Viewer</web-resource-name>
          >               <url-pattern>/menu2</url-pattern>
          >          </web-resource-collection>
          >          <auth-constraint>
          >               <role-name>LoggingRole</role-name>
          >          </auth-constraint>
          >     </security-constraint>
          >
          >     <security-role>
          >          <role-name>LoggingRole</role-name>
          >     </security-role>
          >
          >Thanks,
          >brian

Delivery type unchanged in both Transaction & B2B Web shop

Hi Gurus,
My requirement is to change the Delivery type to 'expedited' in the b2b web shop if the gross weight is less than 4 kg. I wrote sample code, without condition, in BADI to see the delivery type change in both transaction and in webshop. It seems there is some issue with the below code I could not find any changes in .both transaction and in webshop. I tried with 'CRM_SHIPPING_CHANGE_OW' also. But no luck. Could anly one please tell the bug in the code?
BADI: CRM_ISA_BASKET_HEAD
Method.CHANGEHEAD_SET_DATA
DATA: LS_SHIPPING      TYPE CRMT_SHIPPING_COM,
        ls_shipping_com TYPE CRMT_SHIPPING_COM,
        lt_input_field_names     TYPE crmt_input_field_names_tab,
        ls_input_field_names     TYPE crmt_input_field_names.
Get the shipping data from ISA layer
loop at IT_SHIPPING INTO LS_SHIPPING.
    MOVE-CORRESPONDING ls_shipping TO ls_shipping_com.
    ls_shipping_com-SHIP_COND = '02'.
fill ct_input_fields
    ls_input_field_names-fieldname = 'SHIP_COND'.
    INSERT ls_input_field_names INTO TABLE lt_input_field_names.
change shipping segment
   CALL FUNCTION 'CRM_SHIPPING_MAINTAIN_OW'
      EXPORTING
        is_shipping_com      = ls_shipping_com
      CHANGING
        ct_input_field_names = lt_input_field_names
      EXCEPTIONS
        error_occurred       = 1
        OTHERS               = 2.
ENDIF.
endloop.
Method.:GETHEAD_GET_DATA
DATA: LS_BASKET_HEAD       TYPE CRMT_ISALES_BASKETHEAD_UI,
        LS_FIELD_CHANGEABLE TYPE CRMT_INPUT_FIELD_NAMES,
        LS_CRMT_SHIPPING_WRK TYPE CRMT_SHIPPING_WRK.
*Get the changed data
CALL FUNCTION 'CRM_SHIPPING_READ_OW'
    EXPORTING
     IV_REF_GUID                = LS_BASKET_HEAD-GUID
     IV_REF_KIND                = 'A'
   IMPORTING
     ES_SHIPPING_WRK            = LS_CRMT_SHIPPING_WRK
   EXCEPTIONS
     ENTRY_DOES_NOT_EXIST       = 1
     OTHERS                     = 2.
IF SY-SUBRC = 0 AND LS_CRMT_SHIPPING_WRK-SHIP_COND IS NOT INITIAL.
    LS_BASKET_HEAD-SHIP_COND = LS_CRMT_SHIPPING_WRK-SHIP_COND.
ENDIF.
Pass back to ISA layer.
READ TABLE CT_FIELD_CHANGEABLE INTO LS_FIELD_CHANGEABLE WITH KEY FIELDNAME = 'SHIP_COND'.
IF SY-SUBRC <> 0.
    LS_FIELD_CHANGEABLE-FIELDNAME = 'SHIP_COND'.
    LS_FIELD_CHANGEABLE-CHANGEABLE = 'X'.
    APPEND LS_FIELD_CHANGEABLE TO CT_FIELD_CHANGEABLE.
ENDIF.

In theory, ZOR orders created from both CRM GUI and B2B should use the same number range only. (internal)
Since the B2B is not creating ZOR type, it is very likely, the shop settings are not effective.
Check if the webshop profile you have set the ZOR is the default webshop that gets used by the B2B. This is done through webshop XCM admin.
Or - are you using Transaction Type Group?
Easwar Ram
http://www.parxlns.com
Edited by: Easwar Ram on Nov 4, 2008 4:13 PM

UME Role and Action

I am developing a recursive tree in a Web Dynpro App. My tree has some nodes and subnodes. Under the subnodes i have documents. Depending to the permission of the users should be decided what can the user do with the documents, for example, create, upate, delete and so on. I need to check the authorization of users. I want to follow the conzept like the Web Dynpro tutorial RentCar APP with Actions und Permissions. If a user logs on, i can get his UME role and group. My question is: if it is possible to list the permissions behind of one specific role, which is assigned to the user or a group.
In short I want to list the permissions and not only check if the user has it or not.
Please help me.
Regards
Hairong Zhao

Hi Sudhir,
thank you very much for your quick answer. But it can't resolve our problem really.If we only use hasPermission() method to check if the user has right, the efford to check user in our case is too great .
I try to describe our problem exactly. In our case, thers is possible that tausend documents can be attached to a node. we can't create a permission for every document. We create for every node a role, but for document we haven't role. If we don't use the conzept with Actions and Permissions, how can we check the permission of the users, have you another idea?
Regards,
Hairong Zhao

So Can I determine the business partners linked to user based on the assigned role and org. structure?

Hello, I am working on a SAP CRM 7 Sales implementation and we are implementing leads and opportunity scenarios. The current business organization model is that there multiple vertical and horizontal departments. This is typical matrix structure. This organization has done the segregation of its clients based on the verticals so every clients belongs to at least one or more Vertical department but Horizontal departments can contact all the clients. In the same way sales executives are also either belonging to one or more Verticals or Horizontal departments? Horizontal sales executive can create leads for any clients available in the system but a Vertical sales executive can only create lead only for the client belongs to his vertical and assigned to him. This can be achieved by creating organization structure and business partner relationship.
Now the problem statement is that few sales executives need work for both some Verticals and Horizontals at the same time. But requirement is that they should be able to do the both roles with single user id but multiple roles. So when sales executive is creating leads his vertical department, he should only be able to select clients assigned to his Vertical only but when he is creating lead for Horizontal department, he should be able to select any clients.
So Can I determine the business partners linked to user based on the assigned role and org. structure?
Please let me know if this is not clear also note we are only using CRM WebUI no SAP ePortal.
Thanks a lot your help in advance.
Regards
Sudesh Sharma

Thanks, Tahir
my problem has solved
Kind Regards,
Faisal

Associate roles and permissions to users that existe on a database

Hi,
i want realise a secure authentification i used ADF Configuration but i found out that i cant bring my users from my database. i can just create new users with roles in Jdeveloper.
do you how we can bring users to Jdeveloper and associate to them roles and permission ?

i found this tutorial that is that what i did :
1. Start up weblogic server (Run .. Start Server Instance)
2. Log on to weblogic console ( http://localhost:7101/console/ )
3. Use default username/password weblogic/weblogic1
4. Create a datasource to connect to the schema where the authenticating database tables are (Services .. JDBC .. Data Sources)
5. Use unique name for datasource. Use JINDI name of jdbc/
6. Enter database name, schema name and password and test
7. Add new Authentication provider (Security Realms .. myrealm .. Providers .. New)
8. Enter datasource name, type SQLAuthenticator click Ok
9. Going back into provider, change control flag to Sufficient
10. Select Provider Specific tab and choose Plaintext passwords, password algorithm SHA-1
11. Shut down weblogic
12. Edit config.xml file in JDEV_DIR/system11.1.1.2.36.55.36/DefaultDomain/config and replace sql authenticator sql statements with those from web blog
13. Restart weblogic.
14. Go to users/groups tab in securty realm and view users and groups imported from database
15. Set control flag for other providers to "Sufficient"
source : http://brent.hmdclinical.com/2010/03/using-database-tables-as-weblogic.html
but the step 12 i dont know what i need to change and with what ?

What are Roles and Role entry points in the context of windows azure?

I am just starting out with my journey towards understanding azure. I have a vague idea about the Web and Worker roles.
So when I am publish-deploying a website on azure from visual studio, am I doing something with respect to roles? Am I starting up a Web role?!
RoleEntryPoint: But this is actually related with the web/worker roles and services. My understanding is that the RoleEntryPoint is some code which is executed when you deploy "services" on the azure cloud. These services either have a web role or
a worker role.
What is "services" in this context? So what traditional (on-premise) app would be analogous to a service that has a web worker role? A WCF service or WebApi? Or can it be a website? So would a service having a worker role be something analogous to
a "windows service"?
And finally RoleEntryPoint. I don't get the use case. From what I've seen,
say you want to initialize some related services that support your main service, for e.g. a cache server, or a sql database, you have have the initialization logic written in these classes and make the code perform them.
There are definitely other ways to do this right? You don't need to necessarily tie the deployment of that main service with the initialization of the other services. They could be separate deployments, right?!
I am a bundle of mistakes intertwined together with good intentions

Hi deostroll,
From you post I understand you've read quite a lot about Azure, but I'm affraid there's still some misunderstanding on what all these terms mean.
Azure is a cloud computing suite of services tiered into three categories: IaaS, PaaS and SaaS. IaaS stands for Infrastructure-as-a-service and is an offering where Microsoft allows you to run your own virtual machines. You will handle everything from software
patching, network connectivity (from the application level: virtual networks etc.), software installition and configuration etc. Basically everything you would do today on your own premise except for whatever concerns hardware (bare-metal). PaaS stands for
Platform-as-a-service, and is a middle offerint, where Microsoft selects some VMs and is responsible for periodically patching this machines. You don't have to care about IIS or whatever existing applications there are on the VM either, because it's Microsoft's
job to do this. Last but not least, SaaS stands for Software-as-a-service, and is the offering where you use a piece of software without even knowing what infrastructure exists behind it: I guess you've used some sort of webmail client before, right? That's
a SaaS.
When it comes to Windows Azure, IaaS is offered as Azure VM, PaaS is offered as Azure Cloud Services (formely known as Azure Hosted Services, should you get across documentation that uses that term instead) and SaaS is offered in the form of: Azure WebSites,
Azure Mobile Services, Azure Media Services and many more.
When you talk about either web roles or worker roles, you actually talk about two forms of roles that exist in the context of an Azure Cloud Service. Basically, when you create a cloud project from Visual Studio, you end up in adding either Web projects
which might (but not necessarily) be linked as a Web Role to your Azure Cloud Service. You may also add, to the same solution, Worker Role projects. As you've probably already guessed, whenever you add a Web role, the web project it references is a web project
in the literal term: ASP.NET Web Project, whether that is WebForms, MVC, MVC WebAPI that's all completely up to you. However, what is a worker role project, you might ask? A worker role project might be though of just as a console application. You basically
get absolutely no UI, but your code runs as long as it runs inside an infinite loop at some point. If the loop stops, just like a console application, your worker role will stop which will force the Azure FabricController to refresh your role. Consider the
FabricController has the guardian of all roles, which will auto-magically 'respawn' your roles whenever something goes wrong, whether that's a software issue in your app, in the OS or a hardware failure.
Moreover, keep in mind that every role in your cloud service project ends up in being created as a separate VM. What this means is that you will have separate VMs for each roles in your cloud service, so even if you create several web projects, you still
get one machine, with one IIS instances with a single web application (yours) for each of your cloud's roles. Same goes for worker roles.
I hope this information clears up some of the questions you might have.
Alex

How can I authenticate and authorize with Web Service on ESB ?

Hello,
I want to authenticate and authorize client with Web Service published
by HTTP/SOAP BC.
Simply if it is an Web Service as J2EE application, I will use
Basic Authentication with JAX-RPC and Realm.
But I think that Web Service published by HTTP/SOAP BC is not belong
to J2EE Application. Threre is no place to describe security role mapping
(like web.xml).
JBI 1.0 the section "5.5.1.1.3 Normalized Message Properties" comments
JAAS Subject is given in the NM Properties. Really in this package
com.sun.jbi.internal.security.*
implements JAAS autentication and authorization (at JaasAuthenticator).
But I can't see how to configure my Service to use this.
How can I authenticate and authorize with Web Service on ESB ?
I referred to the resources.
Mutual Authentication for Web Services: A Live Example
http://developers.sun.com/prodtech/appserver/reference/techart/mutual_auth.html
XML and Web Services Security
http://java.sun.com/j2ee/1.4/docs/tutorial/doc/Security7.html
JAAS Authentication Tutorial
http://java.sun.com/j2se/1.4.2/docs/guide/security/jaas/tutorials/GeneralAcnOnly.html
Thanks,
Takurou
- environment ---------------------------------------------
OpenESB : Project Open ESB Starter Kit
AppServer : Sun Java Systems Application Server 9.0 PE
OS : Windows XP
I don't assume to use SSL (if It's necessary I will try).
User information is stored in a LDAP Server.
-----------------------------------------------------------

Hello,
I read this resource.
SecurityDesign
http://www.glassfishwiki.org/jbiwiki/Wiki.jsp?page=SecurityDesign
Then I think [non-ssl and ssl/tls and so on] securing by basic authentication is ongoing feature at this time.
But I can't see well why this page comments 'HTTP over SSL, TLS'.
HTTP/SOAP Binding Component Overview
http://download.java.net/general/open-esb/docs/jbi-components/httpsoap-bc.html
Does BC support only "SSL server authentication" ?
Doesn't BC support "SSL client authentication" by username/password ?
Thanks,
Takurou

BP Role and Scenarios (B2B , Web, ... )

Similar Messages

Maybe you are looking for