Creating Restricted Helpdesk Role

Similar Messages

• How to create a new ROLE in BW

  Hi All,
  I would like to create a new ROLE in BI 7.0.
  How to remove a query from a ROLE.
  Thanks in advance

  Roles are created in Tcode PFCG . Here you can restrict  the objects ( Info areas , infoproviders , queries , etc ) and actions ( execute , change , display ) for which you want to give authorisation.
  If authorisation is based on some info object eg company code , we create analysis authorisation in RSECADMIN ( restrict it to auth variable created in Bex ). This auth variable code may refer to a DSO which defines the user and company code relationship ie reads the current user and returns the company codes maintained against that user in DSO .In PFCG , we assign this analysis authorisation to authorisation object  while creating role .
  Role can be assigned to a user using PFCG or SU01 tcode.
  Roles can be modified( removing query as in your case ) in PFCG ---> Give role name ---> Change .

• How to restrict selected Role under a Role???

  Hi Friends,
  I have 3 roles, which are Role-1, Role-2, Role-3.
  Role-2 & Role-3 are Under/Part of Role-1.
  Now, I have assigned Role-1 to a user. By doing this, When he logs in he is able to see the Role-2 and Role-3 also eventhough we havent assigned Role-2&3.
  Now My question is, How to restrict a role under a role. For example, I dont want to show Role-3.
  When i checked the user roles assigned, i see only Role-1 but not 2 other roles.
  Could anyone advice on how to make unwanted role in role. Assuming, no one is going to assign directly with Role-2 & Role-3. They got assigned only Role-1.
  Thanks for u r time!!
  Thanks,
  Raghavendra.P

  Hi Praveen,
  Thanks for important/useful information. I really dont understand is., Inspite of giving the properties to the each of role/workset, How do we call the approprite under the role. for example :
  If we have Role-2 with propery dept=sd,
  and Role-3 with propert dept=xi, etc.
  Now i have Role-1, within which i have Role-2 and Role-3.
  Now, if i want to see only roles with dept=xi then where should i mention and what should i mention.
  I understood till creating the properties, assigning the properties to roles/worksets, giving values to properties.
  Only i doesnt understood is how to activate which we want in the scenario.
  Thanks for your time..!!!
  Thanks,
  Raghavendra Pothula

• How to create a DBA role in weblogic 11g

  Hi,
  How can I create a role that will have permissions to create, delete, test and configure Data sources and won't be able to do/touch anything else?
  Thanks,
  Vitaly

  Hi Vitaly
  No. This is NOT possible. Basically you want Edit/Modify prvileges only for DataSources section. In high level, you can get like full access to all the areas which is Adminstrators. Or get Read Only access to all the areas like Monitors Group. Or just get Deployers who can only deploy. But you can get like access to only few areas in weblogic console. Below is just high level 3 important groups.
  Login into Weblogic Console -> Security Realms -> myrealm -> Groups tab and you can see list of groups that you can assign to any users.
  Administrators - Administrators can view and modify all resource attributes and start and stop servers.
  Deployers - Deployers can view all resource attributes and deploy applications.
  Monitors - Monitors can view and modify all resource attributes and perform operations not restricted by roles.
  Thanks
  Ravi Jegga

• Creating Restrictions in BEx query designer for (1-a), where a is variable.

  Dear All,
  >>  Suppose for the variable in the BEx query designer, I've created restriction for 0FISCPER to the variable 0P_PER (as 0P_PER-1) by right clicking 0P_PER3, from that a dialog box appears.  In that I've selected 0P_PER3 and then clicked on offset variable and when I set the offset variable, it works for (0P_PER-1.etc, 0P_PER+1,etc..)
  But if I want to have (1-0P_PER), then plz tell me how to define this restriction?
  Plz explain me the steps to perform (1-0P_PER) restriction in BEx query designer in BW1.
  I'm using SAP BI 7.2 gui.
  Expecting your reply soon,
  with Regards,
  Jerald

  My requirement is that I want to have " 1-fiscal year"., But this I could not define using offset variables, since using offset we can define "fiscal year +1" or "fiscal year -1". 
  So there would be some other way to define "1-fiscalyear".  So Please help me to define "1-fiscalyear"  by giving me the steps.
  Thank you,
  with Regards,
  Jerald

• Create a new role in SRM 7.0 and Portal

  Dear All,
  We are using SRM 7.0 with Portal.  We created a maintenance table in SRM. This table must be maintained from time to time by the key users. But they want to maintain in from Portal, not from SRM.
  When i was using SRM 4.0, it was simple, i was creating a new role from PFCG and assigning the table to the role. Then i was be able to see and maintain it from web. But it is not that simple now in Portal side. Because i created a new role and assigned the table to that role in SRM, but nothing happened in Portal side.
  Can anyone advise me the steps ? How am i going to show and maintain this table in portal  ?
  Thanks in advance,
  Best regards,

  Hi,can you share your solution with me. I have the same question but not smart as you.
  Thanks in advance.
  WuLin
  SRM

• How Can I Create a new Role in an PCD address?

  Hello EveryBody,
  I need to develop a new class that it can manage SAP Portal roles. I got how to recover all the roles of a user or how to recover all the roles in a PCD path. Now I have the problem when I try to create a new role in a PCD path.
  The code that I have to do that it is this:
  try {
  *     IRoleFactory iRoleF = UMFactory.getRoleFactory();*
  *     IRole nuevorol=iRoleF.newRole(pcdPath+nameRol);*
  *     nuevorol.setDisplayName(nameRol);*
  *     nuevorol.setDescription(descripcionRol);*
  *     nuevorol.commit();*
  *     return true;*
  catch (Exception e)
  *     return false;*
  This code it works and it makes a new Role but I donu2019t know how to create this role in a PCD path. Could you help me with this?
  This it is a urgent task that I have to develop, please I need help. Thanks in advance.

  Hi,
       Now I understood your question. As of now, I think there is no api which creates workset and roles in pcd. API are available for iView, page, system and layout only.
  For creation of iView, page etc, check this blog.
  PCD II: Creating Portal Objects
  For role and workset creation, there is another tool used. Check these blogs.
  SP15: XML Content and Actions
  Mass Creation of Portal Content - Generic Creator
  If you want to use this tool functionality in code, then check this blog.
  Using the XML upload content and actions dynamically
  If you are on NW7.1, then check this article.
  https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/40c72897-c7e6-2a10-e98a-af81b89084f4
  Hope these will help. Good luck.
  Regards,
  Harini S

• Error While creating Collection Management role

  Hi
  We did a client copy and Iam getting the error "Database error UDM_PR_HEAD UDM_COLL_BUPA 5" whenever I tried to create collection management roles.
  Database error UDM_PR_HEAD UDM_COLL_BUPA 5
  Message no. UDM_WORK_LIST010
  Diagnosis
  Database instruction UDM_PR_HEAD was not successful.
  Procedure
  If you can reproduce the error message, contact SAP Support.
  Anyone knows anything about this error?
  Thanks

  Hi Ram,
  sorry for the inconvenience, can you provide the collections management(ecc6.0) configuration document.
  i am trying to learn that but i could not find any related document .
  Thanks,
  Ravi

• BP created in "Z" role in CRM

  Hello Experts
  We are maintaining Zroles such as ZSold-to party (ZCRM00) , ZShip-to party (ZCRM02) etc in customising.
  We have created BP with the above Z roles. I have also maintain relationship for these BPs as "Has
  contact person"
  Now when i login to web shop, will i get an option to select the bp which was created with role as ZSold-to, Zship-to?
  Or system considers BP which was created with standard roles only?
  Kindly revert.
  Thanks and Regards
  DJ

  Let us track the BP relationships...
  SU01 to Contact Person
  In shop maintenance, you can maintain the Partner function for Contact Person in the User Administration section. Here you can use any partner function to define the Contact Person. The usual value is 00000015.
  Contact Person to Sold-To
  Contact person to Sold-To selection is strictly by the relationship type and a value of BUR001 which is the Has Contact Person relation is hardcoded in the module.
  Sold-To to Ship-To
  Depends on the Ship-To partner function (normally 00000002 ) assigned to the order type (order type from shop definition), and the sales organization details (obtained from Catalog variant). Technically, it goes after the relationship type for Has the Ship-To Party type, which is CRMH02 and the partner function of the ship-to relation. The partner function must be 00000002.
  So, in theory, if you maintain the right BP relationships, you should be able to use your custom business partner roles. Let me know how it works.
  Easwar Ram
  http://www.parxlns.com

• Portal Run time error when created a seperate role for Transport package.

  Hi Experts,
  I have created a seperate role for Transport Package(import/export iviews).
  Normally we have transport package functionality in system admin.
  Below steps i followed for creating the new role(trans admin)
  1.Copied SAP provided system admin role to a seperate folder.
  2.Deleted reamining portal objects(like UWL, portal display etc ..) except transport packege workset.
  3.Renamed the role to trans admin.
  I have assigned that role to my self, it is working fine to me when i clcik on export and import.I have super admin role.
  when i assign this role to some portal users, Export is not working.
  when user clicks on Export role they are getting below error.
  Portal Runtime Error
  An exception occurred while processing a request for :
  iView : N/A
  Component Name : N/A
  Access denied (Object(s): com.sap.portal.system/security/sap.com/NetWeaver.Portal/medium_safety/com.sap.portal.appdesigner.contentcatalog/components/Framework).
  Exception id: 12:10_31/08/09_0031_21763550
  See the details for the exception ID in the log file
  By looking into exception iD also, same error access denied it is showing.
  Please Advice.
  Thanks
  Sony.

  Hi Raghu,
  Thanks for the reply.
  I have given full permissions to all users to this trans admin role before itself.
  Thanks in advance.
  Sony.
  Edited by: ambica sony on Aug 31, 2009 1:53 PM

• How to create/get user & role in Weblogic 9.2 programmatically?

  Hi,
  I am new to Weblogic 9.
  I need to create a web service to manage user/role in WebLogic 9.
  Searching thru the web and found some classes like:
  AtnSecurityMgmtHelper, AtnProviderDescription etc
  Are those the correct classes to create/retrieve user & role?
  If so, what jar file contains those classes and where is the jar
  file?
  Thanks in advance,
  Terry

  You can do it with WLST help
  http://e-docs.bea.com/wls/docs92/config_scripting/config_WLS.html#wp1019913
  or via JMX through http://e-docs.bea.com/wls/docs92/javadocs/weblogic/management/security/authentication/UserEditorMBean.html and such

• GRC 10 ERM Not able to create Business/Single Role

  Hello Experts,
  In GRC 10, ERM, i have completed all the pre-requisites i.e. Maintaining Connectors, Configuration for Role Management, Maintained and generated the default MSMP workflow (methodology), maintaining role owners.
  Now when i am trying to create a business role or let's say a single role i am unable to to do so as the edit button is disabled.
  I just can't get through this.
  Have i missed anything, and for the record when i tried to Import the Role(Under Role mass maintenance) from backend system i was successfully able to do so and that way only i could get my first role in GRC via import.
  Now if i open this role and try to edit it, can;t do again, because edit button is disabled. But if i perform Role Update(Under Role Mass Maintenance) i can successfully change the attributes and other information and am able to see the new values.
  Why is it like this, i am not able to create Roles in GRC, just i am able to import and update from backend.
  This is really frustrating..what i am missing over here.
  Experts pl. Kindly help!

  Hi Triera,
  1) After opening BRM, Create button is not greyed out. Its available, and if i click on it, then i see all the possible type of Roles that i can create i.e. Business role, composite role, Group, PD Profile, Profile, Single Role, Template etc.
  2) When i try to edit a role by clicking on "Open" , and when the role opens, and then if I click on "Additional Details" (you said "More Details" , i believe you meant that only) link, then also the Edit button is not enabled. Its still greyed.
  What else could this issue be possibly about.
  Configuration- Check.
  Authorizations- Check.
  Workflow- Check.
  Should i raise it with SAP.
  Thanks.

• How to create an audio role for any library in FCPX

  Does anyone know if there is a way to create an audio role in one library and have it as a saved preference that you can use in any library?
  Or do you have to re-create the roles for every library?
  Any help is appreciated!
  Thanks!
  Adrian

  Looks like this has been resolved in the latest update of FCPX 10.2

• Creating the bussiness roles for the bussiness partner using Function modul

  Hi
           How to create the business roles using the function modules for the Business partner.

  You can also assign the role at the time of creation of the business partner itself. Use the function module BAPI_BUPA_FS_CREATE_FROM_DATA to achieve the same.
  If your business partner is already there then you can use the function module BAPI_BUPA_ROLE_ADD.
  <b>Reward points if it helps.</b>

• Urgent - create Standard Authorization Roles

  Hi experts,
  we urgently need to establish some basic roles for our key users and basic users, so they can create/run BeX querys and workbooks as part of the Test User's phase.
  Based on several posts in SDN we have seen that a valid role template would be S_RS_RREDE for key users and S_RS_RREPU for normal users.
  However, I cannot find those roles neither in tx PFCG nor at the Business Content.
  What am I missing? How can I fin those template roles (or any other that can apply)?
  Thanks and bets regards,
  Enric

  have you followed these instructions :
  For 3.x authorizations:
  Roles in BW (Authorization Objects)
  for 7.0 authorizations :
  /thread/509708 [original link is broken]
  here you find a good Authorization Objects Overview:
  http://help.sap.com/saphelp_nw04/helpdata/en/80/1a6859e07211d2acb80000e829fbfe/frameset.htm
  Use TA PFCG to create a new role. http://help.sap.com/saphelp_nw04/helpdata/en/80/1a6866e07211d2acb80000e829fbfe/frameset.htm