Necessary Roles/authorizations required to Userid for workflow assignment.
Hi all,
Am working on a Custom workflow assignment.
This is the first time, customer is working on workflows in this system.
Henceforth, we need to do basic setup/configuration, before starting actual work.
I want to know, what all Roles/authorizations are required for my userid throughout the assignment.
Currently, we have got,
EXX_BC_SAP_ALL_RESTRICTED :: All authorization without basis
SAP_BC_BMT_WFM_ADMIN::Administrator for Business Workflow
SAP_BC_BMT_WFM_DEVELOPER::Developer for Business Workflow
SAP_SWFMOD_ADMIN::Workflow Modeler Administrator
Are these sufficient or do we need any other roles?
With above authorizations, i am unable to access below mentioned t-codes,
SWNCONFIG Extended notifications for business workflow
SWU3 Automatic Workflow Customizing
SWWCOND_INSERT Schedule background job for work item deadline monitoring
SWWCLEAR_INSERT Schedule background job for clearing tasks
Pls let me know the role, i need to get for above t-codes.
Kindly go thru your SU01 t-code & let me know what all roles are used in your workflow system.
cheers.
santosh.
Hi,
I recommend you to have roles related to SWLD tcode (SAP menu Workflow). The basis must know what are the exact names.
These are some roles:
SAP_BC_BMT_WFM_ADMIN --> Administrator for Business Workflow
SAP_BC_BMT_WFM_CONTROLLER --> Process Controller for Business Workflow
SAP_BC_BMT_WFM_DEVELOPER --> Developer for Business Workflow
SAP_BC_BMT_WFM_GP_ADMIN --> Role for Guided Procedure Business Workflow Administrators
SAP_BC_BMT_WFM_GP_SERVICE_USER -->Service User for Guided Procedures Business Workflow API
SAP_BC_BMT_WFM_PROCESS --> Business Workflow Implementation Team
SAP_BC_BMT_WFM_UWL_ADMIN --> UWL: Administrator for Workflow Functionality
SAP_BC_BMT_WFM_UWL_END_USER --> UWL: End User for Workflow Functionality
SAP_SWFMOD_ADMIN --> Workflow Modeler Administrator
SAP_SWFMOD_TRANSPORT --> Access to transport manager
SAP_SWFMOD_USER --> Workflow Modeler Administrator
SAP_WF_ADMINISTRATION --> Business Workflow: Work for administrator
SAP_WF_CONTROLLER --> Business Workflow:Work for process controller
SAP_WF_EVERYONE --> Business Workflow: Work for Everyone
SAP_WF_IMPLEMENTATION --> Business Workflow: Work for Implementation Team
Regards,
Similar Messages
-
What permission does the Service account requires on AD for the Workflow manager 1.0 to be configured in SharePoint Farm?
The workflow manager configuration wizard crashes with the below error when used a domain account (setup account with full prvilige on sql and server). It requires some specific permissions on AD ? I couldnt see any documentation stating what permission
it requires.
Can anyone help ?
Problem signature:
Problem Event Name: CLR20r3
Problem Signature 01: AUTRTV22OQMI5JWSVNDSSNCH0E5DQ2L1
Problem Signature 02: 1.0.20922.0
Problem Signature 03: 505e1b30
Problem Signature 04: System.DirectoryServices.AccountManagement
Problem Signature 05: 4.0.30319.17929
Problem Signature 06: 4ffa5bda
Problem Signature 07: 3ef
Problem Signature 08: 348
Problem Signature 09: KCKGYE1NBUPA2CLDHCXJ0IFBDVSEPD1F
OS Version: 6.2.9200.2.0.0.272.7
Locale ID: 1044
Additional Information 1: 8e7b
Additional Information 2: 8e7b3fcdf081688bfcdf47496694f0e4
Additional Information 3: c007
Additional Information 4: c007e99b2d5f6f723ff4e7b990b5c691
Log Name: Application
Source: Application Error
Date: 27.08.2014 11:47:54
Event ID: 1000
Task Category: (100)
Level: Error
Keywords: Classic
User: N/A
Computer: OSS01-MAP-226.global.corp
Description:
Faulting application name: Microsoft.Workflow.Deployment.ConfigWizard.exe, version: 1.0.20922.0, time stamp: 0x505e1b30
Faulting module name: KERNELBASE.dll, version: 6.2.9200.16864, time stamp: 0x531d34d8
Exception code: 0xe0434352
Fault offset: 0x0000000000047b8c
Faulting process id: 0x23a0
Faulting application start time: 0x01cfc1dbe703a8ac
Faulting application path: C:\Program Files\Workflow Manager\1.0\Microsoft.Workflow.Deployment.ConfigWizard.exe
Faulting module path: C:\Windows\system32\KERNELBASE.dll
Report Id: 36f30eb4-2dcf-11e4-9415-005056892fae
Faulting package full name:
Faulting package-relative application ID:
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Application Error" />
<EventID Qualifiers="0">1000</EventID>
<Level>2</Level>
<Task>100</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2014-08-27T09:47:54.000000000Z" />
<EventRecordID>7471545</EventRecordID>
<Channel>Application</Channel>
<Computer>OSS01-MAP-226.global.corp</Computer>
<Security />
</System>
<EventData>
<Data>Microsoft.Workflow.Deployment.ConfigWizard.exe</Data>
<Data>1.0.20922.0</Data>
<Data>505e1b30</Data>
<Data>KERNELBASE.dll</Data>
<Data>6.2.9200.16864</Data>
<Data>531d34d8</Data>
<Data>e0434352</Data>
<Data>0000000000047b8c</Data>
<Data>23a0</Data>
<Data>01cfc1dbe703a8ac</Data>
<Data>C:\Program Files\Workflow Manager\1.0\Microsoft.Workflow.Deployment.ConfigWizard.exe</Data>
<Data>C:\Windows\system32\KERNELBASE.dll</Data>
<Data>36f30eb4-2dcf-11e4-9415-005056892fae</Data>
<Data>
</Data>
<Data>
</Data>
</EventData>
</Event>
Log Name: Application
Source: .NET Runtime
Date: 27.08.2014 11:47:54
Event ID: 1026
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: OSS01-MAP-226.global.corp
Description:
Application: Microsoft.Workflow.Deployment.ConfigWizard.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.DirectoryServices.AccountManagement.MultipleMatchesException
Stack:
at System.DirectoryServices.AccountManagement.ADStoreCtx.FindPrincipalByIdentRefHelper(System.Type, System.String, System.String, System.DateTime, Boolean)
at System.DirectoryServices.AccountManagement.ADStoreCtx.FindPrincipalByIdentRef(System.Type, System.String, System.String, System.DateTime)
at System.DirectoryServices.AccountManagement.Principal.FindByIdentityWithTypeHelper(System.DirectoryServices.AccountManagement.PrincipalContext, System.Type, System.Nullable`1<System.DirectoryServices.AccountManagement.IdentityType>, System.String,
System.DateTime)
at System.DirectoryServices.AccountManagement.UserPrincipal.FindByIdentity(System.DirectoryServices.AccountManagement.PrincipalContext, System.String)
at Microsoft.ServiceBus.Commands.Common.SecurityHelper.IsUserValid(System.DirectoryServices.AccountManagement.PrincipalContext, System.String)
at Microsoft.ServiceBus.Commands.Common.SecurityHelper.IsDomainUserValid(System.String, System.String)
at Microsoft.ServiceBus.Commands.Common.ValidateUserAttribute.Validate(System.String)
at Microsoft.Deployment.ConfigWizard.UICommon.AccountDetailsViewModel.ValidateDomainUser()
at Microsoft.Deployment.ConfigWizard.UICommon.AccountDetailsControl.UserIdTextBox_LostFocus(System.Object, System.Windows.RoutedEventArgs)
at System.Windows.EventRoute.InvokeHandlersImpl(System.Object, System.Windows.RoutedEventArgs, Boolean)
at System.Windows.UIElement.RaiseEventImpl(System.Windows.DependencyObject, System.Windows.RoutedEventArgs)
at System.Windows.Controls.Primitives.TextBoxBase.OnLostFocus(System.Windows.RoutedEventArgs)
at System.Windows.UIElement.IsFocused_Changed(System.Windows.DependencyObject, System.Windows.DependencyPropertyChangedEventArgs)
at System.Windows.DependencyObject.OnPropertyChanged(System.Windows.DependencyPropertyChangedEventArgs)
at System.Windows.FrameworkElement.OnPropertyChanged(System.Windows.DependencyPropertyChangedEventArgs)
at System.Windows.Controls.TextBox.OnPropertyChanged(System.Windows.DependencyPropertyChangedEventArgs)
at System.Windows.DependencyObject.NotifyPropertyChange(System.Windows.DependencyPropertyChangedEventArgs)
at System.Windows.DependencyObject.UpdateEffectiveValue(System.Windows.EntryIndex, System.Windows.DependencyProperty, System.Windows.PropertyMetadata, System.Windows.EffectiveValueEntry, System.Windows.EffectiveValueEntry ByRef, Boolean, Boolean,
System.Windows.OperationType)
at System.Windows.DependencyObject.ClearValueCommon(System.Windows.EntryIndex, System.Windows.DependencyProperty, System.Windows.PropertyMetadata)
at System.Windows.DependencyObject.ClearValue(System.Windows.DependencyPropertyKey)
at System.Windows.Input.FocusManager.OnFocusedElementChanged(System.Windows.DependencyObject, System.Windows.DependencyPropertyChangedEventArgs)
at System.Windows.DependencyObject.OnPropertyChanged(System.Windows.DependencyPropertyChangedEventArgs)
at System.Windows.FrameworkElement.OnPropertyChanged(System.Windows.DependencyPropertyChangedEventArgs)
at System.Windows.DependencyObject.NotifyPropertyChange(System.Windows.DependencyPropertyChangedEventArgs)
at System.Windows.DependencyObject.UpdateEffectiveValue(System.Windows.EntryIndex, System.Windows.DependencyProperty, System.Windows.PropertyMetadata, System.Windows.EffectiveValueEntry, System.Windows.EffectiveValueEntry ByRef, Boolean, Boolean,
System.Windows.OperationType)
at System.Windows.DependencyObject.SetValueCommon(System.Windows.DependencyProperty, System.Object, System.Windows.PropertyMetadata, Boolean, Boolean, System.Windows.OperationType, Boolean)
at System.Windows.DependencyObject.SetValue(System.Windows.DependencyProperty, System.Object)
at System.Windows.FrameworkElement.OnGotKeyboardFocus(System.Object, System.Windows.Input.KeyboardFocusChangedEventArgs)
at System.Windows.RoutedEventArgs.InvokeHandler(System.Delegate, System.Object)
at System.Windows.EventRoute.InvokeHandlersImpl(System.Object, System.Windows.RoutedEventArgs, Boolean)
at System.Windows.UIElement.RaiseEventImpl(System.Windows.DependencyObject, System.Windows.RoutedEventArgs)
at System.Windows.UIElement.RaiseTrustedEvent(System.Windows.RoutedEventArgs)
at System.Windows.Input.InputManager.ProcessStagingArea()
at System.Windows.Input.KeyboardDevice.ChangeFocus(System.Windows.DependencyObject, Int32)
at System.Windows.Input.KeyboardDevice.Focus(System.Windows.DependencyObject, Boolean, Boolean, Boolean)
at System.Windows.Input.KeyboardDevice.Focus(System.Windows.IInputElement)
at System.Windows.UIElement.Focus()
at System.Windows.Documents.TextEditorMouse.MoveFocusToUiScope(System.Windows.Documents.TextEditor)
at System.Windows.Documents.TextEditorMouse.OnMouseDown(System.Object, System.Windows.Input.MouseButtonEventArgs)
at System.Windows.UIElement.OnMouseDownThunk(System.Object, System.Windows.Input.MouseButtonEventArgs)
at System.Windows.RoutedEventArgs.InvokeHandler(System.Delegate, System.Object)
at System.Windows.EventRoute.InvokeHandlersImpl(System.Object, System.Windows.RoutedEventArgs, Boolean)
at System.Windows.UIElement.RaiseEventImpl(System.Windows.DependencyObject, System.Windows.RoutedEventArgs)
at System.Windows.UIElement.RaiseTrustedEvent(System.Windows.RoutedEventArgs)
at System.Windows.Input.InputManager.ProcessStagingArea()
at System.Windows.Input.InputProviderSite.ReportInput(System.Windows.Input.InputReport)
at System.Windows.Interop.HwndMouseInputProvider.ReportInput(IntPtr, System.Windows.Input.InputMode, Int32, System.Windows.Input.RawMouseActions, Int32, Int32, Int32)
at System.Windows.Interop.HwndMouseInputProvider.FilterMessage(IntPtr, MS.Internal.Interop.WindowMessage, IntPtr, IntPtr, Boolean ByRef)
at System.Windows.Interop.HwndSource.InputFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
at System.Windows.Application.RunInternal(System.Windows.Window)
at System.Windows.Application.Run()
at Microsoft.Workflow.Deployment.ConfigWizard.App.Main()
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name=".NET Runtime" />
<EventID Qualifiers="0">1026</EventID>
<Level>2</Level>
<Task>0</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2014-08-27T09:47:54.000000000Z" />
<EventRecordID>7471544</EventRecordID>
<Channel>Application</Channel>
<Computer>OSS01-MAP-226.global.corp</Computer>
<Security />
</System>
<EventData>
<Data>Application: Microsoft.Workflow.Deployment.ConfigWizard.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.DirectoryServices.AccountManagement.MultipleMatchesException
Stack:
at System.DirectoryServices.AccountManagement.ADStoreCtx.FindPrincipalByIdentRefHelper(System.Type, System.String, System.String, System.DateTime, Boolean)
at System.DirectoryServices.AccountManagement.ADStoreCtx.FindPrincipalByIdentRef(System.Type, System.String, System.String, System.DateTime)
at System.DirectoryServices.AccountManagement.Principal.FindByIdentityWithTypeHelper(System.DirectoryServices.AccountManagement.PrincipalContext, System.Type, System.Nullable`1<System.DirectoryServices.AccountManagement.IdentityType>,
System.String, System.DateTime)
at System.DirectoryServices.AccountManagement.UserPrincipal.FindByIdentity(System.DirectoryServices.AccountManagement.PrincipalContext, System.String)
at Microsoft.ServiceBus.Commands.Common.SecurityHelper.IsUserValid(System.DirectoryServices.AccountManagement.PrincipalContext, System.String)
at Microsoft.ServiceBus.Commands.Common.SecurityHelper.IsDomainUserValid(System.String, System.String)
at Microsoft.ServiceBus.Commands.Common.ValidateUserAttribute.Validate(System.String)
at Microsoft.Deployment.ConfigWizard.UICommon.AccountDetailsViewModel.ValidateDomainUser()
at Microsoft.Deployment.ConfigWizard.UICommon.AccountDetailsControl.UserIdTextBox_LostFocus(System.Object, System.Windows.RoutedEventArgs)
at System.Windows.EventRoute.InvokeHandlersImpl(System.Object, System.Windows.RoutedEventArgs, Boolean)
at System.Windows.UIElement.RaiseEventImpl(System.Windows.DependencyObject, System.Windows.RoutedEventArgs)
at System.Windows.Controls.Primitives.TextBoxBase.OnLostFocus(System.Windows.RoutedEventArgs)
at System.Windows.UIElement.IsFocused_Changed(System.Windows.DependencyObject, System.Windows.DependencyPropertyChangedEventArgs)
at System.Windows.DependencyObject.OnPropertyChanged(System.Windows.DependencyPropertyChangedEventArgs)
at System.Windows.FrameworkElement.OnPropertyChanged(System.Windows.DependencyPropertyChangedEventArgs)
at System.Windows.Controls.TextBox.OnPropertyChanged(System.Windows.DependencyPropertyChangedEventArgs)
at System.Windows.DependencyObject.NotifyPropertyChange(System.Windows.DependencyPropertyChangedEventArgs)
at System.Windows.DependencyObject.UpdateEffectiveValue(System.Windows.EntryIndex, System.Windows.DependencyProperty, System.Windows.PropertyMetadata, System.Windows.EffectiveValueEntry, System.Windows.EffectiveValueEntry ByRef, Boolean, Boolean,
System.Windows.OperationType)
at System.Windows.DependencyObject.ClearValueCommon(System.Windows.EntryIndex, System.Windows.DependencyProperty, System.Windows.PropertyMetadata)
at System.Windows.DependencyObject.ClearValue(System.Windows.DependencyPropertyKey)
at System.Windows.Input.FocusManager.OnFocusedElementChanged(System.Windows.DependencyObject, System.Windows.DependencyPropertyChangedEventArgs)
at System.Windows.DependencyObject.OnPropertyChanged(System.Windows.DependencyPropertyChangedEventArgs)
at System.Windows.FrameworkElement.OnPropertyChanged(System.Windows.DependencyPropertyChangedEventArgs)
at System.Windows.DependencyObject.NotifyPropertyChange(System.Windows.DependencyPropertyChangedEventArgs)
at System.Windows.DependencyObject.UpdateEffectiveValue(System.Windows.EntryIndex, System.Windows.DependencyProperty, System.Windows.PropertyMetadata, System.Windows.EffectiveValueEntry, System.Windows.EffectiveValueEntry ByRef, Boolean, Boolean,
System.Windows.OperationType)
at System.Windows.DependencyObject.SetValueCommon(System.Windows.DependencyProperty, System.Object, System.Windows.PropertyMetadata, Boolean, Boolean, System.Windows.OperationType, Boolean)
at System.Windows.DependencyObject.SetValue(System.Windows.DependencyProperty, System.Object)
at System.Windows.FrameworkElement.OnGotKeyboardFocus(System.Object, System.Windows.Input.KeyboardFocusChangedEventArgs)
at System.Windows.RoutedEventArgs.InvokeHandler(System.Delegate, System.Object)
at System.Windows.EventRoute.InvokeHandlersImpl(System.Object, System.Windows.RoutedEventArgs, Boolean)
at System.Windows.UIElement.RaiseEventImpl(System.Windows.DependencyObject, System.Windows.RoutedEventArgs)
at System.Windows.UIElement.RaiseTrustedEvent(System.Windows.RoutedEventArgs)
at System.Windows.Input.InputManager.ProcessStagingArea()
at System.Windows.Input.KeyboardDevice.ChangeFocus(System.Windows.DependencyObject, Int32)
at System.Windows.Input.KeyboardDevice.Focus(System.Windows.DependencyObject, Boolean, Boolean, Boolean)
at System.Windows.Input.KeyboardDevice.Focus(System.Windows.IInputElement)
at System.Windows.UIElement.Focus()
at System.Windows.Documents.TextEditorMouse.MoveFocusToUiScope(System.Windows.Documents.TextEditor)
at System.Windows.Documents.TextEditorMouse.OnMouseDown(System.Object, System.Windows.Input.MouseButtonEventArgs)
at System.Windows.UIElement.OnMouseDownThunk(System.Object, System.Windows.Input.MouseButtonEventArgs)
at System.Windows.RoutedEventArgs.InvokeHandler(System.Delegate, System.Object)
at System.Windows.EventRoute.InvokeHandlersImpl(System.Object, System.Windows.RoutedEventArgs, Boolean)
at System.Windows.UIElement.RaiseEventImpl(System.Windows.DependencyObject, System.Windows.RoutedEventArgs)
at System.Windows.UIElement.RaiseTrustedEvent(System.Windows.RoutedEventArgs)
at System.Windows.Input.InputManager.ProcessStagingArea()
at System.Windows.Input.InputProviderSite.ReportInput(System.Windows.Input.InputReport)
at System.Windows.Interop.HwndMouseInputProvider.ReportInput(IntPtr, System.Windows.Input.InputMode, Int32, System.Windows.Input.RawMouseActions, Int32, Int32, Int32)
at System.Windows.Interop.HwndMouseInputProvider.FilterMessage(IntPtr, MS.Internal.Interop.WindowMessage, IntPtr, IntPtr, Boolean ByRef)
at System.Windows.Interop.HwndSource.InputFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
at System.Windows.Application.RunInternal(System.Windows.Window)
at System.Windows.Application.Run()
at Microsoft.Workflow.Deployment.ConfigWizard.App.Main()
</Data>
</EventData>
</Event>Hi Karthik,
You could refer to the series of videos below to install and configure workflow manager in SharePoint 2013:
http://technet.microsoft.com/en-us/library/dn201724(v=office.15).aspx
The Episode 2 describes the necessary account in AD with right permission in the installation process:
http://technet.microsoft.com/en-us/library/dn201724(v=office.15).aspx#episode2
Regards,
Rebecca Tu
TechNet Community Support -
Role authorization for product selection
Hi All,
i have a requirement for which i need your help. Now my Account Manager can see all products while placing an order. I want to restrict his selection to only 5* and 6* products. That means when he will look for placing an order in the next time, he should only see 5* and 6* products not all products. Can you please tell me how to go about this role authorization.
your valuable inputs will be appreciated.
Regards,
SasmitaHi,
I feel Access Control Engine would be the most elegant and futuristic solution.
However, you need to review all the solutions suggested. Solution suggested by Shalini and Ashish are more practical. However, generally partner product range is used in case of Sold-to parties.
Please review all the solutions suggested and take decision based on circumstances at your client's end.
You can get more information about Access Control Engine at
http://help.sap.com/saphelp_crm40/helpdata/en/04/0177f9bb67ac4cafb84bb4d4c1d8fc/frameset.htm.
Also there are several guides and cookbooks on ACE at service market place.
Regards,
Deepak -
Restricting the ATP user for GATP - corrrect roles/authorizations
Hi:
If the dialog user that is used for the ATP check (from ECC to GATP) has more authorizations than needed and this is going to be a problem in production. The user can run SCM transactions from the results screen of ECC and this is not desirable.
Therefore, the ATP user should be a restricted user that has only authorizations for this specific task. If you know what are the exact roles/authorizations to give to the ATP user, could you share them?
Thanks in advance.
SatishFor R/3 please check OSS Note 447543 - APO: Authorizations too comprehensive/not user-specific.
"If it is necessary to have different authorization profiles in APO for different R/3 users when calling in APO, the following solution applies:
Activate the setting in SM59 that is used for the RFC connection CURRENT USER.
In the APO system, create the respective users and assign authorization profiles. This is necessary in order to achieve the necessary flexibility concerning authorizations in the APO system."
For APO :
AuthorizationsObject C_APO_ATP in APO .
please chose activity as per user role.
01 Create or generate
02 Change
03 Display
04 Print, edit message
06 Delete
16 Execute
39 Check
Manish
Edited by: Manish Kumar Rathi on Oct 21, 2008 1:24 PM -
Roles,Authorization,Authorization objects for APD
Hi Experts,
Can anyone give me the list of roles,authorizations,authorization objects required related to APD.
Its been a problem for us getting stuck at each authorization.
With Regards,
Meiyappan.The Analysis Process Designer allows you to work with a large number of objects. This includes different BW objects such as InfoProviders, InfoObjects or queries, and also other objects such as temporary database tables that are influenced by actions already carried out and are authorization-relevant.
Note 919614 - APD: FAQ authorization -
Authorization required for creating new Organizational units
Hi all,
How can we give authorization required for creating new Organizational units (IMG CRM Master Data Organizational Management Organizational Model Create Organizational Model) to a particular user?
Thanks and Regards,
Archanathe basis guy should be able to help.
at a higher level: you need to set authorizations to the roles assigned, the transaction code is pfcg.
you may create a new role with the required authorization and assign to the relevant users.
hope it helps..
regards
RH -
Authorization required for creating new Organizational units in CRM
Hi all,
How can we give authorization required for creating new Organizational units (IMG CRM Master Data Organizational Management Organizational Model Create Organizational Model) to a particular user?
Thanks and Regards,
ArchanaHi archana,
U can Create a role through Transaction PFCG.
Just create a role and assign the tcode PPOCA_CRM if u want to give the user just only this authorization otherwise u can select the menu list from sap menu and assign this role to that user.
Another way is if that user already exist in that system then just assign that particular transaction codr with that user.
Hope it will help u
Regards
Subhash -
Role & Authorization for HR Administrator?
How to define role for
1) PA Administrator
2) Time Administrator
3) Payroll Administrator
What kind of authorization should be given for
1) PA Administrator
2) Time Administrator
3) Payroll Administrator
What kind of authorization should be given to the HR Manager?You Normally Create ROle and Assign these users.
1) PA Administrator
All PA infotypes Reports etc
2) Time Administrator
ALl time Infotypes and reports
3) Payroll Administrator
All payroll Infotypes (8,9,14,15,0267) for international and reports and forms and programs if required.
Afrasyab -
Error :Authorization check for caller assignment to J2EE security role whil
Hi Experts,
i m working as a portal resource .
after the deployment of standered Sap e-rec package .
i m getting some error. i have assigned the recruiter role to one test user.
Now i m getting two issue:
1)All the services are appearing in Detailed Navigation Pannel but not in Portal content area..
2) I m able to see few iview for the test user but those are also in detailed navigation view.
And few ivews are giving following error :
i)Internal error
ii)error 2011-12-19 07:59:57:315 ACCESS.ERROR: Authorization check for caller assignment to J2EE security role [sap.com/com.sap.lcr*sld : LcrInstanceWriterNR] referencing J2EE security role [SAP-J2EE-Engine : administrators].
/System/Security/Audit/J2EE com.sap.engine.services.security.roles.audit n/a EP-DEV-KRT Server 0 0_97989
Full Message Text
ACCESS.ERROR: Authorization check for caller assignment to J2EE security role [sap.com/com.sap.lcr*sld : LcrInstanceWriterNR] referencing J2EE security role [SAP-J2EE-Engine : administrators].
please suggest what can be done or what is pending from my side.Prajakta2602 wrote:
Hi Experts,
>
> the previous issue got solved..
> it was due to servies pack miss match and applying notes
> the Basis guy checked the SLD logs and accordingly found that the base components J2EECORE and JTECHS required paching as per
> notes 1445294 and 1175239 were applied.
> now the issue is:
>
>
> After implemetation and i assigning the standerd sap roles
> 1)Recruiter Administrator
> 2)Recruiter
> to the test user .
> but for few iview it is showing error as in
> 1) you are not a authorized user
> 2) internal error
>
> please help experts.
>
> i m working on portal side have i to assign any role to that test user..
>
>
> Thnaks & Regards,
> Prajakta
You can run a quick check using the below steps:
1. Check in backend whether there is any authorisation errors... you may use transactions SU53 or ST22 for any ABAP errors
2. Also check in NWA -> log viewer -> last 24 hours log for the particular user to see any java related issues.
Regards,
Mahesh -
All I want to know is if Distributed Transaction Coordinator services of the application role are required by SQL Server 2012 for clustering and support of SharePoint 2013.
I have been planning and deploying my companies first Windows Server 2012/SQL Server 2012 Always On cluster and Always On Availability Groups Multi-Subnet cluster and instances for SharePoint 2013, and I will be brutally honest, the documentation on either
the MSDN and TechNet leave alot to be desired. Continually finding links in the documentation will take me from a Windows 2012 reference to a page talking about Windows Server 2008 or R2, The differences of which there are so many when it comes to configurations,
settings, roles, services when working with SQL Server 2012. I have been confused, frustrated, screaming mad, with all the misdirection in this documentation. The documentation takes me windows 2008 R2 which is different than 2012!
Tired and trying to pick myself up off the floor!
Greg
GmanIn general, DTC is not required for SQL 2012. But, since you are asking specifically about SharePoint, it would be better to ask in a SharePoint forum. They would be more likely to know those situations where FTC might be needed by SharePoint.
.:|:.:|:. tim -
Custom Approval Screen required for workflow to be executed via CRM Web UI
My requirement is to create a custom approval screen for workflow. I am Not aware as to how to create a custom approval screen for workflow that could view via CRM Web UI and Execute the workitem as well.
Experts please help me with the creation of a task with custom approval screen.Hi Surjith, thanks for your answer but is not the right one.
This is an standard method and is working fine, I think the problems must be in some setup I have to do but I'm missing.
Thanks a lot.
Regards
Felipe -
Authorization Required for RFC user in R/3-APO system.
Could you please help regarding one authorization issue. I want to know the authorization required for one RFC user. Now this RFC user used for RFC connection of SAP R/3 - SAP APO system. user type is given dialog type and SAP_ALL profile has been given to this user id. Now I have to remove SAP_ALL from this user id in R/3 and APO system and provide the required the authorization in R/3 and APO system.
Regard
AuroshikhaThe RFC authorisation depends completely on what the user is doing (ALEREMOTE?). We can't tell you what RFC auths your connection requires.
There is a guide to doing this here: https://wiki.sdn.sap.com/wiki/display/Security/BestPractice-HowtoanalyzeandsecureRFC+connections -
Table for Role & Authorization group
Hi Gurus,
I am looking for a table or FM to get all roles for Authorization group.
I tried in SUIM tcode but could not able to find exact DB table for these.
Giri
P.S.: To Moderator:
My earlier thread was locked for the same question, I was searching in SDN and google from last 3 days and could not able to find enough information on it. AGR_USERS, TBRG, TACT are the tables i found. But still there is a link missed between Role & Authorization Group.Thomas,
My report have selection screen with Auth group and user.
If user provides Auth. Group then need to find all roles linked to auth group and users assigned to that role.
In my investigation, there is link between Auth. Group <--> Auth. object.
Also Auth. Object <--> Role.
but still there is a fine link missing between Auth Group <--> Role.
For Eg: Auth Object S_TABU_DIS will be associated to all Auth. Groups but assigned to only limited roles.
I tried to debug the SUIM transaction multiple times but couldn't find the tables to find the link and not able to find the FM's.
if anybody have any idea to find that link between Auth. Group & Role then it will be helpful....
Giri -
Hi,
I have some basic conpectual problem about roles and rules.
What is the diffrenece between roles and rules in sap business workflow ? What is the Tcode for Role creation/Change/Display and Rule creation/Change/Display ?
I am using a standard workflow for PR Release "WS20000077".
I have done all the setting except this agent assignment using roles or rules. The default rules used in the task "TS20000159" is "20000026". The Binding from workflow to rules container is also defined by the workflow itself.
This rules is defined using a function module.When I am putting a breakpoint in this function module and tring to execute my workflow it is not going to the given breakpoint but the workflow is running successfully as shown in the event trace "SWE2".
What could be the problem..Pls suggest?Hi Tanuja,
Go through this link for [Rule Documentation|http://help.sap.com/saphelp_nw04/helpdata/en/bb/bdc296575911d189240000e8323d3a/frameset.htm]
And
http://help.sap.com/saphelp_nw2004s/helpdata/en/95/ed94ee764c11d3b535006094b9c9b4/frameset.htm
Go through this link for [Roles in Workflow|http://help.sap.com/saphelp_nw04/helpdata/en/f4/4a5536ad3d2a17e10000009b38f839/frameset.htm]
Hope this would help you.
Good luck
Narin -
Provider : Authorization Required (Workflow Provider)
I am trying to use Oracle Workflow as a provider.
I have defined an external application (using basic authentication) - that works fine.
I have created a provider.xml, it is registered, the config files modified etc - the test page works fine.
I have linked the provider to the external application.
When I add the portlet to a page I always get the following error message (from the Workflow Application Server) :
Authorization Required
This server could not verify that you are authorized to access the document requested. Either you supplied >the wrong credentials (e.g., bad password), or your browser doesn't understand how to supply the credentials >required.Here is my provider.xml :
<provider class="oracle.portal.provider.v1.http.URLProvider">
<session>true</session>
<authentication class="oracle.portal.provider.v1.http.Authentication">
<authType>basic</authType>
</authentication>
<portlet class="oracle.portal.provider.v1.http.URLPortlet">
<id>1</id>
<name>CCC_PROV_WF_JMR_2</name>
<title>Job Manager Workflow Provider</title>
<description>Job Manager Workflow</description>
<timeout>100</timeout>
<timeoutMessage>Job Manager Workflow timed out</timeoutMessage>
<showEdit>false</showEdit>
<showEditDefault>false</showEditDefault>
<showPreview>false</showPreview>
<showDetails>false</showDetails>
<hasHelp>false</hasHelp>
<hasAbout>false</hasAbout>
<acceptContentType>text/html</acceptContentType>
<registrationPortlet>false</registrationPortlet>
<accessControl>public</accessControl>
<renderer class="oracle.portal.provider.v1.RenderManager">
<showPage class="oracle.portal.provider.v1.http.URLRenderer">
<contentType>text/html</contentType>
<pageExpires>60</pageExpires>
<pageUrl>http://sirius.caprion.com:7777/pls/wf_drep</pageUrl>
</showPage>
</renderer>
<securityManager class="oracle.portal.provider.v1.http.URLSecurityManager">
<authorizType>public</authorizType>
</securityManager>
</portlet>
</provider>
ANY IDEAS ?
ThanksThe relative links need to be converted to absolute links. You can use a filter to achieve this. You need to define your filter similarly to this after the pageURL definition:
<filter class="oracle.portal.provider.v2.render.HtmlFilter">
<headerTrimTag><body</headerTrimTag>
<footerTrimTag>/BODY></footerTrimTag>
<baseHRef>your_page_url</baseHRef>
<convertTarget>true</convertTarget>
</filter>
Maybe you are looking for
-
How do I open a new FireFox browser window to the home page and url filled?
win 7 64-bit, firefox 5 open new window no url. When I have firefox open and open a new browser window, the new window does not open on the home page and no url is present in the address field. If I click on the favicon in the address field, the url
-
What is kernel_task, and why is it taking up so much RAM and CPU?
I have recently upgraded to OS X Mavericks, and despite promises of extreme performance, my MPB has been running slower than ever before. According to Activity Monitor, "kernal_task" is taking up 600+ MB of RAM and hasn't dropped since I upgraded. It
-
Can't send message to a SPECIFIC Mac email address
My daughter has two iCloud e-mail addresses (@mac.com, @me.com), as do I. My outgoing and incoming iCloud mail service is working properly EXCEPT when – and ONLY when – I try to send her mail. I get the infamous "cannot send message using the server"
-
I have a menu that is on a top layer that scrolls up to reveal a second menu on the next layer. When clicking a link or scrolling up, the behavior is correct in that the menu scrolls up revealing the menu below. However, when scrolling back down, the
-
Whey I Plug in my ipod i tunes did not pop up need help please
Please help