Creation of bp role

Similar Messages

• Need procedure for creation of BW Roles, Assigning Queries,Publishing Roles

  Hi Experts,
    Could you please let me know the procedure for creation of BW Roles, Assigning Queries,Publishing Roles in Business Explorer (BEx - BW 3.5)
  Thanks in advance,
  Andy

  Hi,
  Creating BW Roles
  http://help.sap.com/saphelp_nw04/helpdata/en/52/6714b6439b11d1896f0000e8322d00/frameset.htm
  Assigning Queries
  After creating the query, save the query to a role from the query designer.
  Publishing Roles in Business Explorer
  https://websmp101.sap-ag.de/~sapdownload/011000358700002894802003E/HowToBIPortal1.pdf
  Hope this helps you..!
  -Pradnya

• Disable the buttons for creation using PFCG roles

  Hi SAP Experts,
     How to disable the buttons for creation using PFCG roles?
  Regards,
  Jaya

  Hi,
  u have to write the code in <b>at selection-screen output</b> event
  AT SELECTION-SCREEN OUTPUT.
    LOOP AT SCREEN.
      IF  <b>P_PRINT</b> = 'X'.  " this is radiobutton
        IF screen-name = 'P_RANGE'.
          SCREEN-INPUT = 0.
        ENDIF.
        modify screen.
      ELSE.
        IF screen-name = 'S_LFDAT-LOW'.
          SCREEN-INPUT = 0.
        ENDIF.
        IF screen-name = 'S_LFDAT-HIGH'.
          SCREEN-INPUT = 0.
        ENDIF.
        IF screen-name = 'S_WERKS-LOW'.
          SCREEN-INPUT = 0.
        ENDIF.
        IF screen-name = 'S_WERKS-HIGH'.
          SCREEN-INPUT = 0.
        ENDIF.
        IF screen-name = 'P_LIFNR'.
          SCREEN-INPUT = 0.
        ENDIF.
        IF screen-name = 'S_BUKRS'.
          SCREEN-INPUT = 0.
        ENDIF.
        modify screen.
      ENDIF.
    ENDLOOP.
  Hope it helps.
  Regards,
  Sonika

• Creation of partner roles for customer master

  Hello,
  when I try to create one or more partner roles while creating a customer with IDOC DEBMAS basic type DEBMAS06 I get the error message:
  No customer ID found for partner .
  The required fields PARVW and KUNN2 are filled with valid values.
  Can anybody help ?
  Regards
  Alex

  Hi Alex,
  Could you specify what error message you are getting?
  Thanks!
  Rudra

• Creation of new roles in OES using BLM API

  I'm currently using policymgtapi examples for creating new roles. Its gets created but doesn't visible in OES Entitlement application console even though the entry is present in OES DB. But if you create a new User, its available immediately in OES Entitlement application. Pls let me know why Role is not available in Entitlement application after creating using policymgtapi. Thanks

  Is there any org scope to the role?
  There's some conversion process that happens when you load roles via policyloader, I suspect you would need to do the same with Policy Mgt API. There are some groups you need to add to have it show up in the EUI.

• Sending an email after creation of new role

  Whenever new role is created in Transaction PFCG I need to email to all the users.
  There is no User-Exit in PFCG and we can't create any new Program for this.
  So how it will be done?
  If anyone worked on it please reply to this as soon as possible.

  hi Zahid Khan,
  as said i tried the same.
  i have created a button "send" action :submit.
  and also have created a process"send mail" with the folloing code
  DECLARE
  l_body CLOB;
  BEGIN
  l_body := 'Thank you for your interest in the APEX_MAIL package.'||utl_tcp.crlf||utl_tcp.crlf;
  l_body := l_body ||' Sincerely,'||utl_tcp.crlf;
  l_body := l_body ||' The APEX Dev Team'||utl_tcp.crlf;
  apex_mail.send(
  p_to => '[email protected]',
  p_from => '[email protected]',
  p_body => l_body,
  p_subj => 'APEX_MAIL Package - Plain Text message');
  APEX_MAIL.push_queue;
  END;
  and , Process Success Message as "done" and When Button Pressed (Process After Submit When this Button is Pressed): "SEND" WITH Process Point : "ON SUBMIT AFTER COMPUTATIONS AND VALIDATION"
  The process is running.., getting the """success message""" but unable to""" get the mail""".(tried different combinations of mail ids)
  any help !!!

• Creation of new role.

  Hi BW guys,
                    This problem is faced by me during the first time. I have created 1 project in R/3 and i have checked it in BW too. When i check my master data i am getting the project details but when i try to create role and search for that project - it's not there. This is for the first time i am getting this kind of situation. Is something missing?Please guide.
  Regards,
  Shailja.

  See there must be a crooked arrow sign on the top left of the STMS screen....in green colour.....
  Click on the icon and I hope you will see that...
  If not then.....on the header menu...go to extras....click on add request and then give request ID.....hope this will definitely solve your problem...
  Assign points if useful.
  Regards
  Gajendra

• HCM Authorization - Creation of separate Roles & Objects

  Hi All,
  We are developing authorisation matrix and have following doubt:
  The Scenarion is:
  - There are around 130 HR Users can be classified into 10 unique groups.
  - Each user handles from 4 - 8 locations, where locations are not part of PSA but are captured thru VDSK1 feature and stored the details in Organisation Keys
  - OM, PA, PE, PD modules along with ESS with few Custom trnsactions, workflows developed.
  My proposed solution is :
  1. Create 10 Roles only with tcodes (Trn_Roles_Grp_01 to Trn_Roles_Grp_10)
  2. Create 130 Roles without tcodes, but with objects authorisations (Obj_Roles_001 to Obj_Roles_130)
  3. For each user, assign relevant Trn_Role & Obj_Role
  Will this solution work ?  Or any better suggestions are welcome...
  Thanks & Regards,
  Vijay

  Hi,
  You solution will work, but you will have 140 roles. It is to many for 130 users.
  I can suggest you to use structural authorizations to drive scope of access by organization structure rather than enterprise structure. This will reduce number of PA role, but increase number of structural roles. However it will be more consistent approach as you will drive access to functionality by PA roles and organizational scope by OM roles.
  Cheers

• Creation of Business role without allow user the possibility of personaliz.

  Hi
  I'm new in SAP. and I'm in need. Is it possible create Business Role (in CRM) without the possibility (for the user) to personalize the assignment block and the general setting?
  Thanks for your future help!
  Stefano

  Hi,
  this is possible by assigning the Function Profile 'PERSONALIZATION' with value 'ALL_DISABLED' to your business Role in the Business Role Customizing.
  Kind regards,
  Carl

• Security and Control - Creation of ORG Roles

  Hi
  I have created an organization role against one functional role by adding the objects containing org elements only which are falling in that functional role. Now as per the rule it should a user will have one functional role attached and one respective org role which will have local value of org elements and accordingly there will be so many instances of org role. Viz. if there are 100 plants and 50 company codes, then there will be 100 org role for plants and 50 org roles for company codes. so by this practice we are reducing the number of instance roles ( which in tradition method would have been 100*50 = 5000 and in this case it will be 100 + 50 = 150)
  This concept works fine if we have only one org element falling in one object (e.g F_BKPF_BUK, has only plant as the org element), but my question is how can I handle the sceneriao in which there are more than one org element falling in the object ?? e.g. authorization object J_1IA_POSO contains org elements company code and plant ( which comes from transaction code J1I0).
  Your early responce is highly appreciated.
  Thanks & Regards
  Shailendra

  Dear Gaurish
  your demand is quite standard. There is only a "but": nearly 60% of the properties are "global" ones and not "local" ones. That means e.g. "density" data should be valid "global". But e.g. in the context of GHS, OEL etc. local data is required. The access concept is therefore not always prepared on level of VAT/property; e.g. a french guy need to maintain the OEL; the same for the german guy; but there is only one VAT. So the differentiation is done in most cases on usage level. But you need to differentiate the maintenance in CG02/CG02BD from the topic of generation and releasing SDS. Here as well access concepts are used.
  Any access conept is very "company" specific. Just check the available objects which are used to "control"/"Set up" access rights. E.g.:
  SAP EHS user list and Authorizations | SCN
  E.g. consolut - Complete Authorization Object Documentation From /AAA up to E
  might helps as well.
  On top: Access cocnept depends on release you are using. Higher releases does have more authorization objects as in the past. So access concept is not only company specific but release specific as well.
  Topic of access concept is discussed "rarely" here.
  Authorization object C_SHES_TVH
  authorisation object for property tree in CG02
  Specification type authorizations
  IHS safety measures authorization object
  EHS
  May be check "Best practise" approach; which is discussed very often here to get idea about access concept.
  C.B.
  PS: may be check:
  consolut - C_SHES_TVH - EHS: Specification Value Assgmt with Reference to a Spec.
  Authorization check with usage profile in user parameter
  Define Authorizations - Product Safety - SAP Library
  (sorry describes only old releases but good starting point)

• Creation of user roles

  Hi all,
  can someone please explain me how to create the user roles.
  is this a IMG part of Logistics? please explain me in detail.
  kumar

  PFCG is the T.Code for creating roles,& you need to check in T.Code SUIM, which all are the roles that are currently being used in your organization by entering details, like you can enter T.Code: VA01 & execute, it will give you details of all the roles having T Code: VA01, also if you want to check, for any user that what all are the roles which are assigned to him then enter T.Code: YU03.....roles can be attached to to a user through T.Code: SU01..this part is normally done by the basis guys.
  Reward points if it helps
  Regards,
  N

• Z Creation of Business Role

  Hi,
  I am new in CRM and i want to create a business role for a one is for custmoer and one for Call center Agent.
  i know some tcode like CRM_UI_Profile  and PFCG but dont know how to create it.
  Can you explain me in Step by step manner or any privious Forums or link.
  I have searched privious forums but i did'nt get expected.
  jim

  Hi Jim,
  Yes you can create a Z Buisness Role in the crmc_ui_profile (img activity>>CRM>>Business Roles>>Define Business Role).
  A business Role is made up of several things namely -
  1.Role Config Key : You can create a new or use existing ones.
  2.Navigation Br Profile
  3. Layout Profile
  4.Technical Profile
  5.PFCG Role ID
  Navigation Bar profile is specific to different business roles. It defines what all links you see on the left hand navigation pane on Web UI. E.g. a marketing professional would see different links than a sales pro or a call center agent.
  Similarly you can define other profiles or the use the default profile.You can create a pfcg role id in t-code pfcg and assign it your business role.
  Jim, what would be best is to copy a standard role, e.g IC_AGENT and then customize it according to your needs and change the config key, nav bar, layout, and technical profile as per your requirements.
  Thanks and Regards
  Varun Taneja

• Mass role creation and addition of tcodes to role menu

  Hi Folks,
  We've a requirement of building 1000's of single roles for an implementation. Our security matrix is ready with the role names and the list of tcodes to be embedded in each of these roles. What I would like to know is if we can automate a part of the process of role building i.e the following 3 steps only.
  1. Creation of the Role
  2. Addition of the tcodes in the role menu
  3. Save
  I'm aware of Ecatt/LSMW through which we can create the roles but i'm not sure if we can add the tcodes to the menu of the roles since the number of tcodes to be populated in each role will vary.
  Could anyone of you shed some light if it is possible to automate the addition of  tcodes to the role menu taking into consideration that each role will have different number of tcodes to be added to the menu and what's the best possible way to achieve this if there exists one.
  Thanks in advance for your time and suggestions!
  Guest...

  Whilst I agree that there are probably too many roles being built here, which is more of an issue with the role design / strategy, the issue of how to easily create a role for a given list of transactions is something that SAP supports via the import menu from text file option in PFCG.
  Yes you may need to write a script to cycle through all the possible role names, but we have recently had to build some roles based on actual usage, so exported transaction usage history to excel and then formatted the transactions into text files that could be imported to build the role menu.
  You will still then need to ensure any object authorisation object have the correct values set - i.e. not just starred in - but as one of the pains in build a role is getting the menu to look reasonable, I'd suggest having a look at this approach.
  Copy Menus -> Import from File is the function in PFCG in the menu tab for the role you are building
  OSS note 389675 has details of what the text file of transactions for the menu should look like.
  That should answer the question posed, rather than criticising the role design being followed.

• Need Documents on New Role Creation in SAP

  Hi All,
  i am new to SAP Security and i would like to grow in this field,
  Can any one send me the links for the documents on creation of new roles, objects, Authorizations, transactions etc.
  Thanking you in Advance,
  Savitha.

  Hi,
  I guess you should look on Google for ADM940 and ADM950,
  Its a very detailed book for what ou want.
  Indeed to help you out, Its a very very simple task. But when you read this book keep in mind that there are 3 kinds of roles, Single roles, Derived roles and composite roles.
  Just to give you a heads up :
  Single role :  Role which has Authorization and data is restricted via company code and filed level values
  Derived role : these are derived from Single roles or you can say master role. Difference between single role and derived role is that you can derive say 10 roles from single role however company code can be manage in derived roles.
  So generally how it works is one create a master role which has all the required authorization. Now you don't want people in australia sould approve orders for Texas, US.
  Now there are hundred of companies department accross the glob. you don't want to end up creating hundreds of roles. so you create one master role and then you create derive role from that master role which is most of the time master role replica (keep in mind most of the time but not always so you have to be very carefull) now in derived role all you have to maintain is company codes.
  all the authorizations for all the objects and fields come from master role.
  I hope i am making sense.
  Composite role : its a collection of single and derived roles. Keep in mind you can not put composite role into composite role.
  That was just a heads up you need to read ADM940 and ADM950.

• GRC AC Request Role Creation

  Hello all,
  I noticed that by default GRC AC doesn´t have a Request Type for Role Creation. Normally how this is done? I mean, if someone realizes that a new role is necessary, how can this person report the need for a new role creation? What are my option here?
  Regards,
  SAP Legend

  Hi SAP Legend,
  You can not request a new role to be created via an Access Request workflow. You still need a business governance strategy where someone has to raise a request outside of the GRC system for the new roles through the right channels deemed fit in your company to get the new role made. Maybe you have a support ticketing system in place or some SAP security department you can raise the formal requests to.
  The BRM Role creation/maintenance workflow runs separately from the Access Request workflow. Further more, the definition and creation process of roles via GRC should only involve and be used by Business Process Owners/Role Owners and the Authorisation security team only, i.e. not general end users.
  A role build methodology will have to be set up and then the underlying approval workflows (based in MSMP technology also, like the AR workflow).
  Once the role has been built (either via back end PFCG) or via GRC using the BRM methodology and approval flows, the role will be available to the end user to request via AR.
  Hope that helps.