Configure new user role

Hello,
I'm new in town so, please forgive me all misteakes I will make. I try to do my best.
I would like to modyfie a user role in SAP CRM 7.0. My point is, I want to add a button ( assing a user to the respossible employee). In my current role I have only "search". But I want to assing a user to employee, in creating sales order level for example.
At start I know that I should copy standart role and make it "z" (and I did it).I copied sales rule. Than copy the navigation bar profile...(sls-pro) and here problems apper when a choose 'copy all'.
Help me with this, please.
ML

According to your link, I create new user named "A" belong to new group named "Beijing" in the BIEE console, and in the EM I also create new application role named "Beijing" that contains the "Beijing" group, then restart the server. Finally I filter the City column into "Beijing" in Administration-->Appliction roles-->"Beijing"-->Permissions-->Data filter, but when I login into the answer through A user, I see all data in the city column, do not only view "Beijing" data .
If you know the method for solving it, please help me. Thank you!

Similar Messages

  • Adding new Users ,Roles in existing application except jdev

    Dear All,
    I am creating a test application to workaround with adf security, I created some users, enterprise roles and application roles, gave proper mapping to the adf resources(jsf and taskflows), and every thing is working fine. I am doing all this thing in integrated wls server. But suppose if the user wants to create some new users, roles then how will he do this things ?
    I accessed the integrated wls console but got no hints in deployments section-> application->security tab.
    Is there any other way..?
    Regards,
    Santosh
    Jdeveloper 11.1.1.1.2.0

    Hi,
    there is no unified API in ADF Security to manage identities. If you work with the WLS integrated LDAP then you can use OPSS (see Fusion Middleware documentation) and access the JPS factory and provider. If you identities are stored in other system (RDBMS, OID etc.) then you use APIs exposed by these technologies (You may also want to check with Oracle Identity Management to see if there are APIs they expose for this). Because ADF Security does not provide its own identity store, changing users and roles is not in the domain of it (I should say "not yet" as it is on my wish list)
    Frank

  • How can I add a user Role member that is from a different domain

    We are currently building out SCOM 2012 R2 to provide monitoring as a service to some of our customers.  As of now we have the RMS on our own department's domain (Domain A) which we have full control of and we have a gateway server that is on the company
    wide domain (Domain B) so that we can monitor other departments devices as the leverage this system.
    Monitoring is working just fine on both domains and we are just working on fine tuning SCOM so that we can roll it out as a service we offer to our customers.  One of the next steps we are working on before rolling it out is giving specific users access
    to view only their own devices, dashboards, and groups.  So I created a Read-Only profile and went to add a user to test it out, but that user is on Domain B and SCOM is unable to resolve this account.  I'm seeing Event ID 26319 with Error Code 1332.
    How can I get SCOM to discover devices on a different domain so that I can give them different permissions for accessing the Operations Console and/or Web Console?  Is this possible?
    Here is the Error I'm seeing.
    Log Name:      Operations Manager
    Source:        OpsMgr SDK Service
    Date:          2/4/2015 1:11:59 PM
    Event ID:      26319
    Task Category: None
    Level:         Error
    Keywords:      Classic
    User:          N/A
    Computer:      xxxxx.xxxx.xxxxxxxx.xxx
    Description:
    An exception was thrown while processing UpsertUserRolesV2 for session ID uuid:f3b4015e-9583-4237-b7a6-406826434553;id=40.
     Exception message: The creator of this fault did not specify a Reason.
     Full Exception: System.ServiceModel.FaultException`1[Microsoft.EnterpriseManagement.Common.UserRoleUserUnresolvedException]: The creator of this fault did not specify a Reason. (Fault Detail is equal to Microsoft.EnterpriseManagement.Common.UserRoleUserUnresolvedException:
    Unable to resolve the user [email protected] associated with the user role. Error code 1332. Check your active directory configuration.).
    Event Xml:
    <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
      <System>
        <Provider Name="OpsMgr SDK Service" />
        <EventID Qualifiers="49152">26319</EventID>
        <Level>2</Level>
        <Task>0</Task>
        <Keywords>0x80000000000000</Keywords>
        <TimeCreated SystemTime="2015-02-04T21:11:59.000000000Z" />
        <EventRecordID>172748</EventRecordID>
        <Channel>Operations Manager</Channel>
        <Computer>xxxxx.xxxx.xxxxxxxx.xxx</Computer>
        <Security />
      </System>
      <EventData>
        <Data>UpsertUserRolesV2</Data>
        <Data>uuid:f3b4015e-9583-4237-b7a6-406826434553;id=40</Data>
        <Data>The creator of this fault did not specify a Reason.</Data>
        <Data>System.ServiceModel.FaultException`1[Microsoft.EnterpriseManagement.Common.UserRoleUserUnresolvedException]: The creator of this fault did not specify a Reason. (Fault Detail is equal to Microsoft.EnterpriseManagement.Common.UserRoleUserUnresolvedException:
    Unable to resolve the user [email protected]  associated with the user role. Error code 1332. Check your active directory configuration.).</Data>
      </EventData>
    </Event>
    Thanks for any help I can get in resolving this issue.
    Jake

    The SCOM Management Server is in Domain A.  I've tried it already and it has failed.  
    So just to clarify the method I used was to go to Administration>Security>User Roles.  Then New User Role>Read-Only Operator.  In the Create User Role Wizard I then gave the User Role a name, Clicked "Add" under User Role Members.
     Then the Select Users or Groups window pops up and I changed the Locations from Domain A to Domain B and searched for the user, which it's able to find, then clicked "OK" to add it to the User Role members which it does just fine.  On
    the next page which is Group Scope I checked the one group I want this account to have access to and then click next.  This brings me to Dashboards and Views where I click the radio button for "Only the dashboards and views selected in each tab are
    approved" and chose the folder of dashboards I want this account to access and then click next.  This brings me to the Summary and I click "Create".  At this point it thinks for a moment then closes out the wizard but the new Read-Only
    Operator does not appear.  I then look in Event Viewer and see the Event I pasted above.
    Am I doing something wrong here?  Any guidance on how to get around this issue would be much appreciated.
    Thanks,
    Jake

  • VL10 batch doesn't allow user role maintenance

    A batch job to create deliveries is desired.
    A user role was created using VL10CUA (copied from 5001).
    Access VL10G to create a variant, but the User Role tab is completely display only.
    According to OSS note 310022, step 2 indicates that user role can be maintained for background processing.
    Currently using ECC 5.0. Why is the user role tab display only? What changes are necessary to create a variant using the new user role?
    I also looked at the screen painter and the fields were "Possible" so that doesn't answer why they are display only when using VL10G.
    Regards,
    Bela

    In VL10CUA, create a new user role from 5001 and click on Chg. Attributes and change F code to 5001.
    Then assign the user role in VL10CUV to VL10 Scenario.
    This will default the user role in VL10. Save the variant and then run VL10BATCH for the variant.

  • I just updated my MacBook pro early 2011 model to OSX 10.9 and was forced to create a new user(administrator) and ended up with a different configuration. If I login with my original user name everything is back. How can I get rid of the other user name?

    I have two user names with Administrator privelages and my MacBook keeps booting up to the wrong one and I have the wrong configuration since I updated to OSX 10.9. I would like to get back to my original User name which I used to boot up to. When I go to the User Groups and Preferences it doesn't allow me to delete the un-wanted user.
    Does anybody have any suggestions how I can fix this? I can't seem to recover Time Capsule back-ups prior to the OSX upgrade even though I have been faithfully backing up to a Time Machine.
    Help please.

    First of all, open System Preferences > Users &amp; Groups > Login Options, and set your old user account in "Automatic login". By doing this, your computer will always log in with your old account.
    Then, log in your old account, where you will be able to delete the new user that OS X Mavericks forced you to create. Other users have reported the same problem

  • Identity Server has not been configured for this new user/group suffix

    Hi all
    I am having a problem trying to configure the Directory Server (5.2) for Messaging Server.
    My configuration is as follows:
    SJES Q12005
    Server 1 - Directory Server 5.2
    Server 1 - Access Manager (formerly Identity Server)
    Server 1 - Web Server 6.1
    I have successfully installed the above and can login to Access Manager.
    I next installed Calendar & Messengar Server on "Server 1". Upon running "comm_dssetup.pl" from /opt/SUNWcomds/sbin, I get the following error:
    "Identity Server has not been configured for this new user/group suffix"
    Copy and paste of what I entered:
    bash-2.05# perl comm_dssetup.pl
    Welcome to the Directory Server preparation tool for
    Sun Java(tm) System communication services.
    (Version 6.3 Revision 1.0)
    This tool prepares your directory server for use by the
    communications services which include Messaging, Calendar and their components.
    The logfile is /var/tmp/dssetup_20050830165940.log.
    Do you want to continue [y]:
    Please enter the full path to the directory where the Sun ONE
    Directory Server was installed.
    Directory server root [var/opt/mps/serverroot] : /opt/mps/serverroot
    Please select a directory server instance from the following list:
    [1] slapd-sunldap
    Which instance do you want [1]:
    Please enter the directory manager DN [cn=Directory Manager]: cn=DirMan
    Password:
    Detected DS version 5.2
    Will this directory server be used for users/groups [Yes]:
    Please enter the Users/Groups base suffix [dc=samplecompany-dev,dc=co,dc=uk] : ou=infrastructure,o=sampletown,dc=samplecompany-dev,dc=co,dc=uk
    There are 3 possible schema types:
    1 - schema 1 for systems with iMS 5.x data
    1.5 - schema 2 compatibility for systems with iMS 5.x data
    that has been converted with commdirmig
    2 - schema 2 native for systems using Identity Server
    Please enter the Schema Type (1, 1.5, 2) [1]: 2
    Identity Server has not been configured for this new user/group suffix
    You can opt to continue, but you will not be able to use
    features that depend on Identity Server
    Are you sure you want this schema type? [n]:
    I have entered my user group suffix exactly as specified during the Access Manager install (hence I am able to login as "amadmin").
    Looking at the LDAP logs to try and figure out whats going wrong I see its not getting hits on all searches it is performing:
    [30/Aug/2005:16:41:18 +0100] conn=299 op=159 msgId=161 - SRCH base="ou=services,ou=infrastructure,o=northampton,dc=dataforce-
    dev,dc=co,dc=uk" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1)(|(objectClass=*)(objectClass=ldapsubentry)))(obj
    ectClass=referral)(objectClass=organization)(objectClass=organizationalUnit)(objectClass=netscapeServer)(objectClass=netscape
    Resource)(objectClass=domain))" attrs="dn"
    [30/Aug/2005:16:41:18 +0100] conn=299 op=159 msgId=161 - RESULT err=4 tag=101 nentries=1 etime=0
    [30/Aug/2005:16:41:18 +0100] conn=299 op=160 msgId=162 - ABANDON targetop=NOTFOUND msgid=161
    [30/Aug/2005:16:41:18 +0100] conn=299 op=161 msgId=163 - SRCH base="ou=people,ou=infrastructure,o=northampton,dc=dataforce-de
    v,dc=co,dc=uk" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1)(|(objectClass=*)(objectClass=ldapsubentry)))(objec
    tClass=referral)(objectClass=organization)(objectClass=organizationalUnit)(objectClass=netscapeServer)(objectClass=netscapeRe
    source)(objectClass=domain))" attrs="dn"
    [30/Aug/2005:16:41:18 +0100] conn=299 op=161 msgId=163 - RESULT err=0 tag=101 nentries=0 etime=0
    [30/Aug/2005:16:41:18 +0100] conn=299 op=162 msgId=164 - SRCH base="ou=clientdata,ou=infrastructure,o=northampton,dc=dataforc
    e-dev,dc=co,dc=uk" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1)(|(objectClass=*)(objectClass=ldapsubentry)))(o
    bjectClass=referral)(objectClass=organization)(objectClass=organizationalUnit)(objectClass=netscapeServer)(objectClass=netsca
    peResource)(objectClass=domain))" attrs="dn"
    [30/Aug/2005:16:41:18 +0100] conn=299 op=162 msgId=164 - RESULT err=0 tag=101 nentries=1 etime=0
    [30/Aug/2005:16:41:18 +0100] conn=299 op=163 msgId=165 - ABANDON targetop=NOTFOUND msgid=164
    [30/Aug/2005:16:41:20 +0100] conn=299 op=164 msgId=166 - SRCH base="ou=services,ou=infrastructure,o=northampton,dc=dataforce-
    dev,dc=co,dc=uk" scope=1 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="objectClass numSubordinates ref aci"
    [30/Aug/2005:16:41:20 +0100] conn=299 op=164 msgId=166 - RESULT err=0 tag=101 nentries=41 etime=0
    [30/Aug/2005:16:41:28 +0100] conn=299 op=165 msgId=167 - SRCH base="ou=services,ou=infrastructure,o=northampton,dc=dataforce-
    dev,dc=co,dc=uk" scope=0 filter="(|(objectClass=*)(objectClass=ldapsubentry))" attrs="objectClass numSubordinates ref aci"
    [30/Aug/2005:16:41:28 +0100] conn=299 op=165 msgId=167 - RESULT err=0 tag=101 nentries=1 etime=0
    [30/Aug/2005:16:41:28 +0100] conn=299 op=166 msgId=168 - SRCH base="ou=services,ou=infrastructure,o=northampton,dc=dataforce-
    dev,dc=co,dc=uk" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1)(|(objectClass=*)(objectClass=ldapsubentry)))(obj
    ectClass=referral)(objectClass=organization)(objectClass=organizationalUnit)(objectClass=netscapeServer)(objectClass=netscape
    Resource)(objectClass=domain))" attrs="objectClass numSubordinates ref aci"
    [30/Aug/2005:16:41:29 +0100] conn=299 op=166 msgId=168 - RESULT err=0 tag=101 nentries=41 etime=1
    [30/Aug/2005:16:41:29 +0100] conn=299 op=167 msgId=169 - SRCH base="ou=iplanetamauthservice,ou=services,ou=infrastructure,o=n
    orthampton,dc=dataforce-dev,dc=co,dc=uk" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1)(|(objectClass=*)(objectC
    lass=ldapsubentry)))(objectClass=referral)(objectClass=organization)(objectClass=organizationalUnit)(objectClass=netscapeServ
    er)(objectClass=netscapeResource)(objectClass=domain))" attrs="dn"
    [30/Aug/2005:16:41:29 +0100] conn=299 op=167 msgId=169 - RESULT err=0 tag=101 nentries=1 etime=0
    [30/Aug/2005:16:41:29 +0100] conn=299 op=168 msgId=170 - ABANDON targetop=NOTFOUND msgid=169
    [30/Aug/2005:16:41:29 +0100] conn=299 op=169 msgId=171 - SRCH base="ou=iplanetamauthldapservice,ou=services,ou=infrastructure
    ,o=northampton,dc=dataforce-dev,dc=co,dc=uk" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1)(|(objectClass=*)(obj
    ectClass=ldapsubentry)))(objectClass=referral)(objectClass=organization)(objectClass=organizationalUnit)(objectClass=netscape
    Server)(objectClass=netscapeResource)(objectClass=domain))" attrs="dn"
    [30/Aug/2005:16:41:29 +0100] conn=299 op=169 msgId=171 - RESULT err=0 tag=101 nentries=1 etime=0
    [30/Aug/2005:16:41:29 +0100] conn=299 op=170 msgId=172 - ABANDON targetop=NOTFOUND msgid=171
    [30/Aug/2005:16:41:29 +0100] conn=299 op=171 msgId=173 - SRCH base="ou=iplanetampolicyconfigservice,ou=services,ou=infrastruc
    ture,o=northampton,dc=dataforce-dev,dc=co,dc=uk" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1)(|(objectClass=*)
    (objectClass=ldapsubentry)))(objectClass=referral)(objectClass=organization)(objectClass=organizationalUnit)(objectClass=nets
    capeServer)(objectClass=netscapeResource)(objectClass=domain))" attrs="dn"
    [30/Aug/2005:16:41:29 +0100] conn=299 op=171 msgId=173 - RESULT err=0 tag=101 nentries=1 etime=0
    [30/Aug/2005:16:41:29 +0100] conn=299 op=172 msgId=174 - ABANDON targetop=NOTFOUND msgid=173
    [30/Aug/2005:16:41:29 +0100] conn=299 op=173 msgId=175 - SRCH base="ou=iplanetamauthenticationdomainconfigservice,ou=services
    ,ou=infrastructure,o=northampton,dc=dataforce-dev,dc=co,dc=uk" scope=1 filter="(|(&(numSubordinates=*)(numSubordinates>=1)(|(
    --More--(83%)
    The list goes on.
    Can anyone give me any pointers?
    Thanks

    Hi
    Thanks for your reply!
    I did mis-type, my mistake - sorry about that.
    If I dont over-ride the default it works, I've pretty much got the whole setup working now but I'm not particularly over the moon about the way the ldap tree is setup, I'd like finer granuality as we are going to attempt to get syncronization working with AD.
    I have an idea about how I'd like to set up our Mail/Calendar/LDAP infrastructure the 2nd time around (I'm just testing at the mo) - so I might have a question or two for you if you dont mind taking a look when you have a minute?
    Thanks Jay

  • New Request/Service Offerings not displaying on Portal via Catalog Group/ User Role

    I have created some new service offerings and request offerings which I have published and are visible on the portal when logged in as an administrator.
    I have then added these new items into a catalog group which is tied to a pre-existing user role to target our IT department ( this user role is currently working fine and shows all the other IT related offerings)
    The new published items do are not showing up on the portal.
    AD sync completed with no errors.
    I have done the following to troubleshoot to no avail:
    -  created a new catalog group and user role to target the new SO RO's to
    - targeted directly to a test user rather than the AD group 
    Some other weird things that I  believe to be  related to this is that the contents of catalog groups appear empty on local console but when logging on to the SM server to launch console all catalog group items are visible.
    we are seeing a lot of  error and warning event logs 26319 & 3333
    Any suggestions?
    Thanks
    Pete

    did you try to restart the Microsoft Monitoring Agent?
    Antoine AL Ibry

  • User Specific catalog UI configuration - Custom catalog user role

    Hi all,
    We need different user specific layout settings for each user. i have duplicated catalog user role for each user and maintained specific named search for that particular user in constraint. but when we want to configure specific layout for individual user. its not showing that catalog user in the catalog config UI for the layout configuration. please advice. if it shows that specific user then we would configure each specific user layout with individual look and feel ( like shopping lists, search fields, images, etc., ). thanks for your inputs.
    Your help would be highly appreciated!!!!!!!!!!!!!

    Hi Smartsoft General user,
    I guess you are on SRM-MDM Catalog 3.0
    We have the same business scenario as yours. Its working perfectly for us.
    1. Donot copy Catalog User role. SRM-MDM UI Config only accepts users assigned under std Catalog User role. You dont need mutiple copies of Catalog user role, anyways it wont work.
    2. Create multiple webservices for each Named search. Provide one User (like User1, User2...or your own created ones) and one Named Search as following parameters in each webservice.
              http://<your server:port>/SRM-MDM/SRM_MDM
    username     User<n>
    password     <password>
    server     <your server>
    repositoryType     M ( for Master ) S (for Slave)  - Make sure you are pointing to right repo if you have master/slave
    catalog     <provide Repository name- make sure you are giving right repository name, I provided it wrong first time>
    port     <your port>
    uilanguage     SY-LANGU
    datalanguage     SY-LANGU
    mask     < keep blank if you want dynamic search>                                                                               
    namedsearch     <Provide exact Named search name as you provided in Data Manager>
    HOOK_URL                                                                               
    returntarget     _parent
    If you are creating 5 different Named searches, create 5 different webservice definitions as above.
    3. Now for each Catalog user, you can perform separate search UI layout as you wish.
    Let me know if this helps or have any questions. If this worked for me, we will make it work for you.
    ~Pravin

  • User role to access configuration management in NWA

    Hi,
    What USER role is required to create the destination information in configuration management in NWA. When I access NWA, I only have access to SOA management which has only Monitoring tools with role SOA technical ADmin.
    I need this to convert IDOC XML to flat file.
    thanks
    Prashanth

    Hi Prasanth,
    I am not sure about the exact role but, the ABAP role "SAP_NWA_FULL" & Java role "NWA_SUPERADMIN" will certainly help. This is the role that i had when i was trying a similar scenario.
    Please take a look at the following link which might be helpful:
    http://help.sap.com/saphelp_nwpi71/helpdata/en/45/c7ca8e89e45592e10000000a1553f7/content.htm
    You can infact ask your Basis team to help you out with this.
    I hope this helps.
    Regards, Gaurav.
    Edited by: Kumar Gaurav on Nov 9, 2010 5:57 AM

  • Create new user same as a existing roles and Privileges

    Hi Team,
    I am a junior DBA. New user Joined in Application team. So, Client requested me.....
    Crerate new user with same privileges as like as existing user.
    As of now i am creating user like "create user username identified by "password". Then grant privileges to that user. earliar I never comapare or copied users.
    Please suggest any one how to create new user as like as existing user roles and privileges.
    Thanks,
    Venkat

    For basic cloning:
    select dbms_metadata.get_ddl('USER', '...') FROM DUAL;
    SELECT DBMS_METADATA.GET_GRANTED_DDL('ROLE_GRANT','...') FROM DUAL;
    SELECT DBMS_METADATA.GET_GRANTED_DDL('SYSTEM_GRANT','...') FROM DUAL;
    SELECT DBMS_METADATA.GET_GRANTED_DDL('OBJECT_GRANT','...') FROM DUAL;
    SELECT DBMS_METADATA.GET_granted_DDL(‘TABLESPACE_QUOTA’, ‘...’) FROM dual;
    Then just replace the username with the new one you want to create.

  • User roles property, when system alias is configured in universal worklist

    Hi,
    I am configuring system alias in Universal Worklist Configuration.  I have keyed in system alias and connector type and saved the system alias and its working fine.
    Apart from system alias and connector type, there are other properties like "User Roles, Delta Pull Channel Refresh Period(in seconds) and Delta Pull Channel Snapshot Refresh Period(in minutes). Can you any let me know what is the use of these properties.
    I heard that "Delta Pull Channel Refresh Period(in seconds)"  is the time period to refresh the UWL is it correct.
    Thanks & Regards,
    H.K.Hayath Basha.

    Try searching the http://help.sap.com  SAP NetWeaver pages for delta pull!

  • Assigning Default Role to New Users created

    Hi
    How can we assign a default Role to any new User created.
    This Role should automatically get assigned whenever a new User is created.
    Regards

    Hello,
    for ABAP Stack users you can just create a reference user with the according roles and copy new users from it.
    Regards
    Christian

  • How to retrieve the Role of a custom sharepoint Group Progrmatically and also assigning the same roles to new user?

     I want to retrieve the roles assigned to custom group progrmatically and assigning the same roles to new user?

    Hi,
    According to your post, my understanding is that you want to retrieve the Role of a custom sharepoint Group Progrmatically and also assigning the same roles to new user.
    To retrieve the Role of a custom sharepoint Group, you can refer to:
    http://www.sharepointfix.com/2011/05/find-rolepermissions-of-currently.html
    To assign the same roles to new user, you can refer to:
    http://msdn.microsoft.com/library/Microsoft.SharePoint.SPRoleAssignment
    Best Regards,
    Linda Li
    Linda Li
    TechNet Community Support

  • Assigning System Administrator role to a new user in OIM 11gR2

    I am trying to assign full access as xelsysadm to a newly created user but not able to. Unable to identify option to add System Administrator role. System Administrator admin role is available to TOP organization and we can not create a new user in TOP. any suggestion will be helpful.

    goto-> organization-> search and select Top organization-> open detail page-> click on Admin Role-> select Adminrole(System Administrator) -> click on Assign button-> select user and add it-> finally click on okay.

  • New GL configuration & end user presentation - ECC6-version

    Hi,
    In ECC6.0 version we need to have " New GL configuration & end user presentation "
    Regds,
    Niranjan

    Niranjan,
    Please use this link to get all the required information.
    http://help.sap.com/saphelp_erp60_sp/helpdata/en/2d/830e405c538f5ce10000000a155106/frameset.htm
    Hope this helps you.
    Rgds
    manish

Maybe you are looking for