Mass user copy with respective authorizations

Similar Messages

• Reg: Mass generation of roles with open authorization

  Hi,
           Is there an option to mass generate roles with open authorizations ?
           It would be helpful if it there exists some transactions or reports that would help in doing so unlike CATT scripts or batch sessions.
  Regards,

  Hi Arravind,
  Why cant you correct the roles by filling up those open fields?? I guess you can create a CATT script to acheive your objective but I suggest better to check why there are open fields in the role then generating them blindly.
  Do let us know if you need any more information from our side. If you want to know how to create a CATt script then search for it in SDN/Google you will surely get your answer.

• Retain standard SAP order type after copying with user defined order type

  Hello SAP Gurus,
  We have a requirement of retaining the standard SAP order types after copying with User defined order types. But the issue is we don't want to see the standard SAP order type such as PM01, PM02 in production system while using transaction like IW31 etc.
  Is there anybody who has answer to retain these stanadard SAP order types without deleting from system configuration?
  Thanks in advance.
  Cheers,
  Vaibhav

  Vaibhav,
  When you F4 on the order type field in IW31 you will get the popup showing the order type list. At the top of this list is a button with a green "+" sign (Insert in personal list).
  You can use this button to select your favourite list.
  This function is available in most F4 drop-down lists.
  However, you cannot set this setting for all users. You will need to write an ABAP program to do this.
  PeteA

• Was I supposed to get a hard copy user manual with my new phone??

  Was I supposed to get a hard copy user manual with my new phone??
  I did not get one - but would like one

  http://manuals.info.apple.com/enUS/iPhone_UserGuide.pdf
  There you go!
  Enjoy

• Client Copy Error - ERROR: Type 'F' user exit with SYS_ERROR:

  Hello,
  We want to create a client copy from client 001 to clien 715.
  The client copy test runs successfully.
  The following error occurs in normal mode of client copy.
  1 ETA028XClient copy from "03.11.2010" "17:12:43"
  1 ETA029 System ID............................ "IS3"
  1 ETA043 Target client........................ "715"
  1 ETA030 R/3 Release.......................... "701"
  1 ETA354   Basis Support Package..............."SAPKB70107"
  1 ETA031 Host................................. "xxx"
  1 ETA000 Start in background............. ....." "
  1 ETA032 User................................. "SAP*"
  1 ETA033 Parameter
  1 ETA034 Source client........................ "001"
  1 ETA188 Source client user masters............"001"
  1 ETA185 Copier profile:......................."SAP_ALL"
  1 ETA036 Table selection
  1 ETA177 Customizing data ....................."X"
  1 ETA037 With application data................ "X"
  1 ETA155 Initialize and recreate......... "X"
  1 ETA294 Change documents are not copied
  2 ETA367XStart analysis of system "17:12:43"
  3 ETA108 "/GC1/CC_EXIT_CLIENT_DELETION" executed "        0"("        0") entries copied
  4 ETA114 Runtime "             0" seconds
  3 ETA072 Exit program "/GC1/CC_EXIT_CLIENT_DELETION" successfully executed "17:12:53"
  A2EE/SAPAPO/OM 012 "Mandant 715:" "Verbindung nicht oder fehlerhaft gepflegt:" "IS3CLNT001" " "
  2 ETA102 ERROR: Type 'F' user exit with SYS_ERROR: "/SAPAPO/OM_CLNT_COPY_DOWNLOAD"
  2 ETA534 "RCOD:" " 8" "SY-SUBRC:" " 0"
  2 ETA191 Program ended abnormally
  Can you help me?
  thx
  Torsten

  Torsten,
  Are you doing a local client copy in a SCM System. I can see it fails & is looking for SCM specific fn modules & user exits.
  If yes, has a look at this notes there are some steps that needs to be done for the transactional date:
  894490 - Client copy: Transactional data
  And re-post it in the SCM forum: SAP Advanced Planning & Optimization (SAP APO)
  - Regards, Dibya

• Authorization  with respect to Project profile

  Dear All
  i have one problem pl suggest me
  I'm implementing one project ... i'm in authorization matrix i need to give the authorization with respect to Project profile
  Ex .  one controlling area
          two company code
          ten project profile
  each profile have different  responsible  person (some time five to six person are in single project)
  In one plant they are using six different project profile .this my concertino
  now i need to control the authorization with respect to Project profile .i'm not able to find the any object in the authorization matrix . pl suggest me . if know the technical object name pl suggest me

  You can use the following objects for controlling authorisations:
  Co Area
  Cost Center
  Profit Center
  Project Manager
  Project Type
  I don not believe there is an auth object for Project Profile.   If you have a 1 : 1 relationship between your project profile and project type, than it would be possible to use this to secure authorisations.
  C_PRPS_ART.
  I hope this helps.
  Ian

• Administrator, Object Authorizer, Group User.. with Highest Priority

  Hello,
  I've searched the forum for this information but can't seem to find it.
  How do the priorities work in OIM?
  If I have a task that has to be approved by someone in a list of users, each with different priorities.. how does OIM evaluate that the user with Highest Priority should not get this task.. but instead the task should go to the second user with Highest Priority?
  I've been testing but it seems the task always goes to the same user, which is the one defined with priority 1, the others are ignored.
  For example.. if I have 20 tasks.. is there a way to make the first 15 (or whatever) go to the user with Highest priority and the other 5 to the user with the second highest priority?
  Thanks in advance

  Hi,
  You will need to write your custom task assignment adapter to do that.There is lot of post on how to write a task assignment adapter.
  Regards
  Nitesh

• Unable to access or view data with no authorization error

  Hi Experts,
  Appreciate your guys help. I am ID administrator where by some of our user ID unable to view data/ display report for the some of data even the appropriate authorization already assigned to the user. However when we check in the transaction SU53 - authorization checking no error shown!
  There is a case whereby user report that his ID (e.g. SAP ID = ABC) unable to access a transaction or infotype data for example HR infotype masterdata,upon checking there is no authorazition error (checked insu53), when copy the ID (ABC) to another new ID (ABC1) with no changes on the roles, the ABC1 ID able to access the said transaction.However, when copy back ABC1 to the ABC (naming conversion only), the ABC ID still unable to access the transaction with no authorization error. the
  main problem here is the original ID is not working, but works fine if it is copied to another ID name.
  Kindly advice.

  Hi Manikya Raju,
  Can you explain details?

• How to create mass users and map them to existing  hrms users

  Hi,
  Im running oracle ebusiness suite 12i . I want to create mass users , and map them to existing hrms users.
  The users I want to create exist in an excel spreadsheet with the columns employee id, user name. They will all be granted the same responsibility. I want to map them to existing hrms users using the employee id key.
  I have read about the package FND_USER_PKG.CREATEUSER and I can loop over it by using sql loader to create a temporary table, but I m lost on how to automatically map them to hrms users as part of the script.
  Any help.
  dula

  Thanks a lot Omka,
  I managed to create the users by running the script:
  declare
  Cursor C1 is
  select d.product_code,b.responsibility_key from FND_USER_RESP_GROUPS_ALL a,fnd_responsibility b,fnd_user c,fnd_application d
  where a.user_id = c.user_id
  and a.responsibility_id = b.responsibility_id
  and b.application_id = d.application_id
  and c.user_name ='JOCHIENG';
  Cursor employee is
  SELECT EMPLOYEE_ID,EMPLOYEE_NAME from eldoret_final;
  BEGIN
  for e in employee loop
  fnd_user_pkg.createuser
  x_user_name => e.EMPLOYEE_NAME
  *,x_owner => ''*
  *,x_unencrypted_password => 'welcome123'*
  *,x_start_date => SYSDATE - 10*
  *,x_end_date => NULL*
  *,x_description => 'CBK Employee'*
  *,X_EMPLOYEE_ID => e.EMPLOYEE_ID*
  fnd_user_pkg.addresp(upper (e.EMPLOYEE_NAME),'PER', 'CBK_EMPLOYEE_DIRECT_ACCESS','STANDARD', 'DESCRIPTION', sysdate, null);
  end loop;
  commit;
  end;
  I had first created the user JOCHIENG and assigned it the responsibility for Self service. So the script just assigns the responsibilities by copying from the one assgined to this user.
  Everything seems ok. However, when trying to log in as the new user, the login error: Login failed. Please verify your login information or contact the system administrator.
  is returned. But I can reset the password using the forms under Security > Define. Even with the correct password, the login doesn't go through.
  Any idea?
  dula

• Homgeneous System Copy with Java and DB2 with database tools.

  Hello,
  we have an single java stack (netweaver 2004s) and tried a system copy with database tools.
  Source System: DP2, dp2adm, db2dp2, sapdp2db
  Target System: SP2, sp2adm, db2sp2, ???
  We followed the documentation "System copy for SAP systems based on sap netweaver 2004s SR1 JAVA. We exported the SDM on the source system made a redirected restore with db tools and tried to install a new target system.
  During the import in the target system using sapinst we get in the
  phase run java migration tool kit the following error message.
  Caused by:
  com.sap.engine.frame.core.configuration.ConfigurationException: Error
  while connecting to DB.
  at
  com.sap.engine.core.configuration.bootstrap.ConfigurationManagerBootstrapImpl.(ConfigurationManagerBootstrapImpl.java:49)
  ... 14 more
  Caused by: com.ibm.db2.jcc.a.SqlException: Connection authorization
  failure occurred. Reason: userid revoked.
  What I didn't understand is, that in the documenation it is mentioned, that you have to use the same java database connect user. But during the installation of the target system (SP2) I cannot change the java database connect user to sapdp2db. I'm only allow to enter sapsp2db. That might then cause the connection problem.
  Regards
  Alexander Türk
  I

  Hi Alexander
  yes , give it a try , but see note
  970518 Hom./Het.System Copy SAP NetWeaver 2004s SR2
  and all other related notes , if it matches your environment .
  Best regards
  dirk

• OD Upgrade: merge backed up user data with new accounts?

  Hi All,
  After trying many paths to upgrade a 10.6.8 OD server to 10.10 we gave up on export / import of the whole directory. We kept running into the “Existing connection is not authenticated” error caused by some kind of certificate mis-match. Searching for fixes inevitably led to this article which indicates the “rekerberize” method should not be used on Yosemite.
  So we punted and installed everything clean from scratch. We think we found a method that restores all users and their home dirs. I’m posting here to see if anyone may critique our method as unsafe. We’ve done some testing but users are not let loose on the new system yet so we aren’t quite 100% certain.
  The basic steps we eventually took were:
  Grab export of users from 10.6 server
  Fresh install of OS X 10.10, patch to 10.10.1 (cloned old system first so we can always go back)
  Install Server
  Correctly configure DHCP and DNS and File Sharing
  Create Directory
  Create self signed cert (this was necessary to get 10.6 clients to auth; 10.10 clients work out of the box)
  Edit user export file to fixup change in FQDN: %s/<old_fqdn>/<new_fqdn>/g
  Import users into Directory using the fixed up export file
  Copy user home dirs from 10.6 backup into new file share (the user home dir path matches the fixed up export file)
  chown each user dir to the new user: sudo chown -R <user>:students /Users/<user> (In earlier passes at the upgrade, we also propagated permissions and ACLs from within Server.app at this step. But the fresh install didn’t seem to need this — chown appears to be enough.)
  The Keychain came across with wrong perms and instead of resetting the perms, it made more sense in our case to just delete it: sudo rm -rf /Users/<user>/Library/Keychains
  We’ve done a reasonable amount of testing and it looks like all of the user’s files are accessible and working fine. I expect we may find some application data in user home dirs that may have wrong perms (like keychain did) or otherwise be incoherent to the new system. But so far we haven’t found any such issues.
  So the crux of this post is: Is it prudent to import user data from another system and expect a simple chown command will make all right with the new system? Or are we glossing over some low-level fundamental (Server File Sharing ACLs?) and creating a time-bomb that will only go off after a week of user data changes at which point any path back out will involve user data loss.
  We’re going to start letting some users log on and grab their home dirs in the next day or two. Any and all comments are welcome.
  Thank you,
  -J

  Use Migration Assistant to restore your user files. You can find this application in /Applications/Utilities, so connect the external drive with your files, open Migration Assistant and follow the steps. Migration Assistant will create a second user account with your restored files.
  Migration Assistant will let you restore everything you had before (applications, pictures, music, videos...) and will let you choose which folders you want to restore. As you want to restore the iTunes library, make sure you check the Music folder.
  Respecting to iPhoto, that application is not included with OS X, so you have to download it from the Mac App Store. Just open it, log in with your Apple ID, go to Purchases and download it free of charge.

• Restrict manual change in sales order with respect to quotation

  Hi All,
  The user use to create sales order with respect to quotation.  The user can able to change pricing as well as some header and item fields.  How can I restrict user for manual change in sales order expect some specific fields.
  Thanks.

  Hi Sunil,
  It is possible through configuration better you can post in sd forums.
  For the condition type settings , ensure that the manual entries is 'D'. it wont allow any changes in the order.
  Regards,
  Madhu.
  Edited by: madhurao123 on Aug 1, 2011 1:08 PM

• Issues with Analysis Authorization on Infoset

  Hi all
  We are facing an issue with Analysis Authorization on Infoset, it doesnt seem to throw authorization error when we access a record that is outside the authorization. We tried to use the same authorization set up from the same user we try to access the a record that is outside the authorization it behaves correctly.
  Here is my setup
  0CRM_MKTELM__0CRMCAMPTYP = ZA11
  0TCAACTVT = *
  0TCAIPROV = *
  0TCAVALID = *
  When I tried to access ZA12 it should throw an authorization error but for infoset it doesnt seem to work. Is there anything that we should take note for Infoset?

  Hi Chee,
  I am getting similar issue.
  I believe navigational attribute was already a authorization relevant in your case.
  What and where did you set it as authorization relevant to make it work on infosets.
  Regards,
  Ramz

• Problem with analysis authorization- 0BI_ALL always needed

  Dear all:
  we have a serious issue on so-called "analysis authorization" now. We have auth-restricted user who only have authorization to access data on one company code. We also create a BI-authorization in analysis authorization and assign the following auth-relevant object to this authorization-
  0TCAACTVT = 01-03
  0TCAIPROV = ALL
  0TCAVALID = ALL
  0TCAKYFNM = ALL
  0COMP_CODE = A001
  And we create one query with only company code and number of employee in the row and column. But everytime we execute this query, there s always message" No Authorization". We used ST01 to trace and the result shows we need to have "0BI_ALL" in auth object S_RS_AUTH. If we added 0BI_ALL, all company code data will display, which definitely no auth restriction at all. Is there any specific authorization setting we need to do?
  We are stuck here pretty bad. Thank you all in advance if any input.
  BR
  SF

  Hi,
  I guess the Authorization profile is active , and in the Tcode PFCG -> Role name -> User tab page ( user comparision is done ).
  Check if any of the tab page shows red light .
  And assignment of 0BI_ALL is not a solution , as any user can do anything in the system.
  Also do not forget to log - off and log-in into system after changing into any of the authorization profile to see changes that had happened.
  Hope that helps.
  Regards
  Mr Kapadia
  Assigning points is the way to say thanks in SDN.

• Issues with Analysis Authorization checks in APO

  Hi Friends,
  I am facing an issue with Analysis authorization checks in APO.
  We have setup user access based on Management Entity (Analysis authorization - AGMMGTENT and 0TCAACTVT) and core APO authorizations (based on the work profile - e.g: Demand Planner).
  Scenario: Consider User A has access to India and Australia Management Entities with 0TCAACTVT - *
  This user also has display access to all management Entities (AGMMGTENT - * and 0TCAACTVT - 03). This scenario works very well in Quality where the RSECADMIN trace shows check on both Characteristics. However in Production the RSECADMIN trace shows up only against AGMMGTENT (*) and by default takes 0TCAACTVT as (*).
  In Quality the Characteristics that get checked are as below : and it works as expected. Display access for Management Entities that are supposed to be displayed only and change access to only the Management Entities that it should.
  However the Trace for Production shows the following : As a result it is allowing the user to change access to all management Entities. Which is not desirable..
  Resultant trace results are as below: This should not happen..
  I have compared all Analysis Authorizations and it is same across both Instances. The Demand planner access is consistent too..
  Will it be possible for you to advise on what could I be missing.

  Hi All,
  If it helps, in Quality: the Authorization checks are listed as: Subselection (Technical SUBNR) 1
  while in Production it checks Subselection (Technical SUBNR) 1 in one place, however where it fails - the check happens as Subselection (Technical SUBNR) 0.
  Is there a way we can change this to SUBNR 1. Is there any table entry that I can look at to check if the Authorization check is functioning incorrectly..
  Please advise.. Thanks..
  Regards,
  Prakash