Portal roles and AD-groups

Hi,
anyone that can fill me with info on mapping between portal roles and Active Directory groups.
Thankful for config.help!
Kind regards,
Hilde Bakkemyr

hi,
look at this document.
https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/docs/library/uuid/bc72b890-0201-0010-3a8d-e31e3e266893
hope it helps.
regards,
rohin

Similar Messages

  • Portal roles and Authorization in NW2004s

    Hi Gurus,
    In earlier Portal implementation of ESS/MSS which was ITS based we used to maintain roles in EP by doing a role upload and maintaining authorizations in the backend R/3 system and if any new changes being made in the role is being distributed to the r/3 system using system administrator -> Permissions -> sap authorization and role distributions are sent to R/3. where we can go to W3PR transaction can create authorization profile for that role there.
    Now my question is in ESS/MSS implementation based on Web dynpro how are portal roles and authorization maintained?
    please do tell me as to how they are maintained in the NW2004s implementations.
    Regards,
    Ramesh

    plz take a break for few minutes and start.... u will get it..

  • How do you test portal roles and/or ESS roles if testid is not in LDAP?

    We have a process but it is hard to maintain and not very secure.  I was wondering how other Security Admins solve this problem.
    For examplle, we have users who use ESS, MSS, Adobe Forms and a few other portal roles.  And, all of them are using the LDAP to authenticate users.
    Our Basis guys have created test ids in the Portal but they need to be asisgned directly to a pernr (on Infotype 0105) in order to obtain the right information in the portal.
    I'm curious as to how others maintain this process.
    All suggestions and recommendations are welcome.
    Thanks,
    Penny

    If the Basis team has created the test-id on the portal, assign the MSS/ESS role as per the business process
    make sure to create the same userid on the backend system and assign the userid to a pernr
    Assigning userid to PERNR lot of postings are available to do this please search.
    Also I remember at one of my customers project  the portal was configured to have "parameter setting" on the portal rather than the backend system.
    summary: Userid - UME/LDAP ( Basis already created it in your case )
                                  Portal roles ESS/MSS   - assigned to userid
                                  ECC/HCM system roles -assigned to userid  ( after PERNR is tied to userid)
                                  Paremeter setting to be done on portal
    Regards

  • Browsing Portal Roles and it's mapping details

    Hi Friends,
    I am developing one webdynpro application displays portal roles in a drop down. Once I click on any of the role it need to display the Users, Worksets, Pages, iViews assigned to that role.
    I am using IRole API for that and able to get the portal roles but not the mapping details. I gone through one weblog which browses roles,pages etc from a Dynpage component. But it was not helpful for this application.
    Could you guys please tell me how to get the users,worksets,pages,iviews assigned to a particular role.
                 Thank you in advance.
    Sandeep Kumar Bonam

    Hi
    Could you please let me know the below things.
    (1) How you get the object of IPortalComponentRequest and IPortalComponentResponse object inside webdynpro.
    (2) How you get the Workset details of the role?
    Your quick response would be highly appreciated.
    Regards
    Anbu.K

  • Display portal role and content

    We have portal support people that support many other users. To support these users with live problems, they need to be able to see the portal navigation and content that their supported users see. They don't need to actually run transactions, they just need to see the content etc.  In most cases, these support people do not perform these other roles, so these other tabs (50+) are not on the support people's top-level navigation.
    Any thoughts on how to do this?  It would be great if some sort of application could dynamically display a role and all it's portal content.
    Thank you for your thoughts.
    Kevin

    Kevin,  There is no out of the box solution for your scenario, check this blog by Prakash Singh : <a href="https://www.sdn.sap.com/irj/sdn/weblogs?blog=/pub/wlg/2080">Click Here</a>
    Regards,
    Tegala

  • Provisioning EP roles and user groups through CUP

    Hello experts,
    I am configuring EP provisioning through CUP.
    I created the EP connector as per the instructions in the config guide. But I have not added any parameter values or did any field mapping. I have imported necessary Portal roles.
    My EP connector is tested successful. But when I try to provision a role through CUP, I get this error:
    Error processing your request, Request no: 4 in stage : NEW_AS11.
    In the log it shows,  Field Mapping is not set for Application  (EP)
    But when I go to field mapping, I get this error for EP.
    Data retrieval from system XP1 failed : com.virsa.ae.service.ServiceException: com.sap.engine.services.webservices.jaxm.soap.accessor.NestedSOAPException: Unable to create message from source.
    I could not find much documentation on fieldmapping.
    Are there any steps that I am missing for EP provisioning?
    Thanks in advance..
    Kee

    Thanks for your response.
    I have set up the parameters while setting up the EP connector in CUP.
    My role search URI is correct  but I am not sure about the last three parameters...
    ASSIGN_GROUPS:OC sapgroup
    ASSIGN_ROLES:OC saprole
    CHANGE_USER:OC sapuser
    CREATE_USER:OC sapuser
    CREATE_USER:password password
    DELETE_USER:OC sapuser
    LOCK_USER:OC sapuser
    LOCK_USER:islocked true
    RESET_PASSWORD:OC sapuser
    RESET_PASSWORD:password password
    ROLESEARCH_URI -  http://portalserver name:port number/UserRoleSearchForAEService_5_3/Config1?wsdl&style=document
    ROLESEARCH_URI_USERNAME -  same user Id I provided for the connector
    ROLESEARCH_URI_PASSWORD See your system administrator for the value.
    UNLOCK_USER:OC Sapuser
    UNLOCK_USER:islocked false
    ROLE_DATA_SOURCE -- ROLE.UME_ROLE_PERSISTENCE.un:   ??? What  is the role data source?? Is the value that is  provided is correct for the UME roles
    SCHEMA_ID SAPprincipals   ?? What does this Schema Id mean???
    USER_DATA_SOURCE  ????  Should we mention the user data source on the Portal system. In our case, it is the LDAP. But what would be the corresponding parameter value for LDAP.
    So when I go to field mapping to create one for EP, I get the following error:
    Data retrieval from system XP1 failed : com.virsa.ae.service.ServiceException: com.sap.engine.services.webservices.jaxm.soap.accessor.NestedSOAPException: Unable to create message from source.
    Log Details:
    2009-03-03 14:28:48,055 [SAPEngine_Application_Thread[impl:3]_19] ERROR Error in gettting Field Def
    com.virsa.ae.service.ServiceException: com.sap.engine.services.webservices.jaxm.soap.accessor.NestedSOAPException: Unable to create message from source.
         at com.virsa.ae.provisioning.idm.spml.request.SchemaRequest.sendSchemaRequest(SchemaRequest.java:131)
         at com.virsa.ae.provisioning.idm.spml.request.SchemaRequest.getSchemaAttributes(SchemaRequest.java:142)
         at com.virsa.ae.provisioning.idm.spml.request.SchemaRequest.getFieldDefinition(SchemaRequest.java:163)
         at com.virsa.ae.configuration.bo.FieldMappingBO.getSAPFieldDefList(FieldMappingBO.java:126)
         at com.virsa.ae.configuration.actions.LoadFieldMapAction.execute(LoadFieldMapAction.java:56)
         at com.virsa.ae.commons.utils.framework.NavigationEngine.execute(NavigationEngine.java:271)
         at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:425)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.doWork(RequestDispatcherImpl.java:321)
         at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:377)
         at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:455)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
         at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
         at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
         at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
         at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
         at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
         at java.security.AccessController.doPrivileged(Native Method)
         at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:102)
         at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:172)
    Caused by: com.sap.engine.services.webservices.jaxm.soap.accessor.NestedSOAPException: Unable to create message from source.
         at com.sap.engine.services.webservices.jaxm.soap.SOAPPartImpl.setContent(SOAPPartImpl.java:192)
         at com.sap.engine.services.webservices.jaxm.soap.SOAPMessageImpl.<init>(SOAPMessageImpl.java:83)
         at com.sap.engine.services.webservices.jaxm.soap.MessageFactoryImpl.createMessage(MessageFactoryImpl.java:35)
         at com.virsa.ae.provisioning.idm.spml.request.SchemaRequest.sendSchemaRequest(SchemaRequest.java:118)
         ... 25 more
    Caused by: com.sap.engine.lib.xml.parser.NestedSAXParserException: Fatal Error: com.sap.engine.lib.xml.parser.ParserException: XMLParser: Bad Attribute value: ' or " expected!(:main:, row:5, col:18)(:main:, row=5, col=18) -> com.sap.engine.lib.xml.parser.ParserException: XMLParser: Bad Attribute value: ' or " expected!(:main:, row:5, col:18)
         at com.sap.engine.lib.xml.parser.DOMParser.parse(DOMParser.java:139)
         at com.sap.engine.lib.xml.parser.DOMParser.parse(DOMParser.java:173)
         at com.sap.engine.services.webservices.jaxm.soap.SOAPPartImpl.parseDocument(SOAPPartImpl.java:221)
         at com.sap.engine.services.webservices.jaxm.soap.SOAPPartImpl.setContent(SOAPPartImpl.java:189)
         ... 28 more
    Caused by: com.sap.engine.lib.xml.parser.ParserException: XMLParser: Bad Attribute value: ' or " expected!(:main:, row:5, col:18)
         at com.sap.engine.lib.xml.parser.XMLParser.scanAttValue(XMLParser.java:1403)
         at com.sap.engine.lib.xml.parser.XMLParser.scanAttList(XMLParser.java:1577)
         at com.sap.engine.lib.xml.parser.XMLParser.scanElement(XMLParser.java:1712)
         at com.sap.engine.lib.xml.parser.XMLParser.scanContent(XMLParser.java:2442)
         at com.sap.engine.lib.xml.parser.XMLParser.scanElement(XMLParser.java:1843)
         at com.sap.engine.lib.xml.parser.XMLParser.scanContent(XMLParser.java:2442)
         at com.sap.engine.lib.xml.parser.XMLParser.scanElement(XMLParser.java:1843)
         at com.sap.engine.lib.xml.parser.XMLParser.scanContent(XMLParser.java:2442)
         at com.sap.engine.lib.xml.parser.XMLParser.scanElement(XMLParser.java:1843)
         at com.sap.engine.lib.xml.parser.XMLParser.scanDocument(XMLParser.java:2845)
         at com.sap.engine.lib.xml.parser.XMLParser.parse0(XMLParser.java:231)
         at com.sap.engine.lib.xml.parser.AbstractXMLParser.parseAndCatchException(AbstractXMLParser.java:145)
         at com.sap.engine.lib.xml.parser.AbstractXMLParser.parse(AbstractXMLParser.java:160)
         at com.sap.engine.lib.xml.parser.AbstractXMLParser.parse(AbstractXMLParser.java:261)
         at com.sap.engine.lib.xml.parser.Parser.parseWithoutSchemaValidationProcessing(Parser.java:280)
         at com.sap.engine.lib.xml.parser.Parser.parse(Parser.java:342)
         at com.sap.engine.lib.xml.parser.DOMParser.parse(DOMParser.java:101)
         ... 31 more
    2009-03-03 14:28:48,055 [SAPEngine_Application_Thread[impl:3]_19] ERROR com.virsa.ae.service.ServiceException: com.sap.engine.services.webservices.jaxm.soap.accessor.NestedSOAPException: Unable to create message from source.
    com.virsa.ae.core.BOException: com.virsa.ae.service.ServiceException: com.sap.engine.services.webservices.jaxm.soap.accessor.NestedSOAPException: Unable to create message from source.
         at com.virsa.ae.configuration.bo.FieldMappingBO.getSAPFieldDefList(FieldMappingBO.java:134)
         at com.virsa.ae.configuration.actions.LoadFieldMapAction.execute(LoadFieldMapAction.java:56)
         at com.virsa.ae.commons.utils.framework.NavigationEngine.execute(NavigationEngine.java:271)
         at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:425)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.doWork(RequestDispatcherImpl.java:321)
         at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:377)
         at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:455)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
         at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
         at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
         at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
         at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
         at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
         at java.security.AccessController.doPrivileged(Native Method)
         at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:102)
         at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:172)
    Caused by: com.virsa.ae.service.ServiceException: com.sap.engine.services.webservices.jaxm.soap.accessor.NestedSOAPException: Unable to create message from source.
         at com.virsa.ae.provisioning.idm.spml.request.SchemaRequest.sendSchemaRequest(SchemaRequest.java:131)
         at com.virsa.ae.provisioning.idm.spml.request.SchemaRequest.getSchemaAttributes(SchemaRequest.java:142)
         at com.virsa.ae.provisioning.idm.spml.request.SchemaRequest.getFieldDefinition(SchemaRequest.java:163)
         at com.virsa.ae.configuration.bo.FieldMappingBO.getSAPFieldDefList(FieldMappingBO.java:126)
         ... 22 more
    Caused by: com.sap.engine.services.webservices.jaxm.soap.accessor.NestedSOAPException: Unable to create message from source.
         at com.sap.engine.services.webservices.jaxm.soap.SOAPPartImpl.setContent(SOAPPartImpl.java:192)
         at com.sap.engine.services.webservices.jaxm.soap.SOAPMessageImpl.<init>(SOAPMessageImpl.java:83)
         at com.sap.engine.services.webservices.jaxm.soap.MessageFactoryImpl.createMessage(MessageFactoryImpl.java:35)
         at com.virsa.ae.provisioning.idm.spml.request.SchemaRequest.sendSchemaRequest(SchemaRequest.java:118)
         ... 25 more
    Caused by: com.sap.engine.lib.xml.parser.NestedSAXParserException: Fatal Error: com.sap.engine.lib.xml.parser.ParserException: XMLParser: Bad Attribute value: ' or " expected!(:main:, row:5, col:18)(:main:, row=5, col=18) -> com.sap.engine.lib.xml.parser.ParserException: XMLParser: Bad Attribute value: ' or " expected!(:main:, row:5, col:18)
         at com.sap.engine.lib.xml.parser.DOMParser.parse(DOMParser.java:139)
         at com.sap.engine.lib.xml.parser.DOMParser.parse(DOMParser.java:173)
         at com.sap.engine.services.webservices.jaxm.soap.SOAPPartImpl.parseDocument(SOAPPartImpl.java:221)
         at com.sap.engine.services.webservices.jaxm.soap.SOAPPartImpl.setContent(SOAPPartImpl.java:189)
         ... 28 more
    Caused by: com.sap.engine.lib.xml.parser.ParserException: XMLParser: Bad Attribute value: ' or " expected!(:main:, row:5, col:18)
    Appreciate your response.
    Thanks
    Kee

  • Configuring portal roles and authorizations

    I have NW portal 7.3 and UME set to ABAP ECC,
    Is it good idea to create groups and assign to developers and users or should they be assigned roles directly ? Will the developer need super admin role ?
    Edited by: Jay-Basis on Feb 15, 2012 4:51 PM

    Hi,
    Developer never should be a super admin. Please assign the roles related to customizing.
    Regards,
    Venkata S Pagolu

  • XRPM Portal Roles and Authorizations

    Hello,
    Please I need your help, because I need to create a template for a Csutomer in Colombia, and I need develop my skills in understanding Roles on the xRPM portal.
    My question is if you have a short description of the following roles:
    SAP_RPM_CUSTOMIZER
    SAP_RPM_EXECUTIVE
    SAP_RPM_PROJECTAPPROVER
    SAP_RPM_PROJECTMANAGER
    SAP_RPM_PROJECTMEMBER
    SAP_RPM_PROJECTOFFICE
    SAP_RPM_PROJECTPROPOSER
    SAP_RPM_PROJECTREVIEWER
    SAP_RPM_RESOURCEMANAGER
    SAP_XRPM_ADMINISTRATOR
    SAP_RPM_USER
    Let me know your anwsers as soon as posible
    Regards,
    Eleane Mc Mahan

    <removed_by_moderator>??? LOL
    Do not ask for points.
    Read the "Rules of Engagement"
    Edited by: Juan Reyes on Feb 9, 2009 9:31 AM

  • How to transport Associated Group in a Portal Role?

    Hi,
    I created a portal role which is contained in a folder X under Portal Content.  This portal role is associated with a particular ABAP menu-role by means of Assigned Groups.  When I transported the folder X with all dependent objects from Dev to QA, the portal role appeared but the Assigned Groups is empty.  Another words, the association between portal role and the ABAP menu-role could not be transported.  How can Associated Groups in a Portal Role be transported?
    Thank you in advance.
    Best regards,
    Zabrina

    Hi,
    I have tried to do it in two steps:
    1. Export and import portal contents which include the whole structure with folders, roles and iviews under each role.
    2. Export and import the same roles as user management data
    The result from 1 was that the whole structure including the roles is imported; however none of the portal role contains the associated assigned group.
    The result from 2 was that the UME roles with assigned group are imported as separat objects.
    Now, the same role appears both as portal role without assigned group and the UME object with assigned group. But, there is no connection between 1 and 2.  That means that I cannot use 2 anyway.
    Is there any other way to do than to export 1 and manuelly modify 1 with assigned role once again after transport?
    Thank you in advance for any helpful advice.
    Best regards,
    Zabrina

  • Transport roles (with assigned group) containing folders and iviews

    Hi,
    This message was in the BI forum before and I think that it suits here better.
    I created a portal role which is contained in a folder X under Portal Content. This portal role is associated with a particular ABAP menu-role by means of Assigned Groups. When I transported the folder X with all dependent objects from Dev to QA, the portal role appeared but the Assigned Groups is empty. Another words, the association between portal role and the ABAP menu-role could not be transported. How can Associated Groups in a Portal Role be transported?
    Then I also tried to do the following steps:
    1. Export and import portal contents which include the whole structure with folders, roles and iviews under each role.
    2. Export and import the same roles as user management data
    The result from 1 was that the whole structure including the roles is imported; however none of the portal role contains the associated assigned group.
    The result from 2 was that the UME roles with assigned group are imported as separat objects.
    Now, the same role appears both as portal role without assigned group and the UME object with assigned group. But, there is no connection between 1 and 2. That means that I cannot use 2 anyway.
    Therefore, I still have to manuelly modify 1 with assigned role once again after importing step 1. Is there a way to import 1 with the associated assigned group without any manuel modification?
    Thank you in advance for any helpful advice.
    Best regards,
    Zabrina

    hi,
    check the following threads
    http://help.sap.com/saphelp_nw04/helpdata/en/6d/7c8cfd410ea040aadf92e1f78107a4/frameset.htm
    http://help.sap.com/saphelp_nw04/helpdata/en/6d/7c8cfd410ea040aadf92e1f78107a4/frameset.htm
    Re: Transport management in BW 2004s
    let me know uneed any further info
    bvr

  • J2EE roles vs Portal roles vs ABAP roles

    (I also posted this on portal implementation, but i hope i receive more reactions here )
    Dear all,
    I have a question about the information on the following link:
    http://help.sap.com/saphelp_nw2004s/helpdata/en/4c/6c0f40763f1e07e10000000a1550b0/content.htm
    It says the following:
    "These functions are intended to assign users and their assigned portal roles a corresponding role in the SAP System. This corresponding role (authorization role) contains the authorizations needed to execute certain functions from the portal."
    1. These "...certain functions..." they talk about, can someome give an example of these functions?
    2. Is it possible for example to create a role in the portal that gives a user authorisation for starting transaction SE80 in the backend system? Without making the role in the backend first and uploading it to the portal.
    3. It's also possible to upload ABAP roles to the portal. Is the main reason for this that users can see their SAP menu (or part of it) in the portal? Or does this have other advantages too?
    4. I'm very confused about the relation between J2EE roles, portal roles and ABAP roles. Is it possible to manage the roles for a user in one place, without having to do certain actions in the portal AND the backend system?
    From what I've read on help.sap.com, you always need to do certain actions in both places.
    A possible approach is the following (from what i know): Creation of roles in the R/3 system, without assigning to users. From a webdynpro application, a user can then be created and roles can be assigned: portal roles (via some API) and R/3 roles (via BAPIs).
    I hope someone can give a bit information on this issue. I've done alot of reading on help.sap.com, but it's still an abstract issue for me.
    Kind regards,
    Joren

    Hi Jorem
    Re: point 3. I don't build portal roles through this mechanism as I don't believe in replicating the SAP easy access menu inside the portal. If there are some specific functions (transactions) that I want to run inside the portal, then I might use this mechanism to build the iViews once. I would rather start an iView that runs transaction SMEN and let the user see their regular easy access menu.
    Please note that the speed of executing transactions in the portal isn't a function of the portal, but the fact that you are using ITS, for example, to web enable the transaction...
    Re: point 4. Groups are a UME concept. They have nothign to do with ABAP groups. They can be created directly in UME through user administration functions, or they can be created in the LDAP and then they are visible in the portal. If the UME points to an ABAP system, then the ABAP roles are autoamtcially visible as UME groups. Groups created in the UME need to have the members assigned through user admin functions of the Java engine. Groups stored in LDAP are maintained using LDAP admin tools. There are upload utilities that allow you to maintain LDAP users and groups through text files. Google LDIF for more details.
    Roles on the portal need to be built in the portal contetn directory. As Michael mentioned, this can be automated by the use of the role upload function built into the portal.

  • Link ECC roles to Portal roles (Portal is using LDAP source for UME)

    Hi all,
    If a user is assigned a certain ECC ABAP role, they should also receive a related portal role.  Our portal is using LDAP.
    If our portal ume source was an ABAP system, I think it would be easy to achieve the ECC to ABAP role linkage.
    We were thinking of developing a UME java webservice and have an ABAP proxy class consume it to allow our abap system to assign the correct portal role, and delete the portal role.
    Any other ideas?

    Rajendra,
    Thx for your reply.  Can you provide any more details as to the design of your solution with the web service?  We are thinking of running a batch job nightly with a some mapping table in ECC to determine what ABAP role should link to the portal group then call the webservice to add the user to the portal group or delete the user from the portal group. 
    A second question is...does SAP Identity Manager offer any solution for this type of requirement?
    Thanks

  • Portal Roles (ABAP & JAVA)

    Hi,
    We are planning to go for a portal implementation for our BW reports..
    I had a few questions with regards to the roles (BW & Portal) or (ABAP & JAVA)
    Question 1:
    I want a single place (BW) where I can assign all the roles (BI & Portal) to users, so when ever a user account has to be createu2026the support team will create it BW System and assign all the relevant roles in BI system
    If YESu2026then how can I move the Navigational Role in portal (Role in which we publish iviews) that I created in portal to BW.
    And also
    How can I create a JAVA role in BW so that that role can be assigned to user and his portal options will be updated..
    Thanks

    Hi
    Thanks for all the updates.
    Few questions
    How can i know Which user repository is my portal system connected to ? (LDAP or ABAP datasource)
    and
    If you have configured your BW system as the ume datasource for your portal - then your backend roles in BW will show up in portal as Groups. You may choose to assign your portal roles to these groups.
    In BW if i assigned a Composite role to a user ...will it show as a group in portal and
    As my requirment is to single place to create user either in portal or BW....if BW user roles are avaliable in portal as groups...
    Can i insted of create a user account in BW and come to portal and assign portal roles to the user or user group to get portal previliges
    Can i create user account in portal and assing the user to the corresponding groups in portal....will this action will create a user account in BW as well
    Thanks

  • Difference between Portal Transport and Basis Transport

    Hi Experts,
    I have few questions .
    1. What's the difference between transport in portal and transport in Basis.
    2 . In user admin , we create users and assign them roles. Even Basis people will create
         new userids and assign them roles. Whats the difference between these two.
    3. In useradmin whats the difference between assigned roles and assigned groups.
    Thanks a lot.

    Hi,
    I don't see any differnece in portal and basis transport
    Content transport generally done from one landscape to other landscape. say  from dev to test system
    or test  to production system.
    we create user id using user admin role in portal ume or we can get users externally by using LDAP funtionality.
    Using user admin role we can assingn users to rolese and groups.
    Groups are used for a group of users. IF certain users have similar authorizations in portal then we group them in single user group and then assing this group to the roles. This is called authorization.
    Role is used to display the portal content to the users and is the top level navigation in portal.
    If I miss anything at basis level then someone can help you.
    Raghu

  • Automating Portal Role Assignment

    Hi Everyone,
    At my project we are looking to automate the process of Portal Role assignment.
    With our current design, a user initially logs into the ISA and ICSS Portal as an anonymous Portal user.  To view all content the user will be required to register himself on the portal. Once the user registers himself, a user record is created on the backend CRM system. Now when he tries to log into the portal with his new username and password he gets a blank screen because he has no Portal Roles assigned to him.
    We need need to create Portal Roles for each CRM user. The new Portal Role will be based on user type in the CRM system. Since we have several users logging in and creating new accounts, we need to automate this process of mapping a CRM user to an appropriate Portal Role and then actually creating the Portal Role on the Portal.
    Has some one does this before or has an idea how to do this?
    Any help will be really appreciated...
    Thanks!
    Muhammad Osman Yousuf

    Hi Michael,
    Thanks for the help so far. Do you think the following mappings would work with the solution you recommended?
    On the CRM side we have CRM_ROLE_A, CRM_ROLE_B, and CRM_ROLE_C and on the Portal sider we have PORTAL_ROLE_A and PORTAL_ROLE_B.
    All mappings given are possible...
    CRM_ROLE_A = PORTAL_ROLE_A
    CRM_ROLE_B = PORTAL_ROLE_A and PORTAL_ROLE_B
    CRM_ROLE_C = PORTAL_ROLE_B
    Thanks!
    Muhammad Osman Yousuf

Maybe you are looking for

  • Invisible video download in the background will not cancel or go away even after closing, shutting down, uninstalling/re-installing?

    I tried downloading a video the other night but it never showed up in my downloads window/tab. I wanted to cancel it but could not because its not there to cancel but I do see the progress in the icon background in my windows task bar. To cancel I fi

  • When I make calls I can hear but person I'm calling can not hear me

    Hi, my iPhone 4s has started to play up! When I make or receive a call I can hear fine but the person on the other end can't hear a thing! I have done all the obvious things like make sure mute is not pressed and about a month ago I did a system rest

  • Problem in Exporting Dashboard data using IR 9.3.0

    hi all, I am working on Hyperion IR-9.3.0. I have two OLAPQuery sections (as OLAPQuery & OLAPQuery 2). I am collating the data from these two OLAPQuery Sections into a single Dashboard.After doing so I am exporting data present on DASHBOARD to PDF fo

  • Accounts receivable on Business Area level

    Hi, Is there a way to report accounts receivable on Business Area level? I want to use the InfoCube 0FIAR_C02 for reporting transactional A/R data - the customer has 1 company code and below this 7 business areas on which receivable reporting should

  • Safari 3.1 bug on Gmail

    Just upgraded my old version safari to 3.1, but today I found a bug when using Gmail. I was trying to compose an email by using web based Gmail, when I put the cursor into composing area, it will jump to address field once when I press the SHIFT key.