Direct assigned roles do not disappear

Similar Messages

• Marketing/Sales Online Classifications will not disappear

  Whilst making updates to Classifications, we noticed that a classification category entitled 'Product Event Role' will not disappear from the Classification Categories Lookup, even though all associated codes have been End Dated and Disabled.
  Our understanding is that Classification Categories should disappear from the LOV if there are no enabled Classification Codes associated to them. We have not encountered this issue end dating Class Categories and Codes before.
  Path to reproduce:
  Contact Management Online User -> Find a Person Record -> Click on the Classifications link in the left hand side tool bar.
  In the Categories drop down you will see the Role in product or event decision making (which is the meaning for Product Event Role) and it should not be there as there is no Active Class Codes.
  Anybody know why i can't get rid of this class category (i have no trouble with other ones).

  Is the mouse connected directly to the Mac Pro  or a third party hub?
  And have you tried a different USB port?

• Assign role request through code not going to Operational level

  Hi All
  We are trying to assign roles through code using the OIM API's as suggested in the documentation
  "http://docs.oracle.com/cd/E27559_01/doc.1112/e28183/oim_up.htm#autoId40".
  We have 2 Approval policies one is at Request Level (i.e. Auto Approval) and the other is Operational level(Scope=ALL Scope) with workflow, So once the request is getting raised with the code successfully it is getting completed. The expected behavior is that it should go to the approval workflow attached at operational level.
  When we tried to attach a workflow at the request level, the request is going through Approval workflow attached at request level and once we approve at request level it is getting completed and not going to operational level.
  But we will have Request level as auto approved and Operational level with two level of Workflow.
  Thanks in Advance

  Check whether you have configured Request Type in your approval policy properly for operational level approval. In the Rule Components section check whether you have configured everything correctly. Also dont raise the request from system admin login as it will be treated as a direct provisioning request and your approval policies will not be invoked. Login through an end-user and test it

• SAP MII 14.0 SP5 Patch 11 - Error has occurred while processing data stream Dynamic Query role is not assigned to the Data Server

  Hello All,
  We are using a two tier architecture.
  Our Corp server calls the refinery server.
  Our CORP MII server uses user id abc_user to connect to the refinery data server.
  The user id abc_user has the SAP_xMII_Dynamic_Query role.
  The data server also has the checkbox for allow dynamic query enabled.
  But we are still getting the following error
  Error has occurred while processing data stream
  Dynamic Query role is not assigned to the Data Server; Use query template
  Once we add the SAP_xMII_Dynamic_Query role to the data server everything works fine. Is this feature by design ?
  Thanks,
  Kiran

  Thanks Anushree !!
  I thought that just adding the role to the user and enabling the dynamic query checkbox on the data server should work.
  But we even needed to add the role to the data server.
  Thanks,
  Kiran

• CUP 5.3 sp7.1 - 049:Role assignment to user not executed completely

  Hello Experts,
  Message received in audit information:
  049:Role assignment to user not executed completely
  Can anyone help me with why I am receiving this message?
  =[],id=6129,reqNo=201000139,actionDate=Tue Oct 19 10:40:27 EDT 2010,action=ROLE_PROVISIONING_FAILED,userId=U03776,path=,stage=,actionValue=PR4-300,description=049:Role assignment to user U10025 not executed

  Hi,
  Check that the connector that you have created is working fine and also the user ID that you are using in the backend system is within the valditiy date and all the required authorizations.
  Use remote login and ensure that the user can login with out any issues and has all the required authorizations.
  Rgds,
  Raghu

• Is it not a myth that roles should not be assigned!

  Is it not a myth that roles should not be assigned (auto provisioned) via GRC if user ids are locked? My understanding is roles will get assigned (auto provisioned) to user ids irrespective of user id being locked or unlocked? Thanks

  Hi Raju,
  nope it doesn't. You might be able to set up a mapping for the status but I never tried that.
  Regards,
  Alessandro

• BI analysis authorisations direct assign to user in RSECADMIN

  Hello,
  In RSECADMIN it is possible to directly assign the 'analysis authorisations' to user-id's
  It is also possible to assign the 'analysis authorisations'  to a role via the authorisation object S_RS_AUTH
  Can somebody tell me
  -    what are the pros and cons of directly assigning the analysis autorisations to the users in the RSECADMIN ?
  -    In which situation is direct assigning in RSECADMIN used ?
  -     IS dirtectly assigning to users in RSECADMIN in a production environment critical?
  -     what does SAP propose: directly assigning in analysis authorisations our via a role
  In our case we have the situation of
         BI system with a large number of analysis authorisations. The values of the analysis authorisations should be  
         maintainable in production environment.
         We have also to take in mind:
                            -  Roles are added to users via CUA ( RSECADMIN is not maintainable via CUA)
                            -  Business Objects is coming. So set up the authorisations that they can be used for Business Objects
                            -  Flexible ( new autorisation relevant info Objects)  should be easy adeptable.
         What we want to use is
                                   - assigning analysis authorisations via a single role ( in a composite ) to the user
                                   -  a variable in the analysis authorisations as field value  of a characteristic. In that case the values can be  
                                      assigned dynamically in production.
                                     the data access role has the link to the analysis autorisations in the RSECADMIN.
                                    this analysis authorisation contains variables instead of a fixed field value.
                                    The values of the variables are maintained in a table in a production environment
           Is using directly assigning analysis authorisations to users in the RSECADMIN in  the production environment an  alternative  ? 
      Thanks for your answers
      With Kind Regards,
      Vincent
  Edited by: Vincent Willems on Apr 7, 2011 10:37 AM

  Hello Vincent,
  My way of working is to follow the structure you have in the providing systems. If you have created a role for a production employee then try to translate the roles for the production analysis the same way in BI. You can use the s_rs_auth object. In HR you can use structural authorizations, you can use some programs to set the structural authorizations in BI and that will be done by creating an analysis object and add this to the user involved. Also updates from structural authorizations will be done automatically by these programs. I should not add your own objects to single users, that is a lot of maintenance you do not want. Use in BI the same concept as in the providing systems, it is more clear for anyone who has to work with it.
  Have fun
  Bye
  Jan van Roest
  PS. Did you solve your problem? If so please close your question
  Edited by: J. van Roest on Jul 7, 2011 12:51 PM

• Roles are not inheriting....

  Hi all,
  I changed my UME configuration to make it point to new datasource. In the new datasource, i am using muliple objectclasses (organizationalunit, country and locality)to represent principal group. Now i can see all branches ,which belongs to either of the above stated objectclass, as groups in EP.
  Then I created a role called "WelcomeAll" and assigned it to the root branch(group). But the user who comes under the above group is not able to see the role. I also attached the role to the immediate parent of that user. Still the same problem persists. Only direct assigning of Role to User is working.
  Can someone please guide me.
  Regards,
  Nilz

  Hi Nilz,
  I have the same problem, did you find any solution?
  Br Rasmus

• Portal Roles are not visible

  Hi,
  We have upgraged Portal (Nw 2004s) SP17 to SP18 ,But after upgradation portal roles are not visible for users and Portal adminstors (J2EE_ADMIN ) also.
  Standard roles like System ,user and Content Admin roles also not visible.It shows only blank screen after login to portal.
  It is critial issue .Please suggest how to solve this issue.
  Thanks
  Srikanth M

  Make sure there are no errors in the browser in the bottom left hand corner. Also, are you using a fully wualified name to access the portal? When you were on SP17 were you using standard roles or did you make your own copy of the roles and assign your users to the copied roles?
  If you navigate to the portal content studio directly, can you see the role contents?
  After launching /useradmin and authenticating, paste http://host:50000/irj/servlet/prt/portal/prtmode/preview/prtroot/pcd!3aportal_content!2fadministrator!2fcontent_admin!2fcontent_admin_role!2fcom.sap.portal.content_admin_ws!2fcom.sap.portal.portal_content?sap-config-mode=true into your browser and you are in the content studio.

• Assigning roles to LDAP users through BIP API

  Hi.
  My customer has BIP 11g and OIM 9.1.0.2 running on the same weblogic server (11g). Both authenticate against the same LDAP server.
  One of our desired next steps is to provision from OIM the BIP roles to each LDAP user so every user gets the correct roles (and access to the correct reports) according to the groups he has on OIM.
  I've been searching for info regarding this without success. The BIP API doc does not show any info about assigning roles to users.
  We don't need to manage LDAP users, BIP roles, etc... through OIM. We only need to assign BIP roles to LDAP users.
  Is it possible to make that assignments through BIP API?
  If not, any other ideas? New ideas or different approaches are welcome.
  Thanks in advance.

  In OBIEE 11g which includes BIP the application roles are applied to LDAP users and groups using the Enterprise Manager Fusion Control.
  During the upgrade process from OBIEE 10g to OBIEE 11g the groups do get assigned to these roles transparently so there must be some API to leverage this functionality.
  I would start there, http://download.oracle.com/docs/cd/E14571_01/bi.1111/e10541/admin_api.htm
  There are no specific instructions on accomplishing what you seek but if you have some WLST or Java Skills you should be able to get something prototyped.
  Let me know if that helps.

• Error in assigning role to multiple task

  Hi,
  We are using BAPI BAPI_BUS2175_ROLE_ASSIGN_ADD to assign role to task. It is working fine if we are assigning different role to different tasks. But if we assign the same role to different tasks in a project, it is giving dump while saving the data.
  We are using following sequence in the code:
  1. BAPI_BUS2172_LOAD to load the project
  2. BAPI_BUS2175_ROLE_ASSIGN_ADD to assign role to task
  3. BAPI_CPROJECTS_COMMIT_WORK to save the changes.
  So when BAPI_CPROJECTS_COMMIT_WORK is executing, it is giving dump as follows.
    The exception 'CX_DPR_FATAL_ERROR' was raised, but it was not caught anywhere
    along
  the call hierarchy.
  Since exceptions represent error situations and this error was not
  adequately responded to, the running ABAP program
    'CL_DPR_AUTHORIZATION_SERVICES=CP' has to be
  terminated.
  Could you please let me know what may be the reason for getting dump.
  Regards,
  Anil Salekar

  I can tell you the table where the the role assignments get stored . It is
  DPR_ENTITY_LINK.

• Assigning Roles to Users

  Hello,
  I have created a Role in Portal Content named "TestUser" but when i'm trying to assign this role to a user, Role is not displayed in search list. I have tried "T*" in search option then click on start button but role "TestUser" is not visible. Can any body tell me what is problem behind this asap.
  Regards,
  Amey Potale

  Hi Amey,
  Probably did you give any ROLE ID Prefixes while creating the role.Then search with that prefix.Also the search result will be case sensitive. Anyway try just clicking the start button without giving any search term. It will list you down all the existing roles .This is just for you to verify whether ur role is there or not.
  Else I dont see any reasons why the role is not available .
  Hope this helps,
  Regards,
  Uma.

• SECATT for assigning roles to users

  Hi All,
  How do we make the ECATT to work for the below scenario:
  Users already have roles assigned to them. We need to add a new roles to the users which can vary in number based on the users job.
  A simple ECATT script that was developed to add a single role to a new user does not work in the above case and gives an error of invalid batch input. How do I create a ECATT to assign role to user who already has a set of roles assigned (number of roles assigned to users differ, so I cannot assume to train the ECATT to assign a role on line X). Is there something I am missing while the ECATT script creation?
  We are doing this from a CUA and its very difficult to assume how many roles a user could have.
  Thanks,
  Jay

  Thanks Alex for the insight. For some reason SU10 is slow in the CUA environment and I wanted to avoid it but yes I finally had to use SU10. Talking to one of our ABAPer I came to know that even in their BDC recordings they get the error which I receeived, but he changes his program to skip all the lines with data and then fill the empty line.
  In CUA environment, how do we create ECATT to delete a role from many users?
  Thanks,
  Jay

• What is  the purpose of assign roles to portal please describe

  what is  the purpose of assign roles to portal please describe

  Hi,
  You assign Roles to Users and not to portals.
  Check this to know about Role:
  http://help.sap.com/saphelp_nw70/helpdata/EN/45/c0d8e962336000e10000000a1553f6/frameset.htm
  So a role has contents that a user can see and also privilages that the user can have (UME Actions).
  http://help.sap.com/saphelp_nw70/helpdata/EN/fb/33f520d15f8f4092a60381365620b2/frameset.htm
  When a user is assigned certain roles which have contents and also UME Actions, this user sees them when he logs on onto the portal and also has this set of  privilages.
  Regards,
  Praveen Gudapati

• Vendor Creation ,Partner role OA not allowed for Vendor of a/c group ZLOV

  Dear Freinds,
  I am facing problem of  Vendor creation , i am getting message  PARTNER ROLE OA NOT ALLOWED FOR VENDOR OF ACCOUNT  GROUP ZLOV.
  While creation of  Vendor in Partner function  i  could not  enter  partner number, system is not accepting any data, message is getting as above.due to which i could not create any vendor.
  Presently I am in process/ setting of  ERS functionality in MM,
  now all my Vendor creation is stuck up ,
  please help me how to solve the problem
  Regards
  Dilip

  Hi Dilip,
  Check first have you Define Permissible Partner Roles per Account Group..
  Check the path:
  SPRO-Materials Management-Purchasing-Partner Determination-Define Permissible Partner Roles per Account Group
  Here check whether OA is assigned with ZLOV or not...If no then click on new entries and enter partner function as OA and Vendor account group ZLOV...Save nd come out...
  Now proceed...Hope it helps..
  Utsav