Creating XI Roles for CMS and NWDI on seperate J2EE server
We are going through the "How to Transport XI Content Using CMS" Guide. We are runnning CMS and NWDI on a seperate J2EE server.
It's not clear from the guide what we need to do on the J2EE side in terms of the user and roles. The guide mostly details setting up CMS/NWDI on the same box as XI. So we created the XIDIRUSER and XIREPUSER on the seperate J2EE server. We add these users to the SAP_CMS_ADMISTRATOR role/group.
Questions -
- Do we need to create any XI specific profiles/roles on the server - or is that applicable only to CMS running on the XI box?
- Are there any things that we need to keep in mind that is not in the guide when we are setting this up.
If you have a similar landscape (with CMS and NWDI) on a seperate server, I would like to know how you set this up.
Thanks for your help.
Jay Malla
SAP XI Consultant
Licensed To Code
any progress?
on your environment, have U installed DEV, CONS, PRD?
i will be trying to set DEV and PRD, so i am not clear from guide weather it is possible or not.
and do i register J2EE on JDI BOX to SLD on same box?
or only register J2EE on JDI box to centeral SLD box via data supplier on J2EE engine on JDI box
so here are some questions i am not clear;
1. JDI server should be registered to SLD on same JDI BOX? or centeral SLD we are currently using?
or both?
2. according to Guide, they provide to make a domain or track DEV,CONS,PRD, but we will have DEV,PRD. so is it possible to configure CMS?
thanks in advance
Similar Messages
-
Hi I need help in creating role for DEVELOPERS and HCM GUYS in ERP DEV. sys
Hi Experts
I am working as a Support Security Consultant. Now I have assigned to another implemenation Project.
My client asks to create 2 roles in DEV. system the requirement is:
1) He asks to create a role for develpoers in dev system fro devepment activities ( report creation, screen creation..etc..) and these people don't modify the HR related tables
2) He asks to create role for HCM guys in development system to work on HCM Configuration and to work on HCM areas but these people should not involve into develpometn activites
My questions is what are the tcodes we have to maintain in the roles to reach his requirement.
I asked the same thing to my Client he doesn' t provide any information
Please anyone help me on this
Thanks
NareshHi,
for the first query please check auth object -Authorization Object S_TABU_DIS (Table Maintenance)
http://help.sap.com/saphelp_nw04s/helpdata/en/1e/e867408cd59b0ae10000000a155106/content.htm
No Worries
KG -
How to create authorization role for just displaying query prefix Q and X.
Hi Expert,
I hope someone can help me on how to create authorization role for just displaying and executing BEX Queries prefix Q and X. I'm currently using SAP BI 7.1.
Actually, I already created one role called : Z_FORINDO_ONLYDISPLAY_QX
where I only put in the Authorization Component (in the Role Maintenance - Tcode 'pfcg'):
-->Manually Business Information Warehouse
--> Manually Business Explorer - Components
Activity : Display, Execute, Enter, Include, Assign
InfoArea : *
InfoCube : *
Name(ID) of a reporting component : *
Type of a reporting component : Calculated key figure, Restricted key figure, Template structure
--> Manually Business Explorer - Components
Activity : Display, Execute
InfoArea : *
InfoCube : *
Name(ID) of a reporting component : Q* , X*
Type of a reporting component : Query
But, the problem is I still can make changes on that queries (Q* and X*). Even, I still can run query with prefix Z. I use S_RS_RREPU Tamplete for Query Display and execution.
Please assist. Very much appreciate your help. Thanks.
Edited by: nadiyah salleh on Mar 18, 2008 11:22 AMQuestion close. This issue has been resolved.
-
Need steps to create ant scripts for publishing and deploying projects.
Need steps to create ant scripts for publishing and deploying projects.
Have got ant, Oracle BPM Enterprise WL edition installed , Need to know what are the other configurations to be done.
Any working example would help me to understand, please do mail me at [email protected]
Thanks in advance.
-SreeSreekant,
Please find the build file to publish and deploy.
<project name="deployProject"
xmlns:fuego="antlib:fuego.tools.ant.enterprise"
xmlns:fuego.j2ee="antlib:fuego.tools.ant.j2ee" default = "publish">
<property file="./Properties/fuego_deploy.properties"/>
<fuego:passport id="fuego.passport"
directoryid="${fuego.directoryid}"
preset="engine" />
<target name="publish" description="Publish and deploy processes" depends = "takeInputs">
<!-- Open a session to the Oracle BPM directory -->
<fuego:session
passportref="fuego.passport"
verbose="true"
properties="${fuego.basedir}/conf/directory.xml"
haltonerror="true" >
<!-- Publish processes -->
<fuego:publish fpr="${fuego.project.name}"
deploy="true"
engine="${fuego.engineName}"
importdata = "${fuego.importdata}"
automaproles="${fuego.automaproles}"
automapbuspars = "${fuego.automapbuspars}"
automapvars="${fuego.automapvars}"
automapconfigs = "${fuego.automapconfigs}">
</fuego:publish>
</fuego:session>
</target>
<target name= "takeInputs" >
<input
message="Please enter admin-username:"
addproperty="fuego.participant"
/>
<input
message="Please enter admin-password:"
addproperty="fuego.password"
>
</input>
</target>
</project>
and find the properties I have used..
fuego.basedir=C:\OraBPMEnterpriseHome
fuego.directoryid=default
fuego.engineName = bpmengine
fuego.project.name = E:/antExamples/Project/CommonUtilities
# If the below property is true then ant script imports data from the project, as defined in Studio.
# This includes importing:
# •Holiday and Calendar rules
# •Organizational Units
# •Roles
# •Resource configurations
# •External Variables
fuego.importdata = true
#If the below property is true ant script automatically map abstract roles to real ones with the same name.
fuego.automaproles=true
#If the below property is true ant script automatically map business parameter variable names (as defined in the project design) to an business parameter variable id with the same name (as defined in the Fuego Enterprise directory).
fuego.automapbuspars = true
#If the below property is true ant script automatically map external variable names (as defined in the project design) to an external variable id with the same name (as defined in the Fuego Enterprise directory).
fuego.automapvars=true
#If the below property is true ant script automatically map External Resources configurations (as defined in the project design) to real Configurations with the same name (as defined in the Fuego Enterprise directory).
fuego.automapconfigs = true -
Requirement:
How to allow Airwatch MDM access to the Captive-Portal guest users in pre-authentication role for Android and Blackberry devices?
What is Airwatch MDM?
Airwatch MDM is Mobile Device Management. The Airwatch is an enterprise which helps to manage and secure data traveling through the mobile devices like Laptops, Tablets, Android, iPhones, iPads etc.
Solution:
Why we need to allow access to Airwatch MDM?
The network administrator can force the guest users to register to Airwatch MDM before they get authenticated and access the internet. So that the network administrator could manage the guest devices through Airwatch Management tool. This can be achieved by CPPM server. To download the Airwatch MDM app and register with the Airwatch MDM server certain domains should be permitted in the captive portal pre-authentication role. This KB provides the configuration steps to allow the guest users to download the Airwatch MDM app and register with the Airwatch MDM server.
Configuration:
Below is the configuration
Configuration steps:
1. Create the following netdestinations
netdestination Airwatch
name *.awagent.com
name *.awmdm.com
name air-watch.com
netdestination Google-Play
name android.clients.google.com
name .ggpht.com
name gstatic.com
name accounts.google.com
name clients1.google.com
name clients2.google.com
name clients3.google.com
name clients4.google.com
name i.ytimg.com
name google-analytics.com
name .1e100.net
name android.l.google.com
name mtalk.google.com
name clients.l.google.com
name googleapis.com
name gvt1.com
netdestination BlackBerry
name *.blackberry.com
2. Now define the rules in the session acl and map it to the pre-authentication Role of the captive portal.
ip access-list session Airwatch_Access
any alias Airwatch svc-http permit
any alias Airwatch svc-https permit
ip access-list session Google-Play-Store
any alias Google-Play any permit
ip access-list session BlackBerry-Access
any alias BlackBerry any permit
3. Now map the session ACLs to captive-portal pre-authentication Role as follows
user-role Guest-Pre-Auth-Role
access-list session Airwatch_Access
access-list session Google-Play-Store
access-list session BlackBerry-Access
access-list session logon-control
access-list session captiveportal
4. Now whitelist the list of domain names in the Captive Portal profle
aaa authentication captive-portal Airwatch-Captive-Portal-Profile
white-list Airwatch
white-list Google-Play ------------>Netdestinations where you defined the Domains.
white-list BlackBerry
Verification
Now the user will be placed under the "Guest-Pre-Auth-Role" before the authentication. The user can now go the Google Play-Store or BlackBerry Appworld to download the Airwatch MDM and register to Airwatch Management Server.Thanks so much getting these names listed out. I have been working on this very issue for a few weeks and was basing my firewall rules on IP's. It was not going well. Now access is working and testing can commence! Thanks,Chris
-
Creating the Role for ZHRECM_SAR Tx
Hello
I am creating a Role for customized Transaction ZHRECM_SAR.
Do I have to add any Auth Objects for
it in SU24 before I add this cusotmized transaction to the Menu tab in New Role?
How can I decide which Auth Object should I add?
If I do add PLOG and P_ORGINCON
in SU24, how would I know what Activity and Infotypes should I choose?
Please advice.
Regards,
PT.Hi pt (Caps-Off),
Thanks for clarifying! There is another The specified item was not found. here at SDN who also signs as "PT" (Caps-On) and has been asked to follow up on many unresolved questions but did not respond.
Perhaps you could have a word with him? He doesn't listen to me
Cheers,
Julius
PS: Are you sure my answer to your question about PLOG is correct? -
Create 9 Role for node Hierarchiy
Hello,
Create 9 Role for node Hierarchiy.. How can i do that ?
please in BW3.5
thnx
BarishHi HVR,
I have a hierarchy.
Main H
A
a1
a2
a3
B
b1
b2
I need more roles to Authorized the nodes A and B. When a User in the Integred Planing works with node A, cant another user work with the
same node. Therefor i need some roles more...
THNX, hope that was clear )
barish -
How to create custom infotype for training and event management
hai freinds can any one tell me how to create custom infotype for training and event managment with following fields
PS No PA0000-> PERNR
Name - PA0001 -> ENAME
IS PS.No. PA0001-> PS no. of Immediate Superior
IS name PA0001 -> ENAME
thanx in advance
afzalHi,
Your question is not clear for me. Since it is a TEM infotype, it could be a PD infotype.
If you wish to create a PD infotype, use transaction PPCI to create the infotype.
But before that you need to create a structure HRInnnn (where nnnn is the infotype number) with all the fields relevant for the infotype.
If you wish to create a PA infotype, use transaction PM01 to create the infotype.
But before that you may be required to create a strcuture PSnnnn (where nnnn is the infotype number) with all the fields relevant for the infotype.
Regards,
Srini -
I have multiple devices (iMacs, Lap tops, Ipads) all connected to a Nas Drive. Can I create a user for myself and one for my wife and we each have our own apple ID's, Itunes etc, but share the same data on the hard drives? So when she logs in, and sync's her ipads, they will sync with her stuff and when I do the same under my user account, on the same device, my ipads will sync with my stuff?
You can share the same Apple ID for purchasng form the iTunes and app stores without any problems, but you should all used separate iCloud accounts with separate Apple IDs. (You are not required to use the same ID for iCloud and other services as you do for the iTunes store.) This will prevent you from ending up with merged data. You should also use separate Apple IDs for iMessage and FaceTime or you will end up getting each other's text messages and FaceTime calls.
This article may be of interest: http://www.macstories.net/stories/ios-5-icloud-tips-sharing-an-apple-id-with-you r-family/, as well as this video: http://macmost.com/setting-up-multiple-ios-devices-for-messages-and-facetime.htm l. -
How to create a Templates for Categories and Products In BCC
Hi All,
Could you please tell me How to create a Templates for Categories and Products In BCC and how Can I get those Templates details(Categories and Products)in jsp
If possible can any one send the document or where we find in atg docs
Regards,At product/category/sku level there is a property called template.
Find the property in ACC/BCC and provide all the values including the URL property.
In you jsp, you can use this property from product/sku like the way you retrieve any other property from sku/product.
<dsp:valueof param="product.template.URL" />
Using that property with <dsp:include> includes that page.
Peace
Shaik -
Is there a way I can create a folder for storage and put on desktop?
Is there a way I can create a folder for storage and put on desktop?
What you can do is move them into a sub folder where they are all grouped into one icon. Gets them off your screen, sort of.
-
How to create fxplug transition for xcode and quatrz composer
how to create fxplug transition for xcode and quatrz composer?
Hi Mohan,
You have to create and configure your system in the system administration tab in the portal.
Usually, it looks like the following:
System from template: JDBC System
Connector properties
Connection URL: jdbc:sap:sqlserver://<serverlocation>;DatabaseName=<database name>
Driver class name: com.sap.portals.jdbc.sqlserver.SQLServerDriver
User management properties
User mapping type: admin, user
Set the system with an alias.
Go to user administration tab and map the user with VCRole to the configured system
(the default for MSSQL is usauly user: sa and pw: admin)
Save your changes and logon to VC with this user.
The alias name should appear in your list of systems.
Hope I helped,
Shay -
Create an infotype for Training and Events
Hello SAP HCM Community,
Does anyone have a step-by-step procedure on how to create an infotype for Training and Events (specifically for External Persons - H)?
I also need to find out how do I edit an existing Training and Events or PD infotype, i.e. to add fields or remove them?
Kind regards
DorianneHi Dilek,
Firstly before I give you the example please advise if IT1690 is a SAP standard infotype?
Example:
When creating a Business Event (E) via transaction PSV2, PV10 or PV11 I want certain rules to be in place when the user selects the following:
When selecting an option under 'Location' for example "Internal", the user will then go to "Organizer Data". Under "Organizer Data" there will be a drop down list of A, B or C. For "Internal" Location the user should only pick option B, so if they select any of the other options and attempt to save the transaction will be stopped with an error with a message, i.e. " Incorrect Organiser Data Captured for Internal".
I look forward to your response.
Kind regards
Dorianne -
Do we need to create message interfaces for idocs and rfcs thatare imported
do we need to create message interfaces for idocs and rfcs thatare imported
from sap server
in scenarios from sap system to file or vice versa
i knew that we need not create message types
do we also skip creating message interfaceshi,
you create an abstract message interface for IDOC only if you want to use
them in a BPM (integration process)
for more about IDOCs have a look at my book:
<a href="/people/michal.krawczyk2/blog/2006/10/11/xi-new-book-mastering-idoc-business-scenarios-with-sap-xi"><b>Mastering IDoc Business Scenarios with SAP XI</b></a>
Regards,
michal
<a href="/people/michal.krawczyk2/blog/2005/06/28/xipi-faq-frequently-asked-questions"><b>XI / PI FAQ - Frequently Asked Questions</b></a> -
How to create Users/Roles for ldap in weblogic without using admin console
Is it possible to create Users/Roles for ldap in weblogic without using admin console? if possible what are the files i need to modify in DefaultDomain?
or is there any ant script for creating USers/Roles?
Regards,
Raghu.
Edited by: user9942600 on Jul 2, 2009 1:00 AM
Edited by: user9942600 on Jul 2, 2009 1:58 AMHi..
You can use wlst or jmx to perform all security config etc.. same as if it were perfomred from the admin console..
.e.g. wlst create user
..after connecting to admin server
serverConfig()
cd("/SecurityConfiguration/your_domain_name/Realms/myrealm/AuthenticationProviders/DefaultAuthenticator")
cmo.createUser("userName","Password","UserDesc")
..for adding/configuring a role
cd("/SecurityConfiguration/your_domain_name/Realms/myrealm/RoleMappers/XACMLRoleMapper")
cmo.createRole('','roleName', 'userName')
...see the mbean docs for all the different attributes, operations etc..
..Mark.
Maybe you are looking for
-
I need a script that copies the filename into the file
I need a script that copies the filename into 4th column of each line in the text doc file. I have over 2000 different file names each containing 6 columns and ~50-100 rows. I can do this manually using this script: awk '{print $1"\t"$2"t\"$3"\t <nam
-
How to remove devices shown in RME and not existing in DCR?
I have problem with some devices (in fact IP addresses) that was discovered and used by RME in the past but are not reachable anymore. They spoil statistics in RME (collection of inventory and configuration) however they do not exist in DCR. Do you h
-
IPad disconnects to wifi at home
I have a first gen iPad. It's been connected to my home wifi for a while now. Started having problems for about a month now, it disconnects from my home wifi network. Everything else stills works fine, my laptop, home computer, eye. The Internet is w
-
dear all, i have imeeting impleminted i used it over the net many times, on of my clinet have a proxy so iam not able to use my imeeting over intenet on his site so he asked me what ports should i open for you inorder to use the imeeting. so what htt
-
E7 Charges, but doesn't connect to PC.
This is very peculiar. My E7, I don't have any probelms with whatsoever, even using Belle refresh. My Wife's E7 is a different story! When plugging it into the wall charger, it charges as expected. When connecting it to computer, all I get on the pho