MDM documentation required
Hello All,
I need some basic Concepts on MDM .
can you please send soem links and material to the following email address.
[email protected]
Thanks,
Agarwal
Hi agarwal,
Please go through this SDN link for MDM concepts and details
<u>SAP Master Data Management (SAP MDM) - EIM - SAP Developer Network</u>
And For Complete Documentations on MDM follow this link:
https://websmp201.sap-ag.de/~sapidb/011000358700004121872006E.HTM
Regards
Rehman
Reward Points if Information Is Useful
Similar Messages
-
Hello All:
I am new to MDM Security Administration and would like to know how and what controls are available in the system. (Example controls on able, fields etc)?
I am trying to compile a Task/Function Matrix which will help the functional teams convey their access requirement in the system.
Help is much appreciated.
KhurramHi Khurram,
I am new to MDM Security Administration and would like to know how and what controls are available in the system. (Example controls on able, fields etc)?
I am trying to compile a Task/Function Matrix which will help the functional teams convey their access requirement in the system.
MDM security is largely maintained by the presence of roles and users. We can have roles defined in MDM which will have proper authorizations. We can then create users and then assign them roles so that we can maintain the security in MDM. This all can be done through MDM console.
These authorizations ensures that only users who have access or read/write authorization will be able to perform theie respective tasks.
This is what is mentioned in SAP Help documentation in this regard.
A. MDM Repository Security
A traditional SQL DBMS allows you to define basic user-level security to prevent unauthorized access to the database. You can specify the tables to which each user has access, granting at the table level either: (1) no access to the table; or (2) complete read/write access to the table, including access to all of its fields and records.
By contrast, MDM supports a dramatically more flexible multidimensional security scheme that provides much more granular control over which users can access an MDM repository, which functions they can perform, and which tables, fields, and records they can access. The MDM security scheme includes:
● Users. A user represents an entity that can connect to and access the MDM repository. Each user has a user name and password, and is assigned one or more roles that collectively specify the complete set of privileges for that particular user.
● Roles. Each role specifies a set of privileges to access each of the MDM repositoryu2019s tables, fields, lookup record values, and records, and to perform each of the repository functions. The same role can be assigned to more than one user.
● Privileges. For each repository function, you can either prevent or allow the role to perform the function, and for each table and field, you can grant the role full read/write access or read-only access.
● Constraints. For the Masks table and some lookup tables (those referenced by at least one single-valued lookup field and no multi-valued lookup fields), you can specify the set of masks or lookup values that should be visible and accessible for the role.
Precisely defining each role u2013and then assigning one or more roles to each useru2013 provides very fine control over who can access an MDM repository and how they can access it.
You can define repository security from within the MDM Console by working on the following administrative tables, which are located under a repositoryu2019s Admin node in the Console Hierarchy tree:
● Roles. Defines the sets of functional permissions, access privileges, and record constraints that can be assigned to MDM user names.
● Users. Defines the MDM user names that can access the MDM repository and manages their role assignments.
Within a SQL-based DBMS, you can use views to precisely control field- and record-level access by various users. However, views are cumbersome to manage, and more importantly, degrade system response, often creating severe performance bottlenecks.
B. Console-Level Repository Security
Recall that MDMu2019s multi-level security model supports granular, role-based repository access to functions and data from within MDM client applications. This multi-level security model extends to administrative functions within the MDM Console itself.
The MDM Console security scheme includes:
● Users
Repository administrators must connect to an MDM repository with an MDM user name and password before any administrative tasks can be performed in the MDM Console.
● Roles
The roles assigned to an administratoru2019s MDM user name determine which administrative functions are permitted or restricted for that administrator in the MDM Console.
● Privileges
Administrative, Schema, and Change Tracking functional groups on the Roles table enable granular control over access to all MDM Console functions.
With these features, you can precisely define limited administrative roles for each of your administrators or administrative tasks. You can then assign these targeted roles to users instead of the Admin role, which retains full access to all MDM privileges.
Kindly go through the link below to get additional info:
http://help.sap.com/saphelp_mdm550/helpdata/en/8e/9f9c427055c66ae10000000a155106/frameset.htm
Go to ->Repository maintenance->MDM repository security
You will find enough information.
Hope it helps.
Kindly reward points if helpful
Thanks and Regards
Nitin Jain -
Documentation required for NEW OBIEE implemenation
hi,
which documentation are required for NEW OBIEE implementation? what r their standard formats/template (ie. AIM )
Any one have sample doc for it? What is presales demo?Hello,
Greetings! I downloaded the documentation library for OBIEE 11g as zip file on my win 7 (64 bit) machine. I did the extraction. It took more than 1 hour to extract. It was accessing the oracle site during extraction.
Is it normal? Why does it go to oracle site for ZIP file extraction?
It created multiple folders. I find some HTML file on the root folder of documentation on my desktop. If I open it, it shows all the documentation of Oracle products. If I click the links, it will not open the respective documentation.
I did not find any getting started guide for OBIEE there.
Any thoughts?
Could you let me know the relevant OBIEE documentations for learning OBIEE 11g?
What is the recommended sequence of going through OBIEE documentations?
Thanks in helping me out. -
ISE integration with Mobile Device Management ( MDM ) help required
Dear Techies,
Am here bring to your notice an different issue and no much resources to support even in PEC or Cisco Document.
We are conduction a Proof Of Concept (PoC) on Secure Bring Your Own Device ( BYOD ) using Cisco ISE and gonna test all the scenarios like Wired, Wireless and VPN user access.
Setup Brief :
=========
Our Setup has ISE VM acting as Admin, Monitor and Profiling Device, we have NAC 3315 physical Appliance as Inline posture Device, Wireless LAN controller, Access point and the Identity source as Microsof Active Directory
Having Plans to Integrate Mobile Device Management ( MDM ) and Citrix VDI setup also.
Activity Brief:
=========
As of now we have tested the Wired Scenario Authentication and authorization for guest users and gonna carry out the profiling and posture.
Clarifications Required
================
Wired Scenario - Require some configuration / steps on how to carryout posture for the guest wired users i.e. LAPTOP.
Wireless Scenario
MDM can be integrated to ISE ?
How the MDM can be integrated to Cisco ISE configuration or Guide to show the same?
What is the demarcation between MDM and ISE ( i.e. What is the role of ISE and MDM on Mobile Devices ) ?
If MDM is available so then when the control of ISE ends, does MDM do management or ISE will do management of the devices ?
Is MDM will do client provisioning or ISE should do ?
Is MDM send or update patches of Mobile Devices ?
As of now these are the scenarios, kindly revert if any good documents to show this or share your expertise on the Integration Part.
Thanks for Reading...
ArunI would like to avail your valuable inputs to understand on the Client provisioning part for the Mobile Devices/ Laptop. I understand from your reply that MDM integration is not available in the current release ISE 1.1 - That is correct.
Kindly let me know your views or any documents on the following scenarios with the current release in mind
1. User with Mobile devices connecting to Wireless ( both Employee and Guest ) , How the Flow differs for the Employee and Guest. How the client provisioning is done ( i.e. Like Posturing or Compliance Check ).
The posturing and compliance check is done based on the user authentication information (i.e. AD memberOf vs Guest user) combined with the users endpoint (windows, mac osx, or a mobile device), ISE then has a few decisions to make based on the authorization policies. For example, if a Domain User coming from a Windows 7 machine joins the network, then can either use the nac agent, or the web agent. Then you can scan for registry settings, file settings, program requirements, hotfix compliance...and the list goes on. If the user fails a check then you can either assign an acl for the user so they only have guest access, or you can place them into a remediation vlan the options are entirely up to the requirements and however the solution is implemented.
2. User with Laptop connecting to Wireless ( both Employee and Guest ). How the client provisioning is done ( i.e. Like Posturing or Compliance Check ).
Guests are usually redirected to the guest portal which they authenticate and their user group falls within the Guest container that is on the ISE internal database, that is usually coupled with an authorization profile that grants them internet access. For the client provisioning, that is usually done based on the operating system, via profiling (dhcp, and user agent string., netmap...etc) and can be fine tuned for all laptops or to a specific set of users based on their group membership.
3. What are advantages of having ISE also in place for Mobile devices, since most of the Mobile related tasks ( like Authentication, Authorization, Profiling and Posture ) are carried out by MDM. I am checking for the significant advantage of having ISE for Client network having only Mobile devices. Kindly clarify.
Currently the advantage of Cisco ISE is that it supports profiling within wireless and really fits well within a network that has mostly Cisco products since they are all part of of the Borderless security initiative being driven on the backend. The product teams for wireless, wired, security (vpn..etc) and ISE are pretty close in building their solutions so that you can get connected with any device any where (sorry for the sales pitch). The latests wireless code is improving and is going to have support similar to the ios sensor for wired devices where dhcp, cdp, and other attributes can be sent in the radius packet for better profiling decisions. With integration for an MDM platform coming soon, and also support for TACACS rumored (have to verify with your account rep) you have options that really stand out from a unit that only supports MDM. Cisco ISE also comes with a wireless product ID so that makes the budget work when it comes to deploying ISE if you arent looking for enforcement on your wired devices.
4. Do you recommend 802.1X Authentication to use for the Employee and Contractor? The Guest user authentication as Open ?
For internal users and vendors the best option by far is dot1x, almost all operating systems are capable of performing dot1x and the 1.1.1 MR has a piece now that can provision the supplicant for the users, by using scep to enroll certificates or configure peap settings.
There is a feature within the guest portal that allows you to statically assign guests into endpoint group, that feature is called device registration web authentication. It seems like an open network but uses mac filtering to assign these devices to an endpoint without requiring users to enter any credentials. They are presented with an AUP page, once they accept their mac address is mapped to the endpoint group
5. How can we ensure the Encryption of traffic from the Guest user to the NAD ( Network Access devices ) ?
This may be a wireless question but I am sure the encryption is done using AES and using dot1x as the key management here is a brief background for this - http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a00807f42e9.shtml#L2
You can also use the anyconnect client which can provide macsec which is layer 2 encryption for wired - http://www.cisco.com/en/US/prod/collateral/vpndevc/ps6032/ps6094/ps6120/qa_c67-622477_ns1049_Networking_Solutions_Q_and_A.html
6. We are also looking for VDI ( Citrix, VMware ) solution for the client ( both Employee and Guest ) , how ISE can play a role in securing the VDI environment.
For most thin clients you can perform dot1x authentication on the device itself, however that is something the manufacturer will have to support. This is a little gray for me.
7. Is that any integration required with Citrix or VMware. How the VDI can be offered based on the User role ( i.e. Employee, Contractor or Guest ), since Guest database is available only with ISE, how the checks are made from the VDI environment.
IN ISE there is an identity sequence which can authenticate users in AD first, if the user is not found then it can look in the internal database.
Our solution demands MDM in the integrated solution, As on today ISE cant be integrated with MDM. so what kind of solution we can propose to have MDM and Cisco ISE .Do the clients now enter the network should have already installed the MDM agent (or) any other way of pushing the same to the Client.
Today there is no integration between the devices, the last release time I heard was December for this feature. However it would be best to confirm with your Cisco Account rep on this issue.
Thanks,
Tarik Admani
*Please rate helpful posts* -
Documentation Required: Migrate uPerform to New Hardware
Hi All,
I am currently looking at what it would take to migrate the uPerform server to updated hardware that is still in compliance with the recommended specifications. So far I haven't found anything helpful in OSS notes or other documentation from the SAP support side. I did find what appears would help me on Ancile's support portal but the site requires login credentials: Online Guide to Moving uPerform Databases in Microsoft SQL in uPerform 4.30 or Higher .
Can anyone provide information on where to find any SAP documentation on hardware migration activities for uPerform? Can the software just be installed on the new target and databases restored from the source application server, or are other flat files etc. required? Any document or input would be appreciated.
Thank you!Thank you, I have opened an incident as directed. Additionally, I would still be interested for any info or issues encountered from others who migrated to new hardware.
Thank you. -
Sample Documentation Required for Ready to install SAP ZApplication
HI experts,
If any one can help me with getting some sample documentation on Customised SAP application.
I have developed a similar application which interfaces the hardware with SAP and i want to document it according to SAP standards.
Any help would be appreciated,
Sachin SoniHi,
EHPs are cumulative, you should only install the parts from the latest EHP (=EHP3).
There is no need (and benefit) to install EHP1 or 2.
The download should be done using Solution Manager Maintenance Optimizer (not SMP) - here you get also a valid Stack XML generated which ist required to perform the installation.
More information here: The specified item was not found. or here: http://service.sap.com/~sapidb/011000358700001166742007E
Best regards,
Christian. -
Fi Entries Documentation required
Dear Sap Gurus,
How the entries will get posted either in FI or Co for Cost of goods sold,cost of goods manufactured, Wip,Variance and Settlement. Can any one forward me the detail documentation on this to mail id [email protected]
Regards,
krishnaHi,
Good afternoon and greetings,
For Cost of Goods Sold...at the time of Outbound Delivery for a Sales Order using tcode VL01N, using the movement type 601 (configured in Tcode OMWB) the system passes the following entry
Dr. Cost of Goods Sold A/c
Cr. Inventory Account
For Cost of Goods Manufactured...at the time of doing confirmation for the production order using Tcode CO11N and MB31, the system would use Movementy Type 261 (configured in Tcode OMWB) for consumption of materials
Dr. Raw Material Stock A/c
Cr. Inventory - Raw Material A/c
the system would use MT101 for Tcode MB31 (configured in OMWB) and would do the following entry for goods receipt against Production Order
Dr. Stock - Finished Goods A/c
Cr. Manufacturing Output A/c
the addition of Consumption Account + Labour Charges = Cost of Goods Manufactured (this would also include Overheads)
For WIP...the production order is planned for 100 PC and you do a partial confirmation for 50 PC and goods issue for 25PC...the 25PC would be treated as WIP automatically by the system provided the production order is TECOed and WIP is calculated.
For Variance...the system would compare the planned cost vs actual cost for a production order and would calculate the variance.
For Settlement...the system would pass an accounting entry for the variance calculated in the previous step as below
Dr. / Cr. Production Variance Account
Cr. / Dr. Manufacturing Output Account
Please reward points if found useful
Thanking you
With kindest regards
Ramesh Padmanabhan -
Documentation required on Output Designer
Hi,
I am new to Adobe Output Designer development.
Can someone please help me by sharing documentations or some useful links on Adobe Output Designer?
Thanks in Advance.There is documentation for Output Designer in the installation directory where you installed it (e.g. C:\Program Files\Adobe\Output Designer 5.6\Documentation\). The DevelopingTemplates.pdf has Section 9 - Advanced Template Concepts and Appendix A - Intelligent Pagination Reference. These two explain the use of the Preamble in Adobe Output Designer forms.
-
Architectural/design documentation required for Self Service Expenses application
I'm looking for architectural/design documentation on the Oracle Applications Self Service Expense Reporting application.
Specifically I'd like to know how it was designed & architected, what technologies were used to develop it (e.g. CABO, B24J, Oracle Workflow, AQ etc.) and how these technologies interact to form the final system.
We have a product called the Oracle Migration Workbench. It is a standalone java-based application that facilitates the migration of non-Oracle databases over to Oracle9i. We're investigating the possibility of developing a web-based migration capability. Of course we appreciate that moving from a tool-based, single user solution to a web based, multi user solution is not a trivial task.
Seeing that you guys would have already tackled many of the challenges we face I'd appreciate it if you can provide me with any pertinent information.
Any white papers/architectural collateral you can give me would be greatly appreciated.
thanks in advance
- GarryHi Did you ever get this documentation? I would really appreciate some more info on this to [email protected]
-
SAP ME 5.2 Web Services Documentation required
Hello Everyone,
With reference to the existing thread on the url SAP ME Webservice Documentation?,can i find the mentioned additional SAP 5.2 Web Services documentation,if so please share the link of the same.
Thanks,
Rajiv KumarRajiv,
This document is delivered within SDK training package for SAP ME.
Regards,
Sergiy -
Documentation Required for Function Module
Hi,
Can Provide me the documentation how to create function module in ABAP.
Regards
Ravihi,
BAPI Step by step Guidance
BAPI stands for Business Application Programming Interface.
There are 5 different steps in BAPI.
- Create BAPI Structure
- Create BAPI Function Module or API Method.
- Create BAPI object
- Release BAPI Function Module.
- Release BAPI object.
Step1. Creating BAPI Structure:
- Go to <SE11>.
- Select Data Type & Enter a name.
- Click on Create.
- Note: Always BAPI should be in a development class with request number (Not Local Object).
- Select Structure & hit ENTER.
- Enter the fields from your database. Make sure that the first field is the Primary Key Field.
- Then SAVE & ACTIVATE.
Step 2. Creating BAPI module:
- Enter TR.CODE <SE37>.
- Before entering any thing, from the present screen that you are in, select the menu
Goto -> Function Groups -> Create Group.
Enter a name (ZBAPI)
Let this screen be as it is and open another window and there, enter TR.CODE <SE80).
Click on the Third ICON that says Inactive Objects.
Select the group that you just created and click on Activate.
Notice that the group you created will disappear from the list of inactive objects.
- Go back to <SE37> screen and enter a name and hit <ENTER>. Then enter the group name that you just created and activated.
NOTE: When you release a function module the respective group will be attached to that particular application. It cannot be used for any other application. NEVER include an already existing group that is attached to another module.
Now click on the first Tab that says [ATTRIBUTES] and select the radio button that says remote-enabled module since we will be accessing this from any external system.
Then click on the second tab that says [IMPORT].
Enter a PARAMETER NAME, TYPE and the structure you created in the first step. Also select the check box u2018Pau2019. All remotely enabled functional modules MUST be Pa enabled, where Pa means u2018Passed by Valueu2019 and if you donu2019t select u2018Pau2019, then that means it will be passed by reference..
Then click on tab that says [EXPORT].
Enter the following as is in the first three fields
RETURN TYPE BAPIRETURN (These 3 field values are always same)
Here also select u2018Pau2019 meaning Pass by value.
Note: BAPIRETURN contains structure with message fields.
Then SAVE and ACTIVATE.
Ram .
Edited by: Ramakullay Challa on Jun 2, 2009 10:31 AM -
Cisco CUCM NTP documentation/requirements
Hello all,
Just wondering about the "actual" NTP clock Stratum version requirements when
installing Cisco CUCM. As the three sources below show varying results;
So first we have the install guides;
Note
Cisco recommends that you use an external NTP server to ensure accurate system time on the first node. Ensure the external NTP server is stratum 9 or higher (meaning stratums 1-9). Subsequent nodes in the cluster will get their time from the first node.When you are installing Cisco Unity Connection on a virtual machine, you must specify an external NTP server.
http://www.cisco.com/en/US/docs/voice_ip_comm/cucm/install/8_6_1/install/cmins861.html#wp804989
Then the SRND;
Unified CM automatically synchronizes the NTP time of all subscribers in the cluster to the publisher. During installation, each subscriber is automatically configured to point to an NTP server running on the publisher. The publisher considers itself to be a master server and provides time for the cluster based on its internal hardware clock unless it is configured to synchronize from an external server. Cisco highly recommends configuring the publisher to point to a Stratum-1, Stratum-2, or Stratum-3 NTP server to ensure that the cluster time is synchronized with an external time source.
http://www.cisco.com/en/US/docs/voice_ip_comm/cucm/srnd/8x/netstruc.html#wpxref14097
And finally the NTP White Paper;
For Cisco Unified CallManager Versions 5.0 and later:
– Manual configuration of the ntpd.conf file is not allowed.
– Cisco Unified CallManager prompts the administrator to specify the external NTP server at publisher installation and automatically populates the ntpd.conf file on the publisher server.
– The ntpd.conf files of all other cluster servers are automatically configured to point to the publisher as the NTP source.
• Configure the publisher to point to a traceable stratum 1 clock source.
• Configure network latency between the publisher and the dedicated clock source so that it is within 40 milliseconds round-trip time (RTT).
http://www.cisco.com/en/US/prod/collateral/voicesw/ps6788/vcallcon/ps556/prod_white_paper0900aecd8037fdb5.html
Thanks for any light you can shed on this.
Cheers!
Rob
"Spend your life waiting,
for a moment that just don't come,
Well, don't waste your time waiting"
-SpringsteenLeo,
Do you have reference for this.
Still murky waters:
In 9.1 release Stratum 5 no longer enforced.
http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/rel_notes/9_1_1/CUCM_BK_RD7D4696_00_cucm-release-notes-911a/CUCM_BK_RD7D4696_00_release-notes-for-cisco-unified_chapter_0110.html
External NTP Server Requirements
The procedure "Set up first node" has been updated to remove the requirement that the external NTP server be Stratum 5 or higher. When you configure the first node, Cisco recommends configuring the publisher to point to a Stratum 1, Stratum 2, or Stratum 3 NTP server to ensure that the cluster time is synchronized with an external time source. -
OS migration documentation required
Hello Experts.
Can anybody share OS migration document with me?
I need to migrate HP-UX to AIX6.0.
So, please it will be very helpful if anybody share it.
Thanks,
Sudip.You can use the system copy guides, it contains a path how to do that.
However, heterogeneous migrations must be done using a certified migration consultant on-site, otherwise you will loose support for the migration and for the target system (see http://service.sap.com/osdbmigration). This is also the reason why there are no defined guides for that.
Markus -
Hello,
We would like to develop our inHouse Mobile Device Management but I only found general documentation about the way it work.
Is there any doc about API and how to develop our own MDM server ? Which message should be sent through Push notification server, how to register on server, how are MDM profile structured, etc ???
Regards,
DavidNeed Enterprise Account for a mdm documentation
1. http://developer.apple.com/devcenter/ios/index.action
2. iOS Provisioning Portal
3. Certificates
4. Other
5. Mobile Device Management Protocol Reference
click this then you'll be able to download enterprise mdm pdf -
How to handle data quality by using rules defined outside SAP MDM
Hi All,
I have a requirement: There are number of cleansing rules defined in different quality product. I need to integrate that quality tool with SAP MDM. Is it possible to do this? I guess with the help of Java API's!!!!
Can I use MDM enrichment controller here? If yes, than how to use it.
thx,
R.nHi R.n
The MDM Enrichment Framework is certainly the best way to answer your requirements.
Please see the Enrichment Architecture guide at MDM Documentation Center http://service.sap.com/installMDM
A recorded demo session at SDS Community Page is available to present such system.
Regards
Orit
Maybe you are looking for
-
R12 Supplier Open Interface issue- Supplier Sites Rolling up to address
I am doing a supplier conversion, and when I do...the sites roll up to the address. You look at the address book and the sites with the same address roll up. I don't want this. We want a one-to-one relationship. One site, one address...no matter if i
-
Adobe Reader 11.0.03 won't open
I am using a Dell laptop with Windows 7. Until today, I could open my PDF files using Adobe Reader 11.0.03. Now the reader window opens then closes when I try to open a file. I have uninstalled AR and reinstalled it. I have gone through the trouble s
-
PS CS4 - Displays images in triangles while in PS. See Screenshot.
Hello I just downloaded and installed PS CS4 Extended, and set to use the Trial. Okay so my problem is that whenever i open a new document and start to color in it, it displays in some triangles or well spikes. You can see a Screenshot i took. So, I
-
Hi all, Just upgraded to i tunes v 6. Is buying videos from i tunes music store the only way to get videos to play in i tunes? if yes, thanks. but if not how do I import, for instance lets say a quicktime video to play in i tunes. Thanks!
-
Net Invoices from Input Vat Account
Hi Experts, I have an Input Vat account for an specific Company Code that has the netting functionality properly working. This functionality was turned on after a number of invoices had been processed for that account, and the account has a positive