GP Action Assignment to a role
I have a create <> approve request process
Need to understand following scenario
1. I have assigned approval step to the a Role/Group rather than an individual user. The whole group has a common inbox that they would be able to open from their respective machines. One of the member of the group logs in and start working on Request 1.
Now, if another user with approval role comes in and tries to open the same request (Request 1). How does GP handles such a scenario??
Regards,
Nitin
hi nitin,
I also implemented the same scenario in my project but in different way.
i will send the approval request to a group of users.
The following is the flow of my process.
1.action1 creation
2.the created action will send to the multiple users.
3.action 2 (the whole users which is assigned for approval role can see the created request's detail in a read only format).
4.And they have to press the button accept ,then i will assign following action to this user.
5.The user who accepted the request will get the chance to give approval for the request.
And when the user press the accept button at the same time the action will go away frm the other users inbox
i thin this will help you..... if u have any doubt please let me know
With Regards
Shanto Aloor
Similar Messages
-
Assign Self Registration Role...
Hi Experts,
I configured Self Registration User and is working fine. My problem comes when I assign roles for only new users automatically. I created one role "X" and I want to assign it as default for all new users only. This role is assigned with "Everyone" group and for this reason appears for all users and not only for the new ones.... How can I assign only my role "X" to the new ones??? I assigned the action "ume.selfregister_user"; to this role and the Groups "Everyone" and "Anonymous" and the problem again is that appear for all users... if I take out the group "Every one" is not showing anything the new users.... What else Could I do???? If I only assign the anonymous group to my role is still not working.... I will be appreciated.....
RegardsDavid,
You should assign the self-registration role to the group for anonymous users. When users come to the logon screen then the self-registration option should appear for everyone (assuming there is no SSO). That is because they have not authenticated yet and are therefore anonymous.
-Michael -
Need to Assign read-only roles to a user in EP
Hello,
I am currently facing a situation wherin I need to assign read-only roles to a user. I need to assign the user admin, system admin and content admin roles to him, but all with read only permissions. Could someone kindly direct me as to how this can be done in EP7.0?
Thanks in advance and best regards,
Karthik.Hi Karthik,
first, welcome on SDN!
About your question:
Ganesh already showed the way for the PCD. Anyhow, the content admin also can accedd the KM content (if installed); so for KM the settings have to be done, too, i.e. defining only read-permissions for this user on all repositories.
The same holds for System-Admin - Permissions - Portal Permissions, here under the different sections only read access permissions would have to be set.
Anyhow, some areas cannot be restricted in this way, for example the User Management. This could be done only via http://yourserver/useradmin and there via ROLE actions (and not per user).
Still, some areas certainly will stay problematic, so that one maybe would have to strip down the standard roles (create a delta link copy of the content and then remove the problematic areas).
Hope it helps
Detlev
PS: Please consider rewarding points for helpful answers on SDN. Thanks in advance! -
Hi,
I am unable to assign CCM views to a role in PFCG.
Out CCM system is on a different client to EBP system, when I try to assign a view I get 'action cancelled'.
Has anyone any ideas?
Thanks
ChrisChris: to confirm your statements, I need to know what logon option you're using for CCM: SingleSignOn (SSO) or Anonymous Logon with Service User (AL).
From your post, my guess is you're using SSO, so I'll reply having SSO scenario in mind.
<i>The users who will shop must exist in the CCM client.</i>
Not necessarily. If you use the CCM-USER parameter in the call structure, then you don't have to have all your shopping users in CCM.
<i>They only need the /CCM/CATALOG_SEARCH (or equivelant)role assigned</i>
Yes
<i>The catalogue view is assigned to this role.</i>
Yes
<i>This means that the web service I have defined in EBP for the catalogue shouldn't have CCM-USER and CCM-PASSWORD defined as parameters.</i>
Depends. If you create all your shopping users in CCM and assign search roles to them, then you don't need to include CCM-USER in the call structure. However, you may choose not to create all your shopping (named) users in CCM. Instead, you can create a <b>non-named</b> user for each search role in CCM. Then you can enter these users in the CCM-USER parameter in call structures. Views will be determined based on roles assigned to these users.
This latter approach makes sense, for example, if you have just a handful views/roles. So, to re-iterate, you can assign these views to roles, roles to non-named users (in CCM), enter non-named users in the call structure(s), assign logical catalog(s) as required in Org Plan (in EBP). If you're familiar with Requisite, BugsEye integration worked in a similar way (except for roles).
Note that parameter CCM-PASSWORD is not required in the SSO scenario, even if you use CCM-USER.
Cheers,
Serguei -
Error while Assigning database level role (db_datareader) to SQL login (Domain Account)
Team,
I got an error while creating a User for Domain Account. Below is the screen shot of the error (error : 15401)
Database instance is on SQL 2000 SP3. ( I know it is out of support, But the customer is relutanct to upgrade)
On Google search, i found below article which is best matching for this error
http://support.microsoft.com/kb/324321
I have follows each step of troubleshooting. But still the issue persists.
Step 1. The login does not exist == The login is very much exist in the domain as i am able to add the same domain id to other database instances
Step 2. Duplicate security identifiers == i have used this query to find duplicate SID
/* SELECT name FROM syslogins WHERE sid = SUSER_SID ('YourDomain\YourLogin') */
But there was only one row returned with create date of today's.
Error while Assigning database level role (db_datareader) to SQL login (Domain Account)
Step 3. Authentication failure == Domain is available. User is able to login on other servers via RDP connection.
Step 4. Case sensitivity == Database collation is set to Case insensitivity. (CI)
Other two 5. Local Accounts & 6. Name resolution == is not applicable to me.
I tried other ways also.
A. Creating login and providing permission in one go only = User account is not created
B. Instead of GUI, use query to create login and provide required permission = Same error.
Does anybody has faced any such situation
ChetanSee the below output
srvid
sid
xstatus
xdate1
xdate2
name
password
dbid
language
isrpcinmap
ishqoutmap
selfoutmap
NULL
0x010500000000000515000000A1F66E1BFC1DC75D26E72530A2B80400
14
20:25.9
57:33.4
UKBAA\LHRAPPMuttavarapuS
NULL
1
us_english
0
0
0
Chetan -
Need procedure for creation of BW Roles, Assigning Queries,Publishing Roles
Hi Experts,
Could you please let me know the procedure for creation of BW Roles, Assigning Queries,Publishing Roles in Business Explorer (BEx - BW 3.5)
Thanks in advance,
AndyHi,
Creating BW Roles
http://help.sap.com/saphelp_nw04/helpdata/en/52/6714b6439b11d1896f0000e8322d00/frameset.htm
Assigning Queries
After creating the query, save the query to a role from the query designer.
Publishing Roles in Business Explorer
https://websmp101.sap-ag.de/~sapdownload/011000358700002894802003E/HowToBIPortal1.pdf
Hope this helps you..!
-Pradnya -
ERROR MESSAGE AMT : CANNOT DELETE TOKEN AFTER IT WAS ASSIGNED TO A ROLE
We are working on the setup in our sandbox environment and we have noticed that we are unable to delete tokens and remove the protection on BO's.
the following message appears : "CANNOT DELETE TOKEN AFTER IT WAS ASSIGNED TO A ROLE"
There is no Token assigned to any role anymore and we have also removed all rules and so on, Still it remains impossioble to remove the token on a protected BO or to remove the protection of a BO.
Thanks for your helpHi Wim,
Ive replied to your support message, requesting a remote connection so I can
investigate further.
Regards,
Gervase -
Error while assigning the fallowing role to the user
Hi,
ERROR 2007-01-18 14:13:25
CJS-30196 Role SAP_BC_JSF_COMMUNICATION_RO is not assigned to user SAPJSF
i am getting the fallowing error while trying to assigning the fallowing role to the user any body through some light in to it.
Thanks
kiran.BHi,
Standard roles are not assigned to users directly.Make sure that copy the role from standard roles then change naming convention like your company specification.
Ex: standard role : SAP_BC_JSF_COMMUNICATION_RO
Step:1: go to t-code: PFCG and give the role name in role tab SAP_BC_JSF_COMMUNICATION_RO
Step:2: press copy button and change the naming convention.
Step:3: Assign to the user.
I hope it will help you.
kiran kumar.v -
Getting dump while assigning resource to role
Hi,
We are using BAPI_BUS2177_STAFFING_ADD to assign resource to role.
It is assigning first resource to first role in first project. And giving dump for next resource to role assignment for the same project.
Short dump description is like as follows:
The exception 'CX_DPR_FATAL_ERROR' was raised, but it was not caught anywhere
along
the call hierarchy.
Since exceptions represent error situations and this error was not
adequately responded to, the running ABAP program
'CL_DPR_AUTHORIZATION_SERVICES=CP' has to be
terminated.
The problem is of "COMMIT". I ma not understanding where to write exact commit. Even if we are commiting at project level it is giving dump.
Could you please give any suggestion on it.
Thanks & Regards,
Anil SalekarHello Kaixiang,
When you add staffing to project then commit after each resource assignment. That will avoid the dump.
Use:
CALL FUNCTION 'BAPI_CPROJECTS_COMMIT_WORK'
TABLES
return = it_return.
Note: Re award if useful
Thanks,
Appasaheb.. -
Unable to assign all security roles to a user with a new custom security role
Dear All,
Happy New Year.!
I have a query regarding the assignment of Security Roles to new users in CRM. Normally we assign the security roles to new users via an Admin user who has 'System Administrator' security role assigned to him/her. This works perfectly fine, and we can assign
any desired security role to the new user.
However, in our case, we need to delegate the user creation rights to some of the client partners. We do not want to give them access to all the Administration functions; hence we created a new Security Role, lets say 'Support User Role'. We have provided
'Create', 'Append', 'Append To', and 'Assign' rights on 'User' entity for this new security role. With this security role, we are able to create new users now, but we are only able to assign 'Agent' security role, not any other security roles.
For example, if user 'x' has Security Role defined as 'Support User Role'. If 'x' tries to add a new user 'y', then 'x' is only able to assign 'Agent' security role to 'y', but not any other security role. As per business requirement, 'x' should be able
to assign some other security roles, including 'Support User Role', to new user 'y'.
I believe that there is something missing in Security Role configuration, which is causing the above problem. We compared both 'Support User Role' and 'System Administrator' security roles, but not able to figure out which minimum rights we can provide to
'Support User Role' so that users with this security role can only add new users (with any security role), and that they are not having access on any other Administration features as well.
Appreciate any help that you can provide on the above issue.
Thanks in anticipation.Hi,
Can you check if you have organization level Read access for Securitity Role and Organization level Assign access for Security role.
Refer:-
http://www.magnetismsolutions.com/blog/paulnieuwelaar/2013/04/22/permissions-required-to-manage-roles-in-dynamics-crm-2011
Hope this helps!!!
Thanks,
Prasad
Make sure to "Vote as Helpful" and "Mark As Answer",if you get answer of your question -
Portal: Tab displayed but not assigned to any roles of user
HI Experts,
I have a problem need your great help.
When I logon portal as a specific user, there are 5 tab in home page. When I check the role list, 3 tabs doesn't assigned to any roles this user owned.
Then I try to copy current user into a new user, and logon in . There are only 2 tabs left, which belonged to assigned role.
How those 3 tab assigned into this user? Can we assign iView/Page/Workset directly to user without role?
Any suggestion appreciate. Thanks so much!
Edited by: Jalyn Liang on Nov 13, 2009 9:29 AM
Edited by: Jalyn Liang on Nov 13, 2009 9:30 AMJalyn Liang ,
You can find if the user id belong to a particular group with the following ways,
Log in as an admin and go to User Admin -> Users- > Seach -> Enter the user Id and serach for the user -> Select the 5th icon with the tool tip ->Assigned Groups"
or
User Admin -> Group -> Search for the group.
or
You can use UME API to find out whether the is belowng to a group though coding.
Ram -
Is it possible to grant datasource resume actions to the Operator role?
Hi gurus,
I'm trying to grant the JDBC datasource suspend/resume action to the 'Operator' role. I understand this is an admin task and the 'Operator' role cannot do this. I've tried to edit weblogic.management.runtime -> JDBCDataSourceRuntime -> suspend/resume policy Mbean via the JMX editor and added the Opertor role in a new policy, but I haven't been successful.
Is it possible to provide a user with a script (which can run as an Admin user), without providing the admin credentials to an operator user, so that he can resume a suspended data source?
Thanks.Hello,
theoretically you could remove the domain admins from the local administrator group. BUT this you should first test in a lab to see what happens after removal on the SCOM server.
Best regards
Meinolf Weber
MVP, MCP, MCTS
Microsoft MVP - Directory Services
My Blog: http://blogs.msmvps.com/MWeber
Disclaimer: This posting is provided AS IS with no warranties or guarantees and confers no rights.
Twitter: -
How to create new user and How can i assign end user roles
Hi,
I am new to SAP, please explain how to create end users and their roles
Thanks
raviHi,
Roles are decided by IT managers. Suppose if Persons who are working in shopfloor or production side
give authorization to Production order create , change and Confirm like that etc
1. In role maintenance (transaction PFCG), choose the Authorizations tab page.
2. To change the authorization data for the transactions assigned to the role, choose Change Authorization Data or Expert Mode for Profile Generation. Otherwise, a dialog box appears in expert mode (see Regenerating an Authorization Profile After Changes).
Please take telp from Basis person also refer this link,
http://help.sap.com/saphelp_46c/helpdata/EN/52/6714a9439b11d1896f0000e8322d00/frameset.htm
Thanks -
ERROR: "You are not assigned to a role" in BEx
Hi,
I have a user <i>BEXUSER</i>. In <b>PFCG</b>, I have assigned this user to a role <i>ZR_USER_ROLE</i>.
However, when I tried to open a query in BEx Anlyzer through <b>Open > Workbooks > Roles</b> toolbar, I could not find any workbooks assigned to this user.
Next, I tried to open a query using <b>Open > Queries</b> toolbar, I chose a query and tried to click <b>Enter in Role</b> icon. However, I am prompted with a message saying <b>"You are not assigned to a role".</b>
How is this possible when I have already assigned this user to a role. I have checked <b>PFCG</b> and confirmed that the particular role contains this user. Can someone explain about this?
ThanksI am getting this exact same error, and the values that I have set in my query developer's job role are the following :
S_USER_AGR
ACTIVITY = 01, 02, 06, 22
ROLE NAME = {list of roles that the user should be able to save queries to}
S_USER_TCD
TRANSACTION CODE = RRMX
The user still receives the "you are not assigned to a role" error message when pressing the "save to role" button for a workbook.
In the ST01 authorizations trace, I see that the user is FAILING the authorization check for S_USER_AGR, but is failing the check for role names that he / she not supposed to modify.
So those failures are good, but they seem to prevent from saving the workbook to any role ...
How can it be setup so that the user can save workbooks to roles that were inteded to be saved to, without getting the "your are not assigned to a role" error when trying ? -
Dignostic Error-Failed to assign UME support Roles : Server returned: 503
Hi All,
We are trying to implement diagnostics on one of our EPortal Server. We have already completed all the pre-requisites of diagnostics on EP .
When we try for diagnostics System >Managed System> it gives us following error
User existence check failed : Server returned: 503 Service Unavailable
The following J2EE roles were granted to user SAPSUPPORT : SAP-J2EE-Engine/SAP_JAVA_SUPPORT
Failed to get User ID for user with logonname SAPSUPPORT
!! Exception : Server returned: 503 Service Unavailable
Failed to assign UME support Roles : Server returned: 503 Service Unavailable
Failed to assign UME support Roles for XI : Server returned: 503 Service Unavailable
We have checked UME Page on Eportal , where the error is
Application cannot be started.
Details: com.sap.engine.services.deploy.container.ExceptionInfo: JMS error.
Please suggest.
Regards,
SwatiHi,
Please try to re-start the JAVA instance and then try again.
Regards,
Thulasi
Maybe you are looking for
-
Need help with dual monitor setup for KDE 3.5.5.
Here's my hardware: NEC MultiSync LCD 1530V: 1024x768 (analog) Samsung SyncMaster 941BW: 1440x900 (digital) nVidia Dual head AGP video card. The dual monitor works under dual-boot Windows, boot up and pure Linux console. I've googled around for hel
-
Window 8.1 lost connectivity to Exchange 2013 (started today)
I've done a few searches for the errors we are getting, but things that I have tried (corrupt user profiles, registry edits on the client pc, etc) have all been unsuccessful. Our environment mainly consists of Windows 7 machines. We have three Windo
-
When you host a website with business catalyst do you get your own domain name with it or do you have to buy one separately?
-
I've purchased the mpeg 2 component to convert files to play in quicktime. However, I didn't realise it didn't demux the video & audio so I'm getting the visuals but no sound to them. Is there any way I can get separate video & audio tracks without h
-
SunMC 3.0 and 3.5 - E450 and ultra10 black splat problem
Hi all, Don't know if this is the right forum, but if not, then I am sure you will re-direct me. I have just recently configured up all of our Sun servers, ranging from 3800's Exxx and new SunFire 210's 240's 880's 440's etc. All are now working fine