New SAP User
Hi All,
I am a New user in SAP HR and I would like to know what components I should check in the sytem before going ahead with any configuration??
Hello!
1.Take the details of your log on like user name, password, client i,e Development, sand box, Quality.
2.Package given for the HR configuration to save all your customizing requests.
3.While configuring the Organization Management be sure about the Plan Version 01 i.e, Current Plan we generally select, it should be in Active Status, so that it can be transported for Quality testing.
4.While configuring Personnel Administration check the user profile for the MOL for country grouping & USG User Group (HR Master Data).
Similar Messages
-
Hi All SAP experts,
My company has implemented 2 Systems SAP Landscape with one development and one production server which are running on R/3 Enterprise 4.7 (Kernel Release 6.20) with Microsoft SQL 2000 as database server.
I have the following questions regarding new sap user creation by using user copy function.
1.When I request to create new SAP User by using user copy function ,should I just create the user acct in DEV and transport it to PROD System? If yes, how could I do that?
2.When I request to create new SAP User by using user copy function, can I just create it on PROD System only? If yes, what is the impact?
3.When using User copy function to create new user acct, should I select all parts (like adress ,defaults,reference user, user groups.....) of the existing user to be cloned to new user acct?
Thanks.
LeonHi Leon,
Answer to your questions in their respective order:
1. You can create user in DEV and then make remote client copy to PRD system using scc9 t-code. Here you can choose user accounts and authorizations for the copy. ( Rem: Data will be overwritten in target system when copied).
You can also use client export/import(scc8/scc7)
But, When you do the client import from the exported files using STMS,you will have to select only one of the transport requests and then STMS automatically selects the other requests for you.
Then it will show you the different transport requests that you have created during your export, the client copy profile and the target system and client. The customizing and application data is deleted in the target client before copying for all profiles except SAP_USER. This is technically unavoidable (and hence the data will be overwritten).
So if you can afford overwritting of user data in target client , you can go with the above procedure.
2. Using user copy in su01, you can copy one user to another user only in that client and is confined to that system only. So yes, If you want 2 or more users to have same authorizations, profiles ,etc etc.. you can choose this in PROD system.
3. It depends.. If you want user to be in same group, then you can choose user groups. If you want them to have same authorizations , you can choose roles and profiles... If you want them to have same company address and others,... you can select address.. and so on.
Also below link provides required steps in case you choose local/ remote client copy:
http://www.sap-basis-abap.com/bc/client-copy-by-using-scc8-and-scc7.htm
Hope this helps...
Thanks,
Ajith
Edited by: Ajith Kamath on Oct 20, 2009 8:28 AM -
Hi All,
OK help and advise needed. My office has agreed to purchase a Mac Book Pro for my useage but i need to find out how i can continue to use SAP on the system.
At present i use the following on a Windows XP system
Release: 620 final release
File version: 6206.6.44.965
Build: 641640
Patch level 44
I need to be able to log into SAP and use the same functions as present. can i do this on a Mac with 10.4.10 OSx or leopard?
What will i need to download in order to install SAP Gui on the MAC?
Sorry for a newbie question but our IT Admin has not looked into this before and i need to confirm if there is any problems and if there is I need to test VM windows with SAP running inside?
Thanks in advance
DarrenHello Darren,
please have a look at SAP GUI.
Best regards
Rolf-Martin -
Business Partner ID same as SAP User ID
Hi All,
We have one SAP Service Desk Implementation going on.
There is an intresting requirement as follows:
1) BP ID generated should be same as their respective SAP User ID, irrespective of the BP Role.
2) First Run for Mass Generation has to be done and that should take care of point 1.
3) Business Partners should be automatically created by system whenever a new SAP User ID is created in system landscape.
I know that if i use external number range, this can be done. Moreover there is one standard BP Mass Creation program also. But challenge is to find setting which makes this BP ID generated same as SAP User ID.
In past, I have manually created external BPs like this because volume was very low in those projects... but now we have more than 1000+ users whose will be associated with service desk.
Please advice.
Regards,
SMHi,
there is a technical problem with your request:
BP numbers are limited to 10 characters but user IDs can have up to 12 characters.
So you will not be able to set BP number = user ID if you have user IDs with more than 10 characters.
Regards,
Christoph -
SAP* user not working in new client
Hi,
I created a new client from SCC4. And now I am trying to login with SAP* user and pass password but it is not allowing. Note provided in SAP Config Guide is not working.
I installed SAP Solution Manager 7.0 SP12 and then created a client.
Please let me know how to solve this issue.
Points will be awarded.
Regards.Hi!
I agree that the issue is probably due to the parameters for the automatic user SAP* - not sure about the Masterpassword though - the newly created client is only an entry in a table at this stage, so I don't think the system will know any password but the hardcoded one...
Something you should be very careful about is the Java-Stack, which is part of SolMan7 and which runs SMD. The Java stack can only interface with one client properly, so I am not sure what's the idea behind the newly created client.
Regards,
Jörg -
Role of SAP Functional & Basis Consultant for any new authoirzation/user ID in Support Phase
Dear Expert,
Please let us know what is standard /best practice for below activities in SAP Support phase?
Who will responsible for Authorization Matrix?
Who will be first point of contact (Functional / Basis Consultant) to SAP user for any new authorization request?
Who will do the testing & impact analysis of new authorization?
If we provide any new SAP transaction code to the end user & user is facing authorization object issue then who will be first point of contact for user Functional / Basis Consultant?
Also who will be fist point of contact (Functional / Basis Consultant) for new User ID creation request?
In our current practice Functional consultant is dealing with end user. He is taking requirement of new Report/Transaction access request & doing analysis. Then he is taking approval from BPO & based on BPO approval Functional consultant is providing training to end user. When end user is accepted requested report requirement in standard report or transaction data process then Functional consultant is sending request to Basis consultant along with authorization parameters like Role, Organization parameters, type of activity (create/change/display/delete) etc.
Our Basis consultant is not agreeing for this process & he want to directly deal with end user for all activities & he will take help of Functional consultant if required.
Sorry friends this is not technical discussion but it is create big dispute between our internal support team regarding who will be first point of contact for any authorization related issue?
Regards / Aviya.Dear Aviya Paul,
1. Who will responsible for Authorization Matrix?
Authorization Matrix that define "what position may have access to which authorization/ role" shall be developed by User (Management), with support from BASIS. User is the one who have the authority to decide, while BASIS should help User in understanding the technical knowledge of access authorization.
2 to 5. BASIS. -
CUP - Issue regarding creation of New SAP ID in CUP.
System : SAP GRC 5.3 SP 12..
We have requirement where in we need to design a workflow for creation of New SAP ID.
The Naming convention followed for SAP ID is FIRST LETTER of FIRST NAME and LAST NAME with maximum 8 characters.
For Eg
JOHN SMITH would have SAP ID as JSMITH
JERRY SMITH would have SAP ID as JSMITH01
The requirement here is when user fill the REQUEST FORM for NEW User ID there is field where in the requestor need to put the desired SAP ID,
Can a validation be set OR Logic be written so that user can put the SAP ID as per the naming convention..?
Also , any other solution as to how the situtation can be handled in CUP...
Regards.
AjitHi Ajit,
Yes, you can maintain the user ID in the Active Directory. User id will be now auto populated in the request form, from Active Directory when we data Source is LDAP -Actice directory. So when user login to end user form to create a request, It's all information( user details + manager details ) will fetched from Active Directory.
It is not possible to change userid in later stage of approval in the request.
You can have security as final stage and guide them to create user manually as per naming convention.
Make auto provisioning OFF in CUP
Kind Regards,
Srinivasan -
Backup message error -SAP system is running or SAP user is connected to dat
Hello ..
when the backup started i got this message error ..before starting the backup, the shell shutdown the sap system but below message was showed
BR0262I Enter database user name[/password]:
BR0055I Start of database backup: bedvugxg.aff 2010-08-08 05.31.48
BR0484I BRBACKUP log file: /oracle/AAA/sapbackup/bedvugxg.aff
BR0477I Oracle pfile /oracle/AAA/102_64/dbs/initAAA.ora created from spfile /oracle/AAA/102_64/dbs/spfileAAA.ora
BR0068E SAP system is running or SAP user is connected to database AAA - database cannot be shut down
BR1025I Please shut down SAP system first or use the 'offline_force' option
BR0056I End of database backup: bedvugxg.aff 2010-08-08 05.31.48
BR0280I BRBACKUP time stamp: 2010-08-08 05.31.49
BR0054I BRBACKUP terminated with errors
[Major] From: "OMNISAP" Time: 08/08/10 05:31:49
BRBACKUP /usr/sap/AAA/SYS/exe/run/brbackup -t offline -d util_file -c -m all -u hpbkup/******* returned 3
i am new on this, what should i review into the db?
Regards and thanks in advance
Dma.Hello Daniela,
you try to perform an offline backup (which is a very uncommon way nowadays) and your SAP system is not down.
This is also described in the official documentation:
http://help.sap.com/saphelp_sm32/helpdata/en/0d/d309664a0c11d182b80000e829fbfe/content.htm
offline: Database backup in offline mode, in other words, the database is shut down during backup. When you select this parameter, BRBACKUP checks that no SAP system users are connected to the database. If an SAP System is active, the database is not shut down and BRBACKUP terminates the process with an error message (message number BR0068E).
Regards
Stefan -
Create new portal-user with webservice
Hi,
I'm trying to develop a ejb-webservice which is creating a new Portal-User.
The webservice is working so far, I made methods like getDisplayName() which is returning the display name to a logonId and so on. All this is working. I'm using the component sap.security.api.sda for this.
Problem: User-creation is not working. I think the problem might be, that a webservice is not authorized to create users? Or putting it in another way: Is it possible that a webservice is "logging in" at the portal, or sohehow authorizing itself?
Thanks and regards
Jan HempelHi Detlev,
thanks for Your answer.
It seems like that the problem was caused by using array-parameters in the webservice-method?!
Strange, but after removing the array-parameter from the method it worked! Before the webservice never returned anything, not an error or anything else.
Well, strange enough, but I can live with that.
regards
Jan -
AD SSO with entry point for SAP users....
A client would like to use Active Directory (AD) Single Sign On rather than SAP for authentication purposes. There are two potential scenarios we would need to support:
Scenario 1, access to SAP BW (General Ledger, Profit Centre Accounting) and relational systems. There would be no security restrictions at the database level (OLAP and relational). The majority of users would access data from this scenario.
Scenario 2, access to HR SAP BW OLAP cube. SAP Security roles would be enforced.
Scenario 1 user and a scenario 2 user are not mutually exclusive. Therefore an HR user could have the rights to query a relational system or a non HR SAP system. Second, not all users in Scenario 1 will have an SAP account, but they will need to access non HR SAP data. Valero does not want to create new SAP accounts for these people.
I see two possible solutions:
1. Create two infoview entry points (eg different ports). One for AD SSO, the other for a SAP challenge and response. We used to have two infoviews in XIR2 when we deployed the SAP integration kit. How would I do this in 3.1?
2. Use Server Side Trust and SNC.
Can anyone offer any opinions of ideas?
Thanks,
Steve
Edited by: Steve Bickerton on Dec 17, 2008 5:43 PMHi Steve,
you are correct that SNC for the client authentication and the server side trust (based on SAP Crypto. lib.) will solve this
Ingo -
Generate a new SAP mode maximized and active working with Excel or Word
Hello!
We have an event that it generates a new SAP mode in the desktop. This mode is generated ok (maximized and active) if the user is working in other SAP mode in this moment.
But this mode is generated minimized if the user is working with a Word or Excel Microsoft document in this moment.
We need to generate this new mode: ACTIVE and MAXIMIZED when the user is working wiht any non SAP tool in that moment. Is this possible??
We have checked the following functions module with failed results:
NAVIGATION_EXECUTE_OBJECT
ECATT_START_GUI_REMOTE
TH_CREATE_MODE
Thanks in advance!!
Regards,
Message was edited by:
Elisa VillellasCould you try disabling graphics hardware acceleration? (I'm having trouble determining from your "More system information" whether it's enabled or disabled.) Since this feature was added to Firefox, it has gradually improved, but there still are a few glitches.
You usually need to restart Firefox in order for this to take effect, so save all work first (e.g., mail you are composing, online documents you're editing, etc.).
orange Firefox button ''or'' classic Tools menu > Options > Advanced
On the "General" mini-tab, uncheck the box for "Use hardware acceleration when available"
If you restart Firefox, is the issue resolved? -
Oracle 10g Rel 2 - Proxy connection authentication with SAP User ID
Dear Experts,
We are currently doing some research and planning to upgrade SAP R/3 4.6C to ECC 6 and upgrading Oracle from version 9.2 to 10.2
In upgrading to Oracle vers. 10g Rel 2, we got advised that Oracle has apparently introduced a new proxy connection authentication, in which the SAP user ID is given limited privileges (create session only) ??
If you have any information on this or known any impact about this issue, please advise us.
Thanks in advance.Thanks for your help, Kaushal.
I also found the SAP Note 834917 (Oracle Database 10g: New database role SAPCONN and it seems to be on a right direction to cope with that problem.
- For Oracle releases earlier than 10gR2, the CONNECT role includes extensive database authorizations and the more restrictive CONNECT as of 10gR2.
- To overcome this restriction, SAP need to find a way to compensate this, so does it come SAPCONN.
- SAPCONN is the new SAP-specific database role, which is defined to support the normal SAP applications operations (CONNECT, RESOURCE and SELECT_CATALOG_ROLE).
Once again, thanks. -
SAP users identification - rename SAP Ids
Dear all,
We have a project to change the codification of our SAP users.
We will use the AD ids as SAP users instead of the current codification.
We will copy the current user to a new one and close the current.
After this operation, all the users will lost their layout variants, their user-settings ...
Do you know if it is possible to transfer all the user-specific objects to the new user ?
Do you know if a program exists to list all the program where the SAP user is used ?
thanks for you help.
Kind regards
VéroniqueDear Lynn,
We were in SAP ECC 6.0
We created a specific program to recreate old users to new users based on an input file.
We didn't rename the user to keep the old user and keep the possibility to check the complete settings of this user.
We deleted the old user one year after.
With the specific program :
1/ we created the new user
2/ we copied some settings : layout variant, workflow settings, user settings, power list settings (linked to SAP EP)
we have the possibility to close the old user (lock and validity date) but we did it after in a second step
I hope it is clear
thanks
regards -
Creating second InfoView entry point for SAP users in XI 3.1
Hi All,
I have BOE XI 3.1 up and running with the Business Objects Integration kit SAP Solutions kit I would like to create a second infoview entry point for SAP users on the same physical box (single server) as regular InfoView.
I am trying to mock this up and have detailed the following steps below. I suspect I am missing a few steps (for example, where do I specify the entry port?). I am sure step 2 is wrong, as I the desktoplaunch no longer exists in Xi 3.1
1. Copy the InfoView.war file to a new directory ( Program Files/Business Objects/ Business Objects Enterprise 12.0/java/applications/sap). I imagine I would need to rename the war file (say SAPInfoview.war)?
2. Create a xml file with the following logic (the part in bold I consider to be wrong...):
<Context docBase="Program Files\Business Objects\Business Objects Enterprise 12.0\java\applications\sap\SAPInfoview.war" path="/
businessobjects/enterprise115/desktoplaunch"
crossContext="false" debug="0" reloadable="false"
trusted="false"/>
3. Save the xml file (what name? does it matter) in Program Files\Business Objects\Tomcat55\conf\Catalina\localhost
4. Restart Tomcat
5. Change the web.xml to make SAP security the default. But this should not be the regular infoview web.xml. I'm not sure where this would reside.
Thanks,
Steve
Edited by: Steve Bickerton on Jan 15, 2009 9:19 PMHi Ingo,
You've been working with Duncan and Sartaj on this. The client has two set of users: non HR which has no BW or R/3 authorization restrictions, and HR, which has authorization restrictions.
They have deployed SSO using AD for the non HR users. They also want to leverage InfoView rather than the SAP portal. For the HR users, we therefore need to capture the SAP id and password at login time to enforce security at the BW and R/3 levels. We could use the existing Infoview entry point (SSO will fail and they will be prompted for a SAP login). I do remember that we offered a second InfoView entry point for SAP users in XIR2. I thought this may be more elegant.
Thanks,
Steve -
Creating SAP users using Program RHPROFL0
Hi Experts,
I want to create SAP users and assign authorisation using program RHPROFL0.
Whenever I execute this program Generate new user field is greyed out. I can not select it to create users.
I have already activated switch 'ORGPD' for Structural Authorisation check.
Is there any additional setting/config I am missing.
Pls helpHi, Syed!
As I can see from the source code in my system, this field is grayed out according to the following rule: "not a central system, no user generation".
Thus, it is likely that your system is a child CUA system, so logins are supposed to be created by CUA.
Maybe you are looking for
-
My iPod touch 5th gen can't play videos?
I've had my iPod touch 5th gen since Christmas Eve and I haven't had any problems with it, but a few days ago it stopped playing videos and now - even though I have turned it off and back on and turned the wifi off and back on again - it still can't
-
To whoever it may concern I havel always used windows PC's and I recently bought a Mac Book Pro due to Apple's great movie program. I enjoy making movies, and very much enjoy to make my own films. I was deeply surprised to find that my new mac does n
-
I recent recieved and Ipod touch model A1213 and i cannot figure out how to get apps on it. I have tried everything i can think of and when i try to update my ipod software it tells me that its already up to date. even though its only 1.1.5. How do i
-
Until recently all was well with Itunes and the way it functioned. I believe it was after a software upgrade I lost the abilty to burn playlists. The error message is something like can not find cd driver software. It shows the DVD Burner but instead
-
VGA Display Detected But Has No Signal
Hello, Here's the issue, I'm working on a 13" MacbookPro 10.8. I plug in mac's "display port > VGA" adapter to display my second screen on projectors for a power point presentation. The Mac flashes the screen like it recognizes the display and when I