End User Rules

Similar Messages

• End User Rule View Access Denied

  Hi,
  This has been discussed here, but after trying all possible options it still doesn't seem to be working.
  I am using a rule in a end user task, which throws "View Access Denied to Subject on Rule" error.
  I've set the rule authType to "EndUserRule" and
  <ObjectRef type='ObjectGroup' id='#ID#All' name='All'/>
  for MemberObjectGroups.
  Still it would keep throwing same error. I even used:
  <RunAsUser>
  <ObjectRef type='User' id='#ID#Configurator' name='Configurator'/>
  </RunAsUser>
  Still not success.....??? Any idea what could be wrong?
  I am using IdM Version 5.5
  -Thanks

  Hmmm...
  Seems to be working now...all I did was a restarted the application server??? Tried the same steps again in a different environment, and worked without a restart. Must be something odd with one particular environment.
  -Thanks though for the reply!
  -\

• How can end users execute rules files ?

  There is a need to have Hyperion Planning end users kick off a rules file in EAS. Obviously we can not give end users access to EAS to execute a SQL based rules file. Our Admin is now executing the same rules files 20 times a day. What is the best way for the end user to execute a rules file themselves or load data to Essbase from a SQL source ?
  Thanks

  Thanks for the suggestions. The first reply of using the MaxL script to call the load rule is what you would do if you were an administrator. My problem is that this solution is for end users and they would need to somehow need to use a Remote Desktop Protocol to log into a server and call a batch file that contained the MaxL script to load data.
  The second reply seems a little bit more elegant in that the end users could theoretically kick off a data load by executing a BR that calls an ODI Package. This way, the users don't have to leave the Planning Application to load data.
  We do use ERPi and therfore we do have ODI, but I'm new to ODI and it would take me awhile to piece together all the moving pieces to make this work. I guess the first reply is my path of least resistance so I'm going to give it a try. I'm more perplexed however, in that we can't be the only company out there that has a need for the end users to execute a load rule at their own discretion. Are there any more suggestions out there ?
  Thanks Gurus.

• Essbase parent level aggregation business rule for end users

  Can someone provide me the basic syntax of a business rule to allow end users within Planning to run a run time prompt business to aggregate their responsibility level within a dimension like Cost Center? So for example, I want to allow a cost center manager to pick his parent level cost center and then run the aggregation script to rollup only his cost center expenses. I've tried to include AGG and CalcDim commands with various global variables to enable them to select the cost center fix point, but the aggregation doesn't seem to produce the right results. Anyone have a workable syntax for this?

  If you are just trying to agg the children up to the parent it is even simplier I'll assume you are trying to roll up the company to some intermediate level
  Say you have the outline
  company
  ---East
  ------NY
  -----NJ
  ---West
  -----Ca
  -----Az
  and you want to roll up East you could do something like
  FIX (FY10, Final, Actual)
  @IDESCENDANTS("East");
  ENDFIX
  Of course I would add more into the fix to do the least work possible
  The command Idescendants really means calculate all of the descendants of the selected member. I guess if you wanted to make it more efficient you could add the level command into it
  like @idescendants("East"",-1) that would avoid looking for anything to do on the level zero members

• Help! ADF default behavior rejected by end users...

  Hi,
  We have built an ADF 11g application during the past months. Last week we had our first user acceptance test with a small group of users. The users were very satisfied about the nice looks of the screens. But they had quite a lot of issues with the default behavior of ADF. I'll provide a list of the most important issues below. I hope more people here at OTN have experienced these issues and perhaps have some workarounds. And perhaps Oracle can use lists like this to improve the next version of ADF...
  <ol><li>Multi record edit<br>We have a lot of multi record edit screens. These are all editable tables. Those tables have the following problems:
  <ol type="a"><li>Whenever a partial refresh occurs, the whole table gets reloaded. This takes some time, which is uncomfortable. But the main problem here is that the table does not preserve the scroll bar position. The situation can be improved a little bit by setting the <tt>displayRow</tt> attribute to <tt>"selected"</tt> on the table. This will cause the table to show the selected record at the top of the view port after a refresh. But this still confuses the end users. In their experience the records are randomly jumping around.</li>
  <li>Records are not always inserted at the bottom. (In fact, they are inserted above the selected record.) End users simply expect records to be inserted at the bottom of the table, no matter what. And I can't disagree with them. Isn't there a setting to achieve this in ADF?</li>
  <li>Whenever the user navigates to another record in the editable table, all validation rules on the record he navigates from are fired. That means he cannot leave a required field empty to fill it later. The end users say this is very annoying. We would like to delay all validation until the user presses the Commit button. But as far as I know this is not possible, is it?</li>
  <li>The selected record position is not preserved on a full refresh. Our Commit button forces a full refresh of the page. This sounds like a sensible choice to me. However, users tend to click on Commit quite often. But after a full refresh of the page, the currently selected record in a record set is always reset to the first record in the set. In a large data table, this annoys the users very much. Isn't it possible to preserve the selected record over a full refresh?</ol>
  <li>Annoying validation errors<br>Many end users are annoyed by the somewhat "persistent" validation error messages. In a larger form or an editable table, users sometimes want to ignore an error and first enter other data, before correcting the error. This is hardly possible, because ADF sets the input focus to fields with errors and keeps popping up windows with a list of fields that have errors. We would like to make the validation less "aggressive". It is okay to give a field a red border if it contains an error. But leave the input focus where it is. And don't show any popup until the user presses the Commit button. And even then show the popup window only once.</li>
  <li>ADF BC caching and business rules in the database<br>We have some business rules in our database that automatically fill some fields with default values. We have e.g. a master-details relation, where a value in the master record is calculated based on the values of the detail records. We have set the calculated field in the master record to "refresh after update" and "refresh after insert". Sometimes the value of the field gets refreshed, but sometimes not. Users know that the field should be calculated by "the system", and are asking if they did something wrong if it doesn't. I know we could do the calculation in ADF, but our policy is to have all business rules in the database and to not repeat ourselves (DRY). Is there another way to guarantee that the calculated value in the master record gets updated after an update or insert of one or more detail records?</li>
  <li>Partial refresh loses data<br>If a field causes a partial submit to occur, fields in the same record that were not (partial) submitted before lose their data. This forces us to enable partial submit on all fields. But that causes a delay after moving the focus to the next field and validations to be fired too early.</li>
  </ol>
  I've numbered the items above, please use these number as a reference if you're posting an answer to a specific question.
  Please let me know any solution, even if it is only a partial solution. We've a nasty situation now. Our application is (nearly) finished, but it is blocked for production by the users because of the behavior of the ADF framework, on which we have very little influence. We can't blame the users for that, most of their criticism is fully justified. So we have to come up with a good solution for these issues before we can go to production. So any help would be highly appreciated!
  Best regards,
  Bart Kummel
  PS.
  We're using JDeveloper/ADF 11.1.1.1.0, we deploy to a WebLogic 10.3.1 server and we have an Oracle 10g database. We're using the full ADF stack: ADF Business Components, ADF Bindings and ADF Faces.

  Hi Bart,
  I can answer for few of your questions.
  Bart Kummel wrote:
  Hi,
  We have built an ADF 11g application during the past months. Last week we had our first user acceptance test with a small group of users. The users were very satisfied about the nice looks of the screens. But they had quite a lot of issues with the default behavior of ADF. I'll provide a list of the most important issues below. I hope more people here at OTN have experienced these issues and perhaps have some workarounds. And perhaps Oracle can use lists like this to improve the next version of ADF...
  <ol><li>Multi record edit<br>We have a lot of multi record edit screens. These are all editable tables. Those tables have the following problems:
  <ol type="a"><li>Whenever a partial refresh occurs, the whole table gets reloaded. This takes some time, which is uncomfortable. But the main problem here is that the table does not preserve the scroll bar position. The situation can be improved a little bit by setting the <tt>displayRow</tt> attribute to <tt>"selected"</tt> on the table. This will cause the table to show the selected record at the top of the view port after a refresh. But this still confuses the end users. In their experience the records are randomly jumping around.</li>You can set the fetchSize in the iterator to a minimum value (Say if you are displaying 20 records in the table at a time, you can set the fetchSize to 20, so that, it will fetch only 20 records at a time, and the remaining records on demand basis, i.e they will be fetched when you scroll in the table).
  <li>Records are not always inserted at the bottom. (In fact, they are inserted above the selected record.) End users simply expect records to be inserted at the bottom of the table, no matter what. And I can't disagree with them. Isn't there a setting to achieve this in ADF?</li>I suppose you are using the default createInsert operation. You can write your own method instead of the default createInsert, which would have something like
  public void customCreateInsert(){
  vo.last();
  vo.createInsert();
  }You can expose this method as method action and use it in place of default CreateInsert.
  <li>Whenever the user navigates to another record in the editable table, all validation rules on the record he navigates from are fired. That means he cannot leave a required field empty to fill it later. The end users say this is very annoying. We would like to delay all validation until the user presses the Commit button. But as far as I know this is not possible, is it?</li>You can set the immediate property to true for the column for which you want to skip the validation. However, the validation will fire when you submit / commit the changes (which is expected).
  <li>The selected record position is not preserved on a full refresh. Our Commit button forces a full refresh of the page. This sounds like a sensible choice to me. However, users tend to click on Commit quite often. But after a full refresh of the page, the currently selected record in a record set is always reset to the first record in the set. In a large data table, this annoys the users very much. Isn't it possible to preserve the selected record over a full refresh?</ol>Again, you can have a custom method, which would get the current row, commit the transaction and do a setCurrentRowWithKey to point to the last selected record after commit.
  <li>Annoying validation errors<br>Many end users are annoyed by the somewhat "persistent" validation error messages. In a larger form or an editable table, users sometimes want to ignore an error and first enter other data, before correcting the error. This is hardly possible, because ADF sets the input focus to fields with errors and keeps popping up windows with a list of fields that have errors. We would like to make the validation less "aggressive". It is okay to give a field a red border if it contains an error. But leave the input focus where it is. And don't show any popup until the user presses the Commit button. And even then show the popup window only once.</li>You can add a af:messages tag in the top and set globalOnly to true. Also, set the immediate property for the items to skip the validation when they tab out.
  <li>ADF BC caching and business rules in the database<br>We have some business rules in our database that automatically fill some fields with default values. We have e.g. a master-details relation, where a value in the master record is calculated based on the values of the detail records. We have set the calculated field in the master record to "refresh after update" and "refresh after insert". Sometimes the value of the field gets refreshed, but sometimes not. Users know that the field should be calculated by "the system", and are asking if they did something wrong if it doesn't. I know we could do the calculation in ADF, but our policy is to have all business rules in the database and to not repeat ourselves (DRY). Is there another way to guarantee that the calculated value in the master record gets updated after an update or insert of one or more detail records?</li>We need some more information. Do you see any "pattern" on which this things occur?
  -Arun

• End User Role for Service Desk in Solution Manager

  Hey,
  I am launching the Service Desk functionality for my End Users. One thing that i want to know of is the role that I should assign my user in Solution Manager to access his message. E.g.
  I have a user 'A' who creates a message from any system in my landscape:Test, QA, Dev or Production. Now this message reaches in Solution Manager and is assigned to a certain Support Team according to the rules I defined. Now the personnel of Support Team needs some feedback from the end user who created the message. For that the user 'A' has to log into Solution Manager, access his message and enter the details which the Support Team requested.
  I want to know that what Role should i give to this user 'A' so that he is able to access ONLY the messages that he created i.e. "Reported by" field showing user 'A'; and is able to view and edit them.
  If I give him the role SAP_SUPPDESK_CREATE and SAP_SUPPDESK_DISPLAY, he is just able to see the messages, all of them, but is not authorized to edit any. Please help me out in this matter as i need a solution asap.
  Regards,
  Bilal Nazir

  Hi Nazir,
  Create a role and add this t-code manually.
  CRM_DNO_MONITOR - Transaction Monitor
  This is will definitely solve your problem.
  Feel free to revert back.
  Thanks and Regards,
  Ragu
  ERP,
  Suzlon Energy Limted, Pune
  Extn: 2638
  +919370675797
  I have no limits for others sky is only a reason

• Need AR End User Manuals

  < MODERATOR:  Message locked.  Please read the [Rules of Engagement|https://www.sdn.sap.com/irj/sdn/wiki?path=/display/home/rulesofEngagement] before posting next time. >
  Hi I am in need of detailed End User Manuals for AR. Please help on this one.
  I am looking at things like posting invoices, posting incoming payments, clearing, clearing with posting etc
  I am in need of them at the earliest.
  Regards
  Suresh

  Apologise for the delay in my response. Thanks guys for your help.
  What I am looking for is detailed information on transaction codes like FB01, F-30 etc. For Example : we use transaction code FB01 for posting any financial document for a customer instead of using FB70 / F-22 (genral posting). These are extensively used in our organisation rather than usign the conventional ones.
  Hence, I am looking for documents which give in-depth knowledge on all the transaction codes along with complex scenarios while posting documents. Most of the websites give details on T-Codes like FB60, FB70 etc....but nothing on T codes like FB01 etc. I want a place where I can get in-depth and complex scenarios for each T-code.
  Any help on this is greatly appreciated.
  Regards
  Suresh

• ChaRM: approving of a change request by various list of end users

  Dear, experts.
  Can I customize ChaRM so, that before initiating change request  a support message should be approved by  by various list of end users depending on component (component A - list 1, component B - list 2)?
  For example some end-user wants to change  established business-process. In this process are involved other end-users, so to trigger changes he have to ensure that other end-users are agree.
  can you suggest any profitable solution?
  thanks in advance

  Hey talgat,
  what you need is an action that uses pfac (it s a transaction for defining rooting rules). Thanks to this transaction you can define rules that will be based on different fields of ticket od crmd_order to assign the right person to the ticket
  There is a standard action that does those kind of things called SLFN0001_ADVANCED_FIND_PARTNER of action profile SLFN0001_ADVANCED available in transaction sppfcadm. You ll notice that this action uses rule id AC13200137. Well you ll need to define your action that will be alike with your own rule that you ll have predefined in transaction pfac.
  Use a copy of the standard rule AC13200137 to do your own; it will ease the task for you.
  PS: this link could maybe help your understanding
  Support Team Determination
  Hope this helps
  Regards
  Khalil

• Need to provide Delegation part to End Users

  Need to provide set delegation part to end users. So, we have provided link to delegateWorkItems.jsp to end users. By that way, the end user can open the builtIn form “End User Delegate WorkItems”, How ever, the user is not able to get users to delegate by searching lighthouse users.
  And if the user has any capability, then the user is getting users to set delegating from end user page. But I don’t want to give any capabilities to users.
  I have done the following things in my system, But got failure result
  Have written rule to get AllMatchUsers in Separate rule library.
  <Rule name='getAllMatchUsers'>
  <RuleArgument name='userAccountId'/>
  <RunAsUser>
  <ObjectRef type='User' id='#ID#Configurator' name='Configurator'/>
  </RunAsUser>
  <invoke name='getUsers' class='com.waveset.ui.FormUtil'>
  <select>
  <ref>context</ref>
  <ref>:display.session</ref>
  <invoke name='getLighthouseContext'>
  <ref>WF_CONTEXT</ref>
  </invoke>
  </select>
  <map>
  <s>conditions</s>
  <list>
  <new class='com.waveset.object.AttributeCondition'>
  <s>name</s>
  <s>startsWith</s>
  <ref>userAccountId</ref>
  </new>
  </list>
  </map>
  </invoke>
  </Rule>
  And have called this rule in “Administrator Library” (BuiltIn Lib) at t”oUsers” Field as Value.
  Please suggest me.

  Hi,
  <call name="LIB_Rules:getAllMatchUsers">
  <map>
  <s>userAccountId'</s>
  <s>emp001</s>
  </map>
  </call>
  I have used the above code to call rule, then it has not worked.
  But by the below code its working fine. How ever, I don't know the reason (IdmVersion is 7.1).
  <rule name='LIB_Rules:LEX_RUL_getAllMatchUsers'>
  <argument name='userAccountId' value='emp001'/>
  </rule>
  Thanks,
  Ravi.

• Defining end user requirements

  Hi I'm new to discoverer and I would like to know how do you go about defining end user requirements. Is there some sort of rules or documentation around to help with this analysis stage, because I'm told that you need this sort ofinformation to enable you to build the EUL and the business area.
  Thank you in advance.
  Maria

  maria,
  well you would first want to identify needed reports capability of your user base. Then locate the current report base to see if some of the requests are already handled. The GAP could then be identified as a GAP in reporting Requirements. As you go through the reports requests you can identify needed data and fields. Then group that data into related items, or related functional needs.
  Christopher

• Catch Exception - End User Form

  Our end user form requires that we display the manger of the end user. We have the manager id stored for the logged in user so we grab the id and get the fullname. This functionality works fine.
  <br><br>
  The issue is if an id pointing to a manger that does not exist! Basically, an invalid id (no corresponding user exists) then the following error is thrown:
  <br><br>
  XPRESS exception ==> com.waveset.util.WavesetException: Can't call method getObject on class com.waveset.ui.FormUtil ==> com.waveset.util.InternalError: ID not passed to ObjectCache.getObjectIfExists
  <br><br>
  How do we capture this or any other error on an end user form (not a workflow)? Or do we need to check to see if the user exists before we try to get the fullname? And if so, how?
  <br><br>
  The last part of my code to get the fullname:
  <br><br>
  <RuleArgument name='mgrPersId'/>
  <cond>
  <notnull>
  <ref>mgrPersId</ref>
  </notnull>
  <invoke name='getObjectNames' class='com.waveset.ui.FormUtil'>
  <new class='com.waveset.session.InternalSession'/>
  <s>User</s>
  <map>
  <s>conditions</s>
  <list>
  <new class='com.waveset.object.AttributeCondition'>
  <s>name</s>
  <s>equals</s>
  <ref>mgrPersId</ref>
  </new>
  </list>
  </map>
  </invoke>
  <null/>
  </cond>
  </Rule>

  Please suggest anyone.... Its Urgent....
  Regards,
  Vinash

• OIM : End user should be able to edit his resource data

  Hi,
  When the end user logs in and requests for AD resource, he does not see the AD resource form. All the data for the form is prepopulated according to some predefined rules. What i want to do is to allow the End-user to modify his AD form data.
  How can i do the above?????
  What privilages do i have to grant to End Users???/
  Kindly Help.
  null

  Hi,
  So here are my thoughts...
  1) The only fields that should go into the resource form are those fields that you want a requester (or approver) to modify or see during a request workflow. If it is provisioning related, for example, the uSNCreated of an AD User, it should not go on the Resource Object form (let's call it the object form from here on out). Also, you can have fields on the object form that don't ever need to go on the process form (provisioning process)... and these would be request related fields, not provisioning.
  2) This is where we need to be specific about terminology.. Resource Administrators are those people that can modify the resource... typically they have access to the design console... for some reason, I don't think you mean these people, right? You mean the people who will approve the requests, right? If that is the case, you can have them just see one form or the other, and you can also give them rights to modify one form or the other. This is done at the group level through Permissions and Menu Items (a combination).
  3) Resource Object Data Flow trumps pre-populate. (I am like 99% sure on this.. I would have to test it to be sure.. I believe it is the same as Access Policies, which does trump pre-populate adapters)
  4) I have NO clue :) I would love some improvements in the forum... especially separating out the products in the IDM stack into their own forums.
  Good luck,
  Deborah

• Role of an end user

  hai
  everyone
  can any body tell me wht is the roll of the end user and what he will do as an enduser wht r the authorisations given to the end user
  as i was told to train end user
  thanks
  theja

  Hi Theja,
  The other end user role could be of a payroll manager who would be responsible for the payroll process. For this, you will need to give them authorizations to PA03, PC00_MXX_CALC, Posting to Finance program, Drill Down reporting, Wage type reporter for reconciliation, Pre-DME and DME program etc.
  You will need to provide them with manuals for releasing the payroll, running the payroll, releasing the payroll for correction, Posting process, Exiting Payroll, Creating DME file etc.
  You may also include a spreadsheet with the commom errors during a payroll run like employee being locked, no bank details, no work schedule rule so that they can correct the error immediately.
  Hope this helps.
  -Akshay

• Websecurity and End-user-notification with HTTPS proxy

  Hi all
  I would like to setup HTTPS-proxy functionality in a deployment. Most of the rules are "pass-through" and only a few would then be configured for drop or decryption.
  But if i set the connection to drop it is not possible to display an End-user-notification for the endusers. Is there any chance to display an End-user notification to the enduser while dropping or denying https access to a particular group ?
  If yes, is the End-user notification then displayed in normal http connection or in a https connection ?
  Did i use for that a trusted certificate to correctly display the end-user notification without to pop-up a certificate failure (because self-signed certificate is in place at the moment) ?
  It would be great, if you have some answers for some of those questions.

  Andrew,
    See if the below may be modified to do what you want.
  barbee.
  Cisco Ironport Advanced Services
       * This function checks for the category and redirects the user.
       *  -- 2010 june 16. barbee.
      function checkForRedirect() {
          var category = document.getElementById("category");
          if ( category.value == "Search Engines" ) {
              window.location = 'http://www.ironport.com';
  OTHER STUFF

• Unexpected ends of rule "Check Connection" (id= CIR 01200)

  Hi,
  I'm new with Business Objects and I'm facing lots of error messages into some Universes .unx built in our BO system that I don't know how to solve them.
  For example this one, in a .unx universe, when I check integrity in the .dfx part, I receive the error message:
  Unexpected ends of rule "Check Connection" (id= CIR 01200)
  I've seen in this manual (http://help.sap.com/businessobject/product_guides/boexir4/en/SMP/xi4sp5_release_notes_en.pdf ), in page 118:
  ===
  ADAPT01560327
  Description
  In the information design tool, when performing an integrity check, the system sometimes inappropriately
  prompts for login credentials for a user previously logged into the same repository. When the user cancels,
  an error message is displayed: "Unexpected ends of rule "Check Connection" (id= CIR 01200).
  New Behavior
  This problem is resolved.
  Limitations
  ===
  But I have no idea how to solve it and I don't see any prompt for login  credentials.
  May someone help?
  Thanks a lot

  Hi,
  I've found the following OSS Note:
  1617204 - BI 4.0: In Information Design Tool, performing the integrity check prompts for login using the previous session's credentials
  Unfortunately for me, in the OSS Note is said that this is solved after version 4.0 SP3, and I'm running SP5, so I had to open a OSS Note to check it with SAP.
  If solved, I'll let you know the solution.