List users in role

Similar Messages

• Any way to list users' roles and teams in the advanced fine list?

  Hello,
  Is there any way to list user's Roles and Teams in the advanced find list?
  In general, I am looking for a technique to list the related entities of the main entity in the advanced find.
  Thank you,

  Unfortunately not. Advanced Find can only display records of one type - i.e. you can't show an entity, along with its related entities.
  Also, the underlying entities that store the team membership and role membership are not available for output in Advanced Find.
  Instead, you could create a report to display this data
  Microsoft CRM MVP - http://mscrmuk.blogspot.com/ http://www.excitation.co.uk

• Custom Report: the list of IT ROLES of one or more users

  Hi all,
  I want to do a custom report that gives me the list of IT ROLES of one or more users. Anyone could give me some guidelines?
  Thanks

  according to the docs... if I interpret them right
  getRoles returns roles assigned to the context given, this is wise since it is usualy used to check if the current user invoking the call has the rights in a form, workflow or similiar...
  Adding the "accountId" string as a second argument would invoke this form of the getRoles
  getRoles
  public static java.util.List getRoles(LighthouseContext s, java.lang.String current) throws WavesetException
  This variant allows a specific name to be included in the returned list. Used to ensure that the current value of a role may continue to be assigned even though the current admin may not have access to that role.
  I believe you should get the users view and get your info from there...
  if you try using the debug page and getObject User and the accountId, you will see the user in its full glory...
  there you can see what you might want to do I hope

• User List with their roles

  Hi Guys,
  I want a list of all users in the database with their specified roles.
  Any help will be appreciated.
  Regards,

  I was confused that GRANTEE is USERNAME and I am still confused. No need to be confused because docs are saying :
  GRANTEE     VARCHAR2(30)          Name of the user or role receiving the grant
  http://docs.oracle.com/cd/B19306_01/server.102/b14237/statviews_4064.htm
  Probably you are not seeing all/some user names, because chances are that some privileges are granted to role but not directly to the users. Users are accessing those privileges via role. See example :
  SQL> select * from v$version;
  BANNER
  Oracle Database 11g Enterprise Edition Release 11.2.0.1.0 - 64bit Production
  PL/SQL Release 11.2.0.1.0 - Production
  CORE    11.2.0.1.0      Production
  TNS for 64-bit Windows: Version 11.2.0.1.0 - Production
  NLSRTL Version 11.2.0.1.0 - Production
  SQL> create user test identified by test;
  User created.
  SQL> grant connect,resource to test;
  Grant succeeded.
  SQL> create role testrole;
  Role created.
  SQL> grant select on scott.emp to testrole;
  Grant succeeded.
  SQL> connect test/test
  Connected.
  SQL> SELECT GRANTED_ROLE FROM USER_ROLE_PRIVS;
  GRANTED_ROLE
  CONNECT
  RESOURCE
  SQL> connect scott/tiger
  Connected.
  SQL> grant testrole to test;
  Grant succeeded.
  SQL> connect test/test
  Connected.
  SQL> SELECT GRANTED_ROLE FROM USER_ROLE_PRIVS;
  GRANTED_ROLE
  CONNECT
  RESOURCE
  TESTROLE
  SQL> select * from scott.emp;
       EMPNO ENAME      JOB              MGR HIREDATE         SAL       COMM     DEPTNO
        7369 SMITH      CLERK           7902 17-DEC-80        800                    20
        7499 ALLEN      SALESMAN        7698 20-FEB-81       1600        300         30
        7521 WARD       SALESMAN        7698 22-FEB-81       1250        500         30
        7566 JONES      MANAGER         7839 02-APR-81       2975                    20
        7654 MARTIN     SALESMAN        7698 28-SEP-81       1250       1400         30
        7698 BLAKE      MANAGER         7839 01-MAY-81       2850                    30
        7782 CLARK      MANAGER         7839 09-JUN-81       2450                    10
        7788 SCOTT      ANALYST         7566 19-APR-87       3000                    20
        7839 KING       PRESIDENT            17-NOV-81       5000                    10
        7844 TURNER     SALESMAN        7698 08-SEP-81       1500          0         30
        7876 ADAMS      CLERK           7788 23-MAY-87       1100                    20
       EMPNO ENAME      JOB              MGR HIREDATE         SAL       COMM     DEPTNO
        7900 JAMES      CLERK           7698 03-DEC-81        950                    30
        7902 FORD       ANALYST         7566 03-DEC-81       3000                    20
        7934 MILLER     CLERK           7782 23-JAN-82       1300                    10
  14 rows selected.
  SQL>Regards
  Girish Sharma

• Listing users that are member of special role

  hello
  if i have a role that called role1 then how i can list users that are member of this role?
  thanks

  Try Pete Finnigans who_has_role.sql
  http://www.petefinnigan.com/tools.htm

• Web/UME Services to fetch list of Portal Roles??

  Hi All,
  Are there any out of the box Web or UME services available which can fetch list of Portal Roles based on certain criteria.
  Basically I am looking for a service that will fetch list of all Portal Roles (PCD & UME) and will take couple of input parameters, a Role Name/ID & the permission property "Role Assigner"
  Thanks
  Sandip

  Thanks for your reply.
  But I guess these forums shows how to retrieve roles & its sub-ordinates for a particular user. Where as I am trying to retrieve all PCD roles for which I have "Role Assigner" permission.
  Basically I am building a delegated admin functionality on Portal using custom coding. It is the same as Portal out of box Del User Admin but I am not using it because of some other enhancements.
  I will have many user admins and the roles they can assign to users are determined by the "Role Assigner" permission. So its like, User_Admin_RoleA has access to 5 Portal Roles, User_Admin_RoleB has access to some other 5 roles and so on.
  So just wanted to know if there are standard Portal service (like we have for KM) available to do this.
  Thanks
  Sandip

• How to include a favorit list into a role?

  We need to assign a role to some users so that the users can have
  a favorit list that is included in the role.
  It's easy to include iViews into a role. But I have tried very hard to include
  a favorit list into a role without success.
  Points guaranteed. Thx.

  <u>Portal Favorites is an iView.</u> Open a role in which you want to add Portal Favorites. Then goto <i>PCD->Containt Provided by SAP->End User Containt->Standard Portal Users->iView->com.sap.km.iView.</i> Right click Portal Favorites iview and then Click "Add iView to Role" -> Delta link.
  Regards,
  Nitin

• Can't grant privilege on column to user via role?

  Hi:
  From what I read in the docs I should be able to create a role that has UPDATE privs on a column of a table, and then grant that role to a user, who should be able to update the column of the table. I get "insufficient privileges" when I try that, although it works as advertised if I grant directly to the user. Am I mis-reading the docs?
  Session GAFF:
  CREATE TABLE "GAFF"."FOO2"
     (    "F1" NUMBER,
      "F2" NUMBER,
      "F3" VARCHAR2(50),
      "F4" NUMBER,
       CONSTRAINT "FOO2_PK" PRIMARY KEY ("F1")
  create role foo2_u_f2;
  grant update (f2) on foo2 to foo2_u_f2 ;
  grant select on gaff.foo2 to play ;
  grant foo2_u_f2 to play ;session PLAY:
  update gaff.foo2 set f2 = 1 where f1 = 1ORA-01031: insufficient privileges

  Most likely role foo2_u_f2 is not a default role for user play. Initially, when user is created default role is set to ALL. Later it can be changed to NONE or a set of roles. Login as play and issue:
  select * from session_roles
  /I bet you will not see foo2_u_f2. Then issue:
  select granted_role,default_role from user_role_privs
  /That will give you a list of user play default roles. You can either issue:
  set role foo2_u_f2
  /This will enable foo2_u_f2 role in current session. Or you can login as privileged user and issue ALTER USER DEFUALT ROLE ...,foo2_u_f2.
  SY.

• A question about users assigned roles extraction

  Dear all,
  I have a question about users assigned roles list extraction. I need the list of the users who have already been created along with their assigned roles. According to what I found on Google, there is a table named AGR_USERS which provides the roles assigned to each user. Yet, this table provides only the SAP ID of each user along with the assigned roles. What I need more is to have also the first name and second name of each user.
  So, do you know any table providing at least the following information:
  1) First name of each user
  2) Second name of each user
  3) SAP ID of each user
  4) All assigned roles to each user.
  NOTE: I really need to have first name and second name in separate columns
  Thanks in advance,
  Dariyoosh

  >
  Shekar.J wrote:
  > Agr_users for the user ID and role assignments
  > USR02 to check the validity of the User ID
  > and USER_ADDR for the first name and last name
  >
  > You can create a Table join of the above 3 tables to retrieve the data you require
  Thanks to you and others for your attention to my problem
  I don't know anything about ABAP programming, is there any transaction allowing to create this join? As it seems to me the column "UNAME" in the table "AGR_USERS" and the column "BNAME" in the table "USER_ADDR", both refer to the SAP ID of the user. As a result the condition of the join would be "WHERE (UNAME = BNAME)", is there  any transaction/programme allowing to create this join?
  Thanks in advance,
  Dariyoosh

• Add user to role during reconciliation

  Hi,
  I have this scenario:
  We have a database resource on which we run reconciliation to link accounts to our users in IDM.
  I also have roles that contains this resource. When the reconciliation runs I would like to add the user
  to that role, instead of linking the user to the resource account directly.
  Our problem now is that if users gets linked to the resource, and then gets the role, if the role is removed, the user still has the link to the resource.
  Did that make any sense?
  I'm guessing that I need to use the "per account workflow" to make this happen, but I'm not sure how to do write this workflow.
  Regards,
  Henrik

  Hi Henrik,
  You could do it during reconciliation with a per-account workflow.
  Another approach is to use a regular workflow that lists users with accounts on that target resource and processes each of them to remove any unneeded direct assignments. That is what I went with, and I run the workflow periodically.

• Link users - positions - roles - authorization objects

  Hi guys,
  I want to write a report that would link USERS to POSITIONS to ROLES and finally to AUTHORIZATION OBJECTS. The user would enter the SAP username in the selection screen and the report should extract all the information listed above.
  I am able to link the following:
  + Users to positions via function module RH_BRANCH_GET
  + Users to roles via table AGR_USERS
  + Roles to authorization objects via function module PRGN_1251_READ_FIELD_VALUES
  Unfortunately, I dont know how to link positions to roles
  Does anyone know how to do that?
  Also, is there a more efficient way, than the approach highlighted above, to complete this requirement
  Thanks for your time
  -TR

  Hi,
  you can find a link between role and HR object in table HRP1001. The field SOBID contains name of the role. You need to find way how to convert object ID into position role. Be careful about additional fields from that table.
  Cheers

• Report to list the Single Roles contained in each Composite Role...

  Hi, 
  Can someone tell me how I can produce a report in a 4.6C system that shows the Single rolse contained in all Composite roles?
  Thanks
  Sharon

  Hi Jurjen,
  Thankyou for that.
  Can you also tell me what the difference is between a "Composite role, Indirect (HR)" and a "composite Role"?  (I see these two Activity Group Types when running a report in SUIM to list users and their activity groups).
  Thanks
  S

• Matrix users and roles

  Hi,
  is there any sap standard functionality to get a matrix of users and roles like this:
  Z_ACCOUNTING_ROLE-Z_BASIC_ROLE-Z_SALES_ROLE---Z_TREASURY_ROLE
  MEYER---XX--
  SMITH--XX--
  JACKSONXX--
  X
  Regards
  Walter Habich

  report S_BCE_68001400
  for so far I know there isn't but when you run the standard report S_BCE_68001400 which shows all the rolles of all the users (click on button roll when you have the list of users) it is quite simple to export it to excel. make a crosstable with the rolles in the top and the usernames at the left. and in the middle count the rolles (which is always 1)
  copy all with ctrl a
  make a new workspace
  and paste special with only values
  replace all the 1 in the crosstable data section with X
  select the row with all the rolles and turn the text 90%
  make the colum width fit to maximum
  and you have a splendid crosstable
  kind regards
  arthur de smidt
  Edited by: A. de Smidt on Jul 2, 2008 4:56 PM
  Edited by: A. de Smidt on Jul 2, 2008 4:58 PM

• Reading a user's role in Dynpro

  I am currently writing an application in Dynpro / java that will eventually run on EP6.
  This application will allow external product distributors to enter sales information and view their history / performance.  A distributors access will be quite limited in that they will only be able to see their own sales data.
  In addition, the site will be accessed by internal employees who will have a much wider range of functions available to them.  They will be able to view performance statistics for all distributors by region and see internal costing sales figures.
  Rather than maintain roles within the program, or worse yet, maintain two separate applications, I would like to read a user's role within the portal environment and enable / disable functions in the application based on their role.
  From what I have been reading it seems possible to obtain this information through the "getRoleFactory()" method in the UMFactory class but so far I haven't got it to work.
  Has anyone had an practical experience obtaining role information from EP6 (in Dynpro preferably).  Any information would be helpful at this point (a small code sample would be ideal).
  thx
  -Sheldon

  And use IUser`s method  getRoles (https://media.sdn.sap.com/javadocs/NW04/SPS15/um/com/sap/security/api/IUser.html#getRoles(boolean)):
  <i>
  public Iterator getRoles(boolean recursive)Gets the list of (all) assigned roles of this user including parent groups, grandparent groups,... if recursive is set to true NOTE: This method may also return roles which are already deleted.
  Parameters:
  recursive - if true returns all parent roles
  Returns:
  iterator of roles for this principal. The iterator contains uniqueIdOfRole strings
  </i>

• How to obtain a user's roles

  We are migrating a OC4J app to weblogic 10.3. I won't go into all the gory details, but there was a security component that would read the jazn-data.xml file and return a list of all the roles a username was mapped to. Once I define the users and roles in the WL realm, is there any programmatic API that given a principal, can return all the roles that the principal is assigned to?
  Thanks,
  Leor

  Hi Leor,
  You can use a WLST script. I don't have a finished script for what you want, but here is an interactive example which should show how you navigate the WLST structure, down to the security information:
  [bea@myserver esbDomain]$ . bin/setDomainEnv.sh
  [bea@myserver esbDomain]$ java weblogic.WLST
  Initializing WebLogic Scripting Tool (WLST) ...
  Welcome to WebLogic Server Administration Scripting Shell
  Type help() for help on available commands
  wls:/offline>
  wls:/offline> connect('weblogic','weblogic','t3://myserver:7011')
  Connecting to t3://myserver:7011 with userid adadm ...
  Successfully connected to Admin Server 'esbAdminServer' that belongs to domain 'esbDomain'.
  Warning: An insecure protocol was used to connect to the
  server. To ensure on-the-wire security, the SSL port or
  Admin port should be used instead.
  wls:/esbDomain/serverConfig> cd ('SecurityConfiguration')
  wls:/esbDomain/serverConfig/SecurityConfiguration> ls()
  dr--   esbDomain
  wls:/esbDomain/serverConfig/SecurityConfiguration> cd ('esbDomain')
  wls:/esbDomain/serverConfig/SecurityConfiguration/esbDomain> ls()
  dr--   DefaultRealm
  dr--   Realms
  -r--   AnonymousAdminLookupEnabled                  false
  -r--   CompatibilityConnectionFiltersEnabled        false
  -r--   ConnectionFilter                             null
  -r--   ConnectionFilterRules                        null
  -r--   ConnectionLoggerEnabled                      false
  -r--   ConsoleFullDelegationEnabled                 false
  -r--   Credential                                   ******
  -r--   CredentialEncrypted                          ******
  -r--   DowngradeUntrustedPrincipals                 false
  -r--   EnforceStrictURLPattern                      true
  -r--   EnforceValidBasicAuthCredentials             true
  -r--   Name                                         esbDomain
  -r--   NodeManagerPassword                          ******
  -r--   NodeManagerPasswordEncrypted                 ******
  -r--   NodeManagerUsername                          nodemgr
  -r--   Notes                                        null
  -r--   Type                                         SecurityConfiguration
  -r--   WebAppFilesCaseInsensitive                   false
  -r-x   findDefaultRealm                             WebLogicMBean :
  -r-x   findRealm                                    WebLogicMBean : String(realmDisplayName)
  -r-x   findRealms                                   WebLogicMBean[] :
  -r-x   freezeCurrentValue                           Void : String(attributeName)
  -r-x   generateCredential                           [B :
  -r-x   isSet                                        Boolean : String(propertyName)
  -r-x   unSet                                        Void : String(propertyName)Regards Peter