How to interrogate roles of a user in a process

Similar Messages

• How to determine role authorization of user in MAM?

  Hi everyone,
  I'm new to SAP and SAP MI, and I am currently implementing (or "enhancing") a MAM.  I have the following question on user authorization:
  In terms of role authorizations, does anyone know how I can determine what roles an authenticated user have from SAP?  For example, if user A logs into the MI Client, and if this user accesses the MAM, is there a way for the MAM to know what kind of user roles he/she has?  Is there a SyncBo that will give me such info?  I checked the JavaDocs for the SyncBo's, but they have NO descriptions.  The closest thing that I found was in MAM090 (Interface com.sap.mbs.mam.bo.MAM090).  There are getter methods for getRoleGen(), getProfileResource(), and getPartnerRole().  Are any of these usable?
  Are there any good documents that I can look at to determine what each SyncBo's does? 
  Many thanks!
  Jeffrey

  Hi Jeffrey!
  Here are the 3 different checks you have to look at"Users & Authorizations" for setting up your MAM Users.
  (1) SAP Backend:
  (1a) The SAP MAM User who synchronizes with the Backend from the MI Client should have all necessary authorizations for Plant Maintenance Components of the SAP System that are associated with your MAM Scenarios.Pl refer to the following SAP Authorization Objects I_ALM_ME ,I_AUART,I_BEGRP,I_BETRVORG,I_CCM_ACT ,I_CCM_STRC,I_ILOA,I_INGRP,I_IWERK,I_KOSTL ,I_QMEL,I_ROUT ,I_ROUT1,I_SOGEN,I_SWERK,I_TCODE ,I_VORG_MEL,I_VORG_MP ,I_VORG_ORD,I_WPS_MEB ,I_WPS_REV in your Backend System and have it assigned to the User Profile, based on your requirement.
  (1b) Service User for setting up the MAM & MI Landscape: This user logon info has to be setup in the RFC Destination that is associated with your MAM25 SyncBOs, to logon to the Backend System and this user should have the basic authorizations required to establish the connection.
  (2) MI Middleware: The SAP MAM User who synchronizes with the Backend from the MI Client should have the following Authorization Objects assigned to his/her profile. S_ME_SYNC, S_RFC, S_TCODE.
  (3) MI Client: Refer to MI Security Guide.Pl note that the MI Client MAM User is same as the Middleware User and the Backend User.You should be taking care of this already.This is just a FYI.
  Let me know, if you are looking for any other additional info.
  Thank You
  Gisk

• How to get the type of user role in ISF?

  We have functionality to hide all the buttons on Monitor task, which was successfully achieved by javascript. But we need to enable these buttons for only Site Administrators, so that they only can do necessary modifications upon request from end users. Can someone point me to correct direction how to get the user role when a user is not a Site Administrator. Thanks in advance.

  What about having your custom ISF onload script first run a db query (on older version called a rcFetch) which would evaluate if the person loading form is a member of the site admin ou.
  Here's a rough example:
  ISF_onLoad()
   rcFetch('Q1','Q1PL=' + UserID);
  This will then run a query to validate if the person is a member of the admin ou.
  SELECT * FROM DirOrganizationUnitPeople WHERE PersonID = #P1# AND OrganizationalUnitID = 1 (this should be the id of the site admin ou or the ou which you are referring to as an admin)
  then have a call back to determine if any records where return, which indicate the person is a member of the site admin ou.  
  function Q81_DataCallback(retArray, queryList)
  if (retArray['Q8500._COUNT_'] == 1)
   {  *Show the fields*  }
  Hope this helps.

• How to capture the role of the user logged in  CRM

  Hi
  How to capture the role of the user logged in  CRM so as to restrict the Account group selection ; While creating a sales Order .
  Can we deternine the profile in the related view .If so how , and what tables can we use to do so.

  hi,
  I think you should check CRM table AGR_USERS.
  Regards
  Michael

• How to disable the validity of a particular Role for 100 users, in a single

  Hi
  How to disable the validity of a particular Role
  which is assigned to 100 users. (disabling the role of change the validity of the role )
  at present am doing manually, by entering into each user and changing the validity of the role
  Thanks.

  > How to disable the validity of a particular Role for 100 users, in a single ...
  ... shot?
  Assign a reference user to the 100+ users and create events in the factory calendar which assigns and removes the role from the reference user only.
  The downside is that it is not scalable for many of the same concepts at the same time, because a dialog user can at one logon time only have one reference user assigned to them.
  Cheers,
  Julius

• How i can associate my app user with database role

  In my application (oracle forms application developed in-house - We are using Oracle Forms 11gR2 with WebLogic 10.3.5 ), i want to use "application user" instead of database user.
  I have an application users table, actually, i have database users,and of course, menu application works with database roles (It was developed with oracle forms menu module), my question is, How i can associate my application user with database role, for reusing oracle forms menu funcionality?. It's possible?
  Thanks,
  Edward

  user8929172 wrote:
  In my application (oracle forms application developed in-house - We are using Oracle Forms 11gR2 with WebLogic 10.3.5 ), i want to use "application user" instead of database user.
  I have an application users table, actually, i have database users,and of course, menu application works with database roles (It was developed with oracle forms menu module), my question is, How i can associate my application user with database role, for reusing oracle forms menu funcionality?. It's possible?
  Hi Edward
  You can do this by assigning the role functionality to the application user. For example
  create the table to enter user name.
  create table to enter group name.
  create table to assign user to group.
  assign role to group.
  assign functionality for the user by coding.
  hope this helps

• How to create Roles to user in WORKFLOW

  How can i create a role to an user in Workflow so that i can send e-mail notification....!! and where shoul i mention that role..ie wheather in notification or message...???

  Given that you have a role, you can mention that role in "Performer" (Node Tab) of the Notification. If you want to fetch the role name value dynamically, then create an attribute with the type "Role" and assign that attribute in the Perfomer field.

• How to grant role to user

  How can use Oracle Developer2000 Form6 to grant priveledge and role to user in database (oracle 8i) from Trigger of Form6. Is there any built-in about this statement?

  PL/SQL doesn't allow you to issue DDL commands directly, but it does provide a utility package called DBMS_SQL. This allows you to create dynamic SQL statements at runtime and execute them. The code you would need are as follows:
  In declaration section -
  v_sql varchar2(200);
  v_cursor number;
  v_result number;
  In the code body -
  v_sql := 'GRANT <ROLES> TO <USER>';
  v_cursor := dbms_sql.open_cursor;
  dbms_sql.parse(v_cursor, v_sql, dbms_sql.native);
  v_result := dbms_sql.execute(v_cursor);
  You can ignore the value of v_result as it is not a DML statement. Also you could build your SQL string up dynamically using variables from your form ie:
  v_sql := 'GRANT '||:FORM.ROLE||' TO '||:FORM.USER;
  Hope that helps!
  Ian

• How to assign roles to users using WL api?

  Hi,
  We have a requirement to allow creation of new users through application screens and assign groups and roles to those users.
  My users will exist in external LDAP server while my groups and roles will exist in embedded LDAP server. Using WL APIs i am able to create users and add them to groups using the code peices given below:
  ========================================
            userProviderControl.createUserSimple(form.userID, form.password);
            groupProviderControl.addUserToGroup(ocnGroup, form.userID);
  ========================================
  How do i assign roles to this new user programatically?
  If i add a role from console (Home > Realm Roles > Summary of Security Realms > myrealm > Realm Roles -> Global Roles) and edit role condition to add this newly created user then i it works fine. I want to achieve the same i.e. edit role condition programatically.
  Any help will be greatly appreciated.
  Thanks,

  Problem Solved !!!
  The data-type conversion needs to be performed in the SPML2 Person Form. Add a Field called waveset.roles and map it to the SPML2 attribute name being used in ur client. It's best done through a rule.....
  If anybody is facing similar problem and need more details....please email me @ [email protected]

• How to find roles of a Deleted User.

  Dear Gurus,
  Please assist me that how to find all the previous roles once the user has been deleted accidentally.
  Thanks,
  Regards,
  Kalyan Kumar.

  Hello Kalyan,
  you can find out the User classification and the status of the user (locked , deleted or active) in System measurement.
  i.e.... "usmm" T-code for System measurement, this will show you the list of deleted users.
  after finding out name of the deleted user/users, you can search for the customized profiles created in your system land scape.
  in my organization, we will create profile for the end user based on SOD (list of T-codes, Organisational data and activity on the T-codes.
  i.e... if user name is "kalyan" we will create a profile by following nomenclature.
  "zKalyan" or "Ykalyan".
  you can search your SAP system for the list of profiles avaliable, and also go through the user matrix.
  "scum" is central user administration, here you can find more information on the users.
  Best regards,
  Raghav.
  reward points, if helpful to you##

• HI,how to find roles for user based on userid?

  hi,
  i need to find roles for each user based on user id.
  can i know any one knows this how to get roles for user?
  thanks,
  jpullareddy

  hi,
  i solve my self.
  i am getting values
  jpullareddy

• How to assign roles for each kind of users

  Hello,
  i am creating users for each kind of users, say abap developer or FI/MM/SD function users, in IDES ECC 6. it doesnt make me any sense how to assign which roles to which user( there are more than 2000 sap standard roles). can anyone give me some guideline how to create each kind of users.
  any response will be awarded!
  Thanks a lot!
  Samson

  I don't understand your question....
  When sap is implemented usually part of the project is creating roles based on a blueprint designed to adjust to your company needs...
  Basically Standard roles are there to be used as templates for your own roles.
  Users as "dialog users" do not have classification... the special access attributes are given by the roles assigned to it based on the project plan desing pre-installation.
  Hope that help
  Juan

• How many single role we can attach to single user?

  Dear Friends,
  How many single role we can attach to single user?
  Sachin

  Hi Sachin,
  The below parameter can be checked for this topic. Infact the limit is about 9000 for this parameter and typically i have seen ID's in 4.7 environment with around 150 roles or more...
  <b>Auth/auth_number_in_userbuffer</b>
  When a user logs onto SAP, the authorizations contained in the user’s profiles are copied to a user buffer in memory.  The maximum number of authorizations copied is set by this parameter.  The size of the buffer must always exceed the maximum number of authorizations as authorization checks are made only against those in the buffer.
  Refer to OSS notes 84209 and 75908 for more detailed information regarding changes to the size of the user buffer.
  Transaction SU56 shows the contents of the user’s user buffer and a total for all the authorizations in a user master record.
  Hope this info helps
  Br,
  Sri
  Award points for helpful answers

• Create User Activity: How to add Roles to the new user

  Hi all,
  My Problem is Using LC Workbench I have created one process it is having Create User Activity. I am able to creating the new user with this process.
  But I dont have idea how to add roles to that new user? Please anybody can help me out
  Thanks in advance.

  Hi,
    I used Built-in Componets till now, Please help me out What are the steps needed to implement a custom componet.
  Thanks in advance

• HOW TO CREATE ROLE AND ASSIGN TO USER

  Dear all
  1- Create ROLE data_entry
  2- Now open the Form Builder --> open Mennu.mmb --> F4,it open the property pallete --> Set use secturity option
  YES and in Module Role option set Roles --> form_entry
  5- Press F3 (Come back in Navigator Pane) then double click on Mennu, it open Mennu which is attached Forms then
  double click on that one Form which attach Role with it --> click on Item Role --> and attach the Role
  6- Go start Mennu --> Oracle Form6i-Admin --> Build after this it will ask
  ‘Enter System Passwors’ then Give the Local Password.
  'Enter database connection ( e.g. t:node:SID) [LOCAL] ' Give ORCL ( but me confused what should i give over
  here)
  7- Create User DEO Identified By DEO
  8- Grant DBA to DEO
  9- Grant data_entry to DEO
  When i run my application and get login by DEO user then i receive this Error:
  FRM-10247: No activate items in root menu of application.
  please let me know where i am making mistake
  Thanks in advance
  Regards,

  Hi,
  Just check your second point.
  - Now open the Form Builder --> open Mennu.mmb --> F4,it open the property pallete --> Set use secturity option
  YES and in Module Role option set Roles --> form_entryHere, you are using "form_entry" role to the menu but you've granted data_entry role to the user.
  Hence, at run time forms is expecting user with form_entry role, which it's not getting.
  Hope it helps.
  Please mark answer as helpful / correct, if it helps you
  Navnit