Moving Roles,Role-relations& Permissions

Similar Messages

• How to find roles related to any Customer in BW.

  Hi All,
  i am working as an SAP Security analyst and i am trying to find out the roles related to some customer in BW. I have tryied to find the roles under the object Z_G8D_SALE and under the object Z_G8D_VL3 with the technical name of the report. To get the technical report name i have user tcode "RSSM". but through this i am getting a list of lots of GCRs out of which i have to find out manually that which GCR is related to which customer.
  i have also tryied to find out on the forum as well but could not get any satisfactory solution.
  I would appreciate if some could provide me the solution.

  To find out particular company code or plant related role first you have to check the authorization object for charecteristic 0PLANT and 0COUNTRY. After getting the authorization object maintained for comany code. for ex:
  Object A contain 0COUNTRY  and have value India for ex.
  Check Role having object A through SUIM and u will get the role for  that particular country.
  Hope this helps

• Create Roles and Permissions using API

  Hello,
  I'm new to Java and I'm trying to create Roles and Permissions in LiveCycle using API's. Can someone please check and correct my code below?
              //Create a ServiceClientFactory object
              ServiceClientFactory myFactory = ServiceClientFactory.createInstance(connectionProps);
              // Create an AuthorizationManagerServiceClient object
              AuthorizationManagerServiceClient amClient = new AuthorizationManagerServiceClient(myFactory);
              RoleImpl ri = new RoleImpl();
              ri.setName("Test ES Role");
              ri.setDescription("Test Role via API");
              ri.setMutableStatus(true);
              amClient.createRole(ri);
  Executing the above code throws exception as below;
  com.adobe.idp.um.api.UMException| [com.adobe.livecycle.usermanager.client.AuthorizationManagerServiceClient] errorCode:16385 errorCodeHEX:0x4001 message:Exception thrown is NOT a DSCException : UnExpected From DSC chainedException:java.lang.IllegalStateExceptionchainedExceptionMessage:null chainedException trace:java.lang.IllegalStateException
            at com.adobe.idp.dsc.clientsdk.ServiceClientFactory$1.handleThrowable(ServiceClientFactory.j ava:72)
            at com.adobe.idp.dsc.clientsdk.ServiceClient.invoke(ServiceClient.java:220)
            at com.adobe.livecycle.usermanager.client.AuthorizationManagerServiceClient.createRole(Autho rizationManagerServiceClient.java:159)
            at com.adobe.lc.ManageRolesAndPermissions.main(ManageRolesAndPermissions.java:70)
  Caused by: java.lang.NoClassDefFoundError: javax.ejb.EJBException
            at com.adobe.idp.dsc.clientsdk.ServiceClientFactory.evaluateMessageDispatcher(ServiceClientF actory.java:595)
            at com.adobe.idp.dsc.clientsdk.ServiceClient.invoke(ServiceClient.java:215)
            ... 2 more
  Caused by: java.lang.ClassNotFoundException: javax.ejb.EJBException
  Thank you,
  Sandeep

  Mahesh,
  Refer to your other thread ..
  API to create new items in inventory
  API to create new items in  inventory
  Regards,
  Hussein

• OBIEE Roles and Permissions

  Hi,
  I am new to OBIEE. I have installed OBIEE 10.1.3.4.1 in Windows Machines.
  I want to create user in OBIEE and i need to give appropriate permissions those users.
  How to give roles and permissions in OBIEE .Please help me
  Thanks,
  Vijay.

  Hi Vijay,
  Please start here; http://gerardnico.com/wiki/dat/obiee/security_10g
  Good Luck,
  Daan Bakboord
  http://obibb.worpdress.com

• Windows XP users moving files creates 000 permissions

  Hello.
  I am having some difficulty figuring this one out. We have a few labs of dual booting machines, using bootcamp and bootpicker. Using an AD/OD triangle (AD authentication, OD home directories) The windows clients all remap to the os x server for their home directories. I am getting odd behavior on the OS X Server when a client moves a file inside Windows XP.
  When somone makes a file in XP and saves it to their network home it comes across with the proper permissions. However, if that file or any other file is clicked and dragged into a folder inside of XP (on the OS X Server) the permissions become 000, "none" all the way across. Also the ACL's become duplicated, in this instance the admin had read only, but in Server Admin when I looked at the file there were three instances of the admin's ACL for the file after the file "zeroed".
  Creating new files is fine, and if you right click and say copy then paste the permissions are correct. It's only when you click and drag a file that the permissions go awry. Since creating new files and folders works as it should, does anybody have any ideas what to look at for why a file being moved would cause the permissions to be erased?
  Hardware:
  Mac Pro running 10.5.8 server.
  XServe RAID hosting home directories
  iMacs dual booting 10.5.8 and fully updated XP.
  Software:
  OD on 10.5.8 server with augmented AD users.
  Windows XP desktops authenticating against AD via PGINA with OD hosted homes.

  robert,
  It appears that in the past few days you have not received a response to your
  posting. That concerns us, and has triggered this automated reply.
  Has your problem been resolved? If not, you might try one of the following options:
  - Visit http://www.novell.com/support and search the knowledgebase and/or check all
  the other self support options and support programs available.
  - You could also try posting your message again. Make sure it is posted in the
  correct newsgroup. (http://forums.novell.com)
  Be sure to read the forum FAQ about what to expect in the way of responses:
  http://forums.novell.com/faq.php
  If this is a reply to a duplicate posting, please ignore and accept our apologies
  and rest assured we will issue a stern reprimand to our posting bot.
  Good luck!
  Your Novell Forums Team
  http://forums.novell.com

• RPM Project Item and role relation

  Dear All.
  i  am new to RPM project. I have created few roles in one project/ or Item. Now i want see all the roles in RPM tables and the relation between porject/ item GUID and role GUID. since business want see Bucket; Item; and roles in same report
  BR;
  J B
  Edited by: J B on Apr 22, 2010 9:15 AM

  Resolved my self

• Roles and Permissions in Oracle BI Publisher

  Hi,
  I am trying to do Role based access in the Oracle BI reporting.The roles will be in the OVD/OID and OBIR reports access should be controlled as per those roles.
  The document I refered is
  http://docs.oracle.com/cd/E14571_01/bi.1111/e13880/T539768T526688.htm#xdosa_und_users.
  When I clicked on Permissions and added some permissions like Read,Write etc..and clicked Ok,"Failed" message is displaying.
  Any idea why this error is coming?
  Thanks in advance.
  Edited by: Subin Cheruvath on Feb 17, 2013 11:00 PM

  DiscoUser.
  Skulls lays it out well in that a database user has a database name (ie: rproudman). Then they can have a role (ie: cost manager).
  Similarly in Oracle Apps, there is an Oracle Apps user (ie: could be the same - rproudman). And they can have one or many responsibilities (ie: cost manager).
  Where Disco is concerned, is that if you create an Apps mode EUL, when you log in with your Oracle Apps username and password, you are presented with a list of Oracle Apps responsibilities that have been assigned to you in Oracle Apps (unless you only have 1 responsibility where the list won't be presented, but you'll be using that responsibility by default). As security, workbooks, etc. can - AND SHOULD - only be shared with responsibilities, when you log in to Disco as one responsibility, you might see a number of reports you're allowed to run. Go back in with a new responsibility and you may see a different set of reports. Works just like switching responsibility in Oracle Apps.
  Russ

• Roles and permissions

  I have a couple of questions.
  1. How would I go about fitting a custom permission resolver for SOA suite ?
  2. Is there a way to print the roles,users and permissions to debug ? My roles could be in LDAP or a database but permissions are in system-jazn-data.xml. Why are these permissions stored in a XML file ?
  Mohan

  Where do the LDAP implementation classes write their logs ?
  My worklist application writes logs to orabpel.log like the following.
  <2009-05-16 16:46:44,954> <DEBUG> <collaxa.cube.services> <LDAPUtil::getJNDIContext> JNDI Connection received
  My bpel console hits openldap but does not write log the same way. It shows that the user does not have enough privileges. So basically I don't see what is being done by my LDAP classes.

• Moving roles with user assignment

  Hi There,
  Need your help...
  We have roles and users created in QA for training, now we want to move roles from QA to Production with user assignment.
  Users that are created in QA for training have also been created in Production, is it possible to move the roles from QA to Production with the user assignment.
  Thanks and Regards,
  Azher.

  Table PRGN_CUST does'nt contain any entries, its an empy table in QA.
  USER_REL_TRANSPORT entry with value NO locks system from TR imports with User assignment. So you have to ensure your target system-Production does not has that entry in PRGN_CUST.
  TR is geting created in Local change request which cannot be moved to Production.
  This TR request are created in Local Change request only when you do not specify a target system/group . All you need to do is specify the "Target" while creating the TR in PFCG (subsequent screen after you hit Create request) and release your TR via SE10. Once released, the TR would be added to the import queue of Production. You/your Basis team can import it manually via STMS_IMPORT (Extras>Other requests>Add TR and CTRL+F11 to import). If there are any errors please have Basis team to review the transport logs.
  P.S:  You can only transport direct user assignments of roles via PFCG transport option described in my post. In case of indirect user assignments that were created using Organizational Management (HR-Org), you will have to use transport functionality in Organizational management.
  Thanks
  Sandipan

• Role within a role, seperate permissions

  Hi there
  I have a role, HR, which must appear in the top level navigation. That is simple to do ... create the role, add iviews etc., mark as entry point and assign users to the role ... displays nicely.
  Now, as part of the HR section, we would like another section, namely Payroll, which is only accessible to certain people.
  I can create a new role, called Payroll, and assign certain users to that role.
  I then add the Payroll role to the HR Role ... Payroll now appears in the detailed navigation as required, but all users have access to the iviews within the Payroll role, which is not what we want.
  If I mark the Payroll role as an entry point, then it only appears in the top level navigation for users who have been assigned to the role.
  This makes me think I have the permissions configured correctly.
  What do I need to do to make detailed navigation rely on the role permissions? It would appear the permissions are being "inherited" from the parent Role, which is not what I want.
  Is there a way to get a role within a role to keep its permissions and ignore the parent permissions?
  Can I do this in the detailed navigation, or should I be trying something else?
  Should this perhaps be done at a workset level instead?
  Any help would be greatly appreciated (and no doubt points awarded)

  Thanks Marty
  I had forgotten about Merging, and that seems to have gotten me most of the way.
  I can successfully merge, and the new item only appears for the relevant users, but it merges quite high.
  I would like the merging to happen in the detailed navigation, but I can't seem to get this right.
  At the moment, I have 2 worksets, namely Home and Payroll. I set the merge properties on these 2 worksets. Home workset is then assigned to the HR Workbench role. When I log in as a user who has access to the Payroll role, then I see the HR Workbench role, and in the second level navigation, I see Home and Payroll (worksets).
  What I would like, is to have the Payroll workset appearing in the detailed navigation.
  I have tried merging on the folders in the Home workset, but still don't see anything in the detailed navigation.
  Do you know if it is possible to merge in the detailed navigation, or only top level navigation?
  Thanks for the answer ... I will reward points now

• Query on Roles and permissions in UCM 11g

  Hi,
  I have a query as follows:
  The administrator user can assign multiple roles to a user. If a user has more than one role, the permission becomes ______and ____.
  Is it,
  Addictive
  Less Restrictive
  More Restrictive
  Subtractive
  Please help.

  Sounds like a certification test question :-)
  I think the correct answers are Addictive and Less Restrictive
  (the user will get permissions based on all the roles he or she is assigned to)

• Role for Permissions in PPS

  Hi,
  Can nay one advice which role contains the permissions control in SRM PPS functionality during single bid as well two bid.
  I have not found the same in Operational purchaser role and Stratagic purchaser role.
  Thanks a lot in advance.
  Thanks&Regards,
  Babu

  Hi,
  Please try after assigning Manager role in Portal as well as in backend system.
  SRM role - > /SAPSRM/MANAGER
  Portal role -> Search in User management with Manager keyword and assign
  regards,
  ankur

• Displaying multiple roles related to a single key value in a single view MVC 4

  Dear Team,
           My name is Ajay Sutar. I am newly learning MVC 4, as we are about to initiate a new project in ASP .NET MVC 4. I am using a details scaffolding to display a  single
  record. but now my single employee have multiple roles. As example,
   Emp_no    |    Role                     | Salary 
   E1             | Software Engineer  | 10000
   E1             | Tester                     | 10000 
  as i have used Details scaffold and FirstOrDefault method of linq for this view, I am unable to display the second role "Tester" in the  output. only first role is geeting displayed.
  What i want is :
  Emp_no : E1                 Role: Software Engineer                  Salary:10000
                                                Tester 

  Hello,
  Welcome to MSDN forum.
  I am afraid that the issue is out of support range of VS General Question forum which mainly discusses
  the usage of Visual Studio IDE such as WPF & SL designer, Visual Studio Guidance Automation Toolkit, Developer Documentation and Help System
  and Visual Studio Editor.
  Because you are working with ASP.NET Web Application, I suggest that you can consult your issue on ASP.NET forum:
  http://forums.asp.net/
   for better solution and support.
  Best regards,
  We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
  Click
  HERE to participate the survey.

• Associate roles and permissions to users that existe on a database

  Hi,
  i want realise a secure authentification i used ADF Configuration but i found out that i cant bring my users from my database. i can just create new users with roles in Jdeveloper.
  do you how we can bring users to Jdeveloper and associate to them roles and permission ?

  i found this tutorial that is that what i did :
  1. Start up weblogic server (Run .. Start Server Instance)
  2. Log on to weblogic console ( http://localhost:7101/console/ )
  3. Use default username/password weblogic/weblogic1
  4. Create a datasource to connect to the schema where the authenticating database tables are (Services .. JDBC .. Data Sources)
  5. Use unique name for datasource. Use JINDI name of jdbc/
  6. Enter database name, schema name and password and test
  7. Add new Authentication provider (Security Realms .. myrealm .. Providers .. New)
  8. Enter datasource name, type SQLAuthenticator click Ok
  9. Going back into provider, change control flag to Sufficient
  10. Select Provider Specific tab and choose Plaintext passwords, password algorithm SHA-1
  11. Shut down weblogic
  12. Edit config.xml file in JDEV_DIR/system11.1.1.2.36.55.36/DefaultDomain/config and replace sql authenticator sql statements with those from web blog
  13. Restart weblogic.
  14. Go to users/groups tab in securty realm and view users and groups imported from database
  15. Set control flag for other providers to "Sufficient"
  source : http://brent.hmdclinical.com/2010/03/using-database-tables-as-weblogic.html
  but the step 12 i dont know what i need to change and with what ?

• Restrict Moving roles with user assignment

  Hi There,
  Need your help...
  How to restrict to move roles from dev->QA with user assignment. (want to disable the user assignment restirction)
  Thanks and Regards,
  Gnanaprakasam

  Unfortunately this is not the default installation setting, so you need to go into the security settings customizing and change the USER_REL_IMPORT switch to 'NO'.
  This does however NOT make the checkbox disappear in the transport source system. It prevents the import in the target... so you must set it and transport it there first, then it works.
  Cheers,
  Julius