Export users , roles and tablespace definotion

Similar Messages

• Script for Users, Roles,Grant,Tablespace

  Hi,
  Please guide me on the following .
  I am moving database to new Unix server .
  so can I create the script which will check the existing Users, Roles, Grants, Tablespaces from current database and store that data.
  And using same soared data I want to create the same " Users, Roles, Grants, Tablespaces" using the script.
  Can i do this. Please guide me how to do this so I will help me to move database
  Thanks,
  Amol

  You should run ?\rdbms\admin\utlrp (note the ?, which is shorthand for ORACLE_HOME) from the database server. to make sure you have the correct script. You can call sqlplus from Toad easily.
  The script affects PL/SQL only. PL/SQL resides in the SYSTEM tablespace in the SYS schema. You don't have 400G of PL/SQL. It should take a few minutes only.
  The SYSTEM schema WILL be imported. SYS will not be imported, but automagically recreated. The only thing you will miss is Grants which have been made by SYS directly to end-users or roles, outside those defined in catalog.sql
  Sybrand Bakker
  Senior Oracle DBA

• ABAP User Roles and Query for accessing particular T- codes and Reports

  dear Gurus
  I have one problem, i want to know about ABAP User Query ,i have one requirement my user wants to Lock all the HR Std versus Customized reports in T- code SQ01,other department peoples also see the Payslips and Hr personal reports which is harmfull to the dept so i want to Lock all the reports in Std T- code in SQ01 and i have created one Customized User Roles or Query in which the T-codes and Reports are assigned only those particular user can access the T-codes and Std reports .how can it be possible i dont have any idea about user roles and Queries .
  kindly help me out or send me some documents related to user roles and queries
  regards ritesh sharma

  Hi Ritesh,
  https://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/103cafc2-7a64-2b10-14b3-eddb7d324561
  Regards,
  Flavya

• User role and Authority-check ?

  Hello,
  Could you please let me know how are the differences between User role and Authority-check. In a program I do not use Authority-check , And The user is not assigned to user role which contain this transaction ( for this program), Can the user execute this transaction OR he must be assigned to user role which contain this transaction to execute it . Supposing that we do not use any Authority-check in then program.
  Thanks in advance

  Hello Martin,
  I think this answers the OP's question about user not being assigned the role which contains the trxn code. As you have explained in this case the default auth. check for S_TCODE will fail & user cannot execute the trxv. (If i remember correctly the tables for this are AGR_USERS & AGR_TCODES)
  Anyways just to add to the OP's query. Auth. objects are added to profiles which in turn assigned to roles. So if you implement the auth. object in your program the user must also subscribe to the role containing the auth. obj. profile to be able to execute it.
  @OP:
  The transactions PFCG & SUIM might interest you. Also the tables dealing with these stuffs begin with AGR*. You can check the tables for better understanding.
  BR,
  Suhas

• User Roles and Authorizations

  As we know in MM different user have different roles to play and they need different SAP transaction and related activies.
  In SAP we define the particular user who are actually allow to access only certain transactions only?
  What are the steps to do this in SAP?
  Secondly in which stage of implementation we define those user roles and assign duties to them in SAP ?
  bEST Regards,
  Kapil

  u can create the user role using tcode su01 and pfcg for authorization management

• VIRSA tables for users, roles and profiles sync?

  Hello,
  I am in a customer, implementing CC 5.2. At the first time, we tried CC 5.2 in DEV environment, and when everything was OK, we redirect RFC connectors to QA environment.
  After doing user, roles and profiles sync in DEV and in QA environment too, I have 4.500 user (1.100 from DEV + 3.400 from QA) when I recover all users "*" with "user level - risk analysis" from the "Informer" tab.
  It seems that "users, roles, profiles, sync" works like and "APPEND", but I did a COMPLETE syncronization not an INCREMENTAL.
  If I start an analysis for QA environment, CC works properly and only analyse QA users (3.400). But I would like to clean CC tables (users, roles and profiles) in order to have a clean copy of QA in CC.
  Which VIRSA tables (users, roles and profiles) I need to clean?
  It is necessary to do the same with authorization and text objects? Which would be these tables?
  Thanks in advance,
  Victor

  Hi all,
  SAP GRC Support provides a script which allows you to remove a connector since it does delete all data link to it. Anyway, I would recommend a deep analysis of it and find out if it does what you really want to do.
  Víctor, if what you want to do it is just to remove all user, role and profile master data (stored in tables VIRSA_CC_SYSUSR and VIRSA_CC_GENOBJ) you could upload a text file using data extractor functionality with the delete field set to X. Doing so user, role and profile master data will be removed from CC database.
  In order to use data extraction functionlaity you connector must be of type "File Local".
  Be careful about removing data directly from DB since, as Prem states, you might loose the DB consistency.
  Hope it helps. Best regards,
     Imanol

• Query user roles and access

  hi,
  How can query user roles and access in whole database? I want to list username, status, rights, and role
  thanks
  P

  Hi,
  The data dictionary view dba_users has one row per user.
  The data dictionary view dab_role_privs has one row for every distinct combination of user and role that actually occurs ion your database,
  Are you interested in system privileges? See dba_sys_privs.
  Are you interested in individual grants, like the privilege to UPDATE a given table, or the privilege to execute a given stored procedure? See dba_tab_privs. (Don't be fooled by the name; it's not just for tables.)
  I hope this answers your question.
  If not, post some CREATE statements, that create tables, roles, and whatever else you want, and some GRANT statmeents that grant privileges on those objects. Pos the results that you would want to get from those objects and grants.

• User, user roles and previllages

  I have made all the tables under one user for my oracle forms, is it a good approach or should i use multiple users for this and how can i use user roles and villages for oracle forms?
  Thanks
  Hina

  In our organization, we usually has an application owner and another schema with limited privilege to connect to from application (in this case forms). For example we have application owner say DBO which owns all the objects in the application and another user IA_APP is there to connect to database from application. Privileges such as SELECT, INSERT, UPDATE, DELETE is given to IA_APP user. Object access is provided through public synonym. You can do analogy to this in your application and database.
  Regards,
  Virendra

• Is it possible to export user settings and import into same environment?

  Hi guys,
  I exported a user profile settings into a file and triedd to import saved file into same environment where I exported, but I am getting following error
  "Login name already in use"
  I followed the same process for restoring groups.Exported groups into a file and imported saved file into same environment, I was successfully restored thr groups.But I am failing to restore the user settings.
  Any help or suggestions on this issue is greately appreciated.
  Thanks in advance!

  Importing into the same environment is not supported.
  Instead, you could create all the test users in production with all the roles and then deactivate the user, so they are not usable.
  After you overwrite the non-production DBs with the production DB, you could then run a script (you will have to create it first) to activate all the users.
  Will this work for you?
  Segal

• User roles and role mapping

  I've just start as an intern in Change Management team that is helping to implement SD. My two tasks are to "develop SAP user roles specific to the new business processes" and "manage the role to position mapping for provision of security roles." None of the real employees in my team has ever done this, and my manager is now on three weeks leave. I'm new to SAP and I don't really know where to start. Can anyone offer any advice, or point me to some references? Thanks.

  Intern,
  Its a pretty cold manager who will dump a task on a inexperienced subordinate without any guidance or mentoring,  and then take three weeks off.
  Anyhow, you first need to get some insights as to what the expectations of the client are:  What type of users will there be?  What tasks will each user be responsible for carrying out?
  You also will want to collect a list of names of the actual users. Your Basis people will tell you which bits of data will have to be collected in order to create users on the system
  Next, you need to talk to the SD expert on your team about the solutions that will be implemented.  Quotes? Consignment? Scheduling agreements? Pricing? Customer Service? Marketing?  Customer Master? Material Master? The SD expert should be able to tell you at a very minimum which transactions should be made available.
  There are standard roles available delivered in the system.  These are pretty much un-usable as delivered, but they make a good starting point.  Review http://help.sap.com/erp2005_ehp_04/helpdata/EN/b4/3f9c41919eae5fe10000000a1550b0/frameset.htm
  and
  http://help.sap.com/erp2005_ehp_04/helpdata/EN/06/57683801b5c412e10000009b38f842/frameset.htm
  Once you have all the info needed from the client and your SD experts, you then design the supporting roles at a high level. I usually use an Excel Spreadsheet with two tabs:  One tab listing roles to be developed, with all the transactions and authorization object limitations for each one;  and another tab listing Users and the supporting data needed to create a user.  If you are a Basis expert, you already know the next steps.  If not, then you typically hand your designs to the Basis team for creation of the actual Roles.
  Good luck.  Remember not to treat your interns the same way you have been treated.
  DB49

• Programatically creating users, roles and insert them into Jazn xml

  Hi All,
  I am using ADF 11G and ADF BC to develop my application. Whenever a user is created an entry will go into OID and into DB. Admin will apply the roles and users for that roles through application. Once the administrator assigns the roles, the user need to see the appropriate menus based on the roles assigned.
  If I use ADFSecurity, then I need to redeploy the application each and everytime an user is created and a role assigned to it. But I have to avoid the redeployment step. When ever admin assigns a role while approving the user, the same should be reflected in Jazn, so that I can use the securityContext to generate menus dynamcally.
  Is there a way to do programatically the below:
  1. Creating roles
  2. Assigining Users
  I want to use the functionality of ADFSecurity but programatically.
  Any information/links/guidance is much appreciated.
  Thanks,
  Morgan.

  Morgan,
  You can configure WLS to use OID instead of jaxn.xml file.
  [url http://download.oracle.com/docs/cd/E14571_01/core.1111/e10043/toc.htm]The security guide should be good reading for you.
  Best,
  John

• User Roles and Rights

  Hi,
  I would like a particular user, r012, to be able to do user admin management.
  I granted "User Management" and "User Security" rights to this user, but they are still not able to, for example, reset someone else's password. It says "permission denied".
  I also created a role called UserAdmin, and assigned those two user rights to that role. When r012 su's to UserAdmin, they can then do most user management, although they are still not able to grep /etc/shadow, which I would like for them to be able to do to determine if a user is locked.
  1. Does a user have to su to a role to be able to do user management? Can't I just assign those user management features to them and they can stay within their own account?
  2. Is there anyway to grant the ability to grep /etc/shadow to a user?
  Thanks.

  /etc/shadow by default is read-only for the owner only, and the owner is root. What you can do is either assign the rights to the user to have access to such files, or create a role that allows them to do this. One way to do this is to assign the rights to the user via the SMC. For example, I can assign the role of primary administrator to a user, who can then use pfexec from a regular shell without having to su to root or some role. To grep /etc/shadow from a regular shell, you can type pfexec grep user1 /etc/shadow, and then pfexec passwd user1. No su'ing into root or a role is needed. You can assign whatever commands or rights are necessary to accomplish the function.

• Defining BI Power User Role and Authorizations

  We are looking for information/best practices/guidelines pertaining to defining BI Power Users and the appropriate authorizations to attach to this role.  Our Power Users are asking for approval to access several transactions within BI, specifically within RSA1. I am curious to know how you define your power user role(s) and to what extent they have access to BW itself (i.e. BEx, Web Designer, direct access to BW transactions such as listcube, RSA1, RRI, ability to update custom tables, ability to access the data model structure, etc )? Do your power users have access to develop production queries in DEV and test in your QA environment or are they restricted to ad hoc queries in Production? Have you seen any best practices or guidelines from SAP surrounding appropriate authorizations for Power Users? Any information you would be willing to share with us would be most appreciated.

  Hatem,
  You have an option to use the old method however it's recommend to use analysis authorizations going forward.
  Take a look at the sap wiki for analysis auth for more info or search the site for other good info.
  https://www.sdn.sap.com/irj/sdn/wiki?path=/display/bi/authorizationinSAPNWBI&
  Cheers,
  Ben

• User Roles and System Privilegies????

  I need to know “MY_USER” Roles and System Privilegies.
  What query do I have to execute?
  Thanks!

  Querying DBA_ROLE_PRIVS will give you the roles a user has been assigned. Querying DBA_SYS_PRIVS will give you the system privileges a user has been assigned.
  Justin
  Distributed Database Consulting, Inc.
  http://www.ddbcinc.com/askDDBC

• Get inf. about user, rol and group, which shows and works on my webdynpro ?

  Hi everybody,
  Can someone help me? I need the information about rol and group of the user, who's show and work on my webdynpro?

  Hi,
  You can use the below code to get the information you need. You need to add the jar file com.sap.security.api.jar to your Web Dynpro project's build path.
         IRoleFactory roleFactory= UMFactory.getRoleFactory();
      IGroupFactory groupFactory = UMFactory.getGroupFactory();
      try
       IWDClientUser wdUser = WDClientUser.getCurrentUser();
       IUser user = wdUser.getSAPUser();
       Iterator assignedRoles = user.getRoles(true); // true means all the roles are searched recursively
       Iterator assignedGroups = user.getParentGroups(true); // true means all the groups are searched recursively
       while(assignedRoles.hasNext())
            String roleID = (String)assignedRoles.next();
            IRole role = roleFactory.getRole(roleID);
            String roleName = role.getUniqueName();
       // Fill your model node with the role
       while(assignedGroups.hasNext())
            String groupID = (String)assignedGroups.next();
            IGroup group = groupFactory.getGroup(groupID);
            String groupName = group.getUniqueName();
       // fill your model node with group.
      catch(Exception ex)
           messageManager.reportException(ex.getLocalizedMessage(),false);