R/3 Roles for Portal 7.0 Urgent

Similar Messages

• Roles for SAPUSER in SAPR3---Urgent pls help

  Hi,
  Since my Roles for SAPUSER is blank
  http://www.flickr.com/photos/10351754@N08/858043167/
  I have to create Role
  Now I am in SAP R3 and what are all the Roles I have to Create in SAP R3 for SAPUSER?
  pls let me know
  thanks
  dushanth

  hi,
  You can assign the relevant roles to the user you have basing on the requirements. It is not necessary that each and every user should by default have roles except for service and system users. So no tension..
  Reward if helpful,
  Sarath.

• Roles for Portal

  Dear experts.
  Please anyone can help me with the name for the following roles:
  Guided Procedure
  Content Administration
  User Administration
  System Administration.
  Also I want know the name of role and pluging for work with Visual Composer.
  Thanks in advances
  Regards
  Carmen-

  Hi Carmen,
  Please find below role details,
  You can also Login to Portal > user admin and search for roles.
  Guided Procedure (GP Administarator)
  pcd:portal_content/com.sap.pct/platform_add_ons/com.sap.caf.eu.gp.folders.gp/com.sap.caf.eu.gp.roles.administration
  Content Administration
  ---pcd:portal_content/administrator/content_admin/content_admin_role
  User Administration
  ---pcd:portal_content/administrator/user_admin/user_admin_role
  System Administration.
  pcd:portal_content/administrator/system_admin/system_admin_role
  Visual Compoer
  pcd:portal_content/com.sap.gm.cnt/core/VCRole
  Also, you can assign super admin role to get access to content, user and system administration.
  Thanks.
  Sushil

• Portal Run time error when created a seperate role for Transport package.

  Hi Experts,
  I have created a seperate role for Transport Package(import/export iviews).
  Normally we have transport package functionality in system admin.
  Below steps i followed for creating the new role(trans admin)
  1.Copied SAP provided system admin role to a seperate folder.
  2.Deleted reamining portal objects(like UWL, portal display etc ..) except transport packege workset.
  3.Renamed the role to trans admin.
  I have assigned that role to my self, it is working fine to me when i clcik on export and import.I have super admin role.
  when i assign this role to some portal users, Export is not working.
  when user clicks on Export role they are getting below error.
  Portal Runtime Error
  An exception occurred while processing a request for :
  iView : N/A
  Component Name : N/A
  Access denied (Object(s): com.sap.portal.system/security/sap.com/NetWeaver.Portal/medium_safety/com.sap.portal.appdesigner.contentcatalog/components/Framework).
  Exception id: 12:10_31/08/09_0031_21763550
  See the details for the exception ID in the log file
  By looking into exception iD also, same error access denied it is showing.
  Please Advice.
  Thanks
  Sony.

  Hi Raghu,
  Thanks for the reply.
  I have given full permissions to all users to this trans admin role before itself.
  Thanks in advance.
  Sony.
  Edited by: ambica sony on Aug 31, 2009 1:53 PM

• Report or ways to find who removed portal roles for an user id ?

  Hi Experts,
  Scenario: if admin removes super admin role or any other portal role for my id. is there any possibility to see who exactly deleted the roles for my id?
  Many Thanks
  Sekhar

  HI,
  as Anja wrote, this is not possible with a default installation of the SAP Portal.
  What you can do is to provide role provisioning with IIDM, GRC or ABAP user store solution instead of giving the portal admin the permission to change role <-> user attribution.
  br,
  Tobias

• Allowing Airwatch MDM access to the Captive-Portal guest users in pre-auth role for android and BB?

  Requirement:
  How to allow Airwatch MDM access to the Captive-Portal guest users in pre-authentication role for Android and Blackberry devices?
  What is Airwatch MDM?
  Airwatch MDM is Mobile Device Management. The Airwatch is an enterprise which helps to manage and secure data traveling through the mobile devices like Laptops, Tablets, Android, iPhones, iPads etc.
  Solution:
  Why we need to allow access to Airwatch MDM?
  The network administrator can force the guest users to register to Airwatch MDM before they get authenticated and access the internet. So that the network administrator could manage the guest devices through Airwatch Management tool. This can be achieved by CPPM server. To download the Airwatch MDM app and register with the Airwatch MDM server certain domains should be permitted in the captive portal pre-authentication role. This KB provides the configuration steps to allow the guest users to download the Airwatch MDM app and register with the Airwatch MDM server.
  Configuration:
  Below is the configuration
  Configuration steps:
  1. Create the following netdestinations
  netdestination Airwatch
    name *.awagent.com
    name *.awmdm.com
    name air-watch.com
  netdestination Google-Play
    name android.clients.google.com
    name .ggpht.com
    name gstatic.com
    name accounts.google.com
    name clients1.google.com
    name clients2.google.com
    name clients3.google.com
    name clients4.google.com
    name i.ytimg.com
    name google-analytics.com
    name .1e100.net
    name android.l.google.com
    name mtalk.google.com
    name clients.l.google.com
    name googleapis.com
    name gvt1.com
  netdestination BlackBerry
    name *.blackberry.com
  2. Now define the rules in the session acl and map it to the pre-authentication Role of the captive portal.
  ip access-list session Airwatch_Access
    any   alias Airwatch svc-http  permit
    any   alias Airwatch svc-https  permit
  ip access-list session Google-Play-Store
                 any   alias Google-Play any permit
  ip access-list session BlackBerry-Access
                 any   alias BlackBerry any permit
  3. Now map the session ACLs to captive-portal pre-authentication Role as follows
  user-role Guest-Pre-Auth-Role
   access-list session Airwatch_Access
   access-list session Google-Play-Store
   access-list session BlackBerry-Access
   access-list session logon-control
   access-list session captiveportal
  4. Now whitelist the list of domain names in the Captive Portal profle
  aaa authentication captive-portal Airwatch-Captive-Portal-Profile
  white-list Airwatch
  white-list Google-Play                                                                                ------------>Netdestinations where you defined the Domains.
  white-list BlackBerry
  Verification
  Now the user will be placed under the "Guest-Pre-Auth-Role" before the authentication. The user can now go the Google Play-Store or BlackBerry Appworld to download the Airwatch MDM and register to Airwatch Management Server.

  Thanks so much getting these names listed out. I have been working on this very issue for a few weeks and was basing my firewall rules on IP's. It was not going well. Now access is working and testing can commence!  Thanks,Chris

• Implementation guide for ESS/MSS. Urgent for ECC6 and Portal 7.

  HI ALL,
  i need documents on Implementation guide for ESS/MSS. Urgent for ECC6 and Portal 7.
  Thanks in advance.

  Hi
  Please go through the link in the below thread.
  /message/3262434#3262434 [original link is broken]
  Also try this ESS - 4.6C version to gain some knowledge:
  http://help.sap.com/printdocu/core/Print46c/en/data/pdf/CAESS/ESSIAC.pdf
  If this helps, pl do reward.
  Thanks
  Narasimha

• Role Mapping For Portal Role Assignment and ABAP Role Assignment

  Summary:
  - Under the GRC configuration of Roles> Role Mapping we are trying to utilize the  role mapping feature in GRC for associating a dependent role to a main role.
  - We want to use this role mapping feature for the purposes of adding an Enterprise Portal role for every ABAP role that gets approved for the user in an ABAP component system (i.e. ECC, BW, CRM etc). We will have a 1:1 mapping of Enterprise Portal role to ABAP role defined in the role mapping section in GRC.
  - We want to set up the workflow in such a way that the main role (ABAP role) is the only role that needs to be approved. The dependent role (Enterprise Portal role) should be added or not added based on the approval or denial of the main role (ABAP role). In other words if the role owner for the abap role approves the abap role, then both the abap and EP role will be provisioned by GRC and if the role owner rejects/denies the role, then neither the abap or EP role will be provisioned by GRC.
  Problem Description:
  Our Scenarios we tested:
  Scenario 1:
  Main Role:  Attached to Initiator A & workflow A (routes to single approver based on role)
  Dependent Role:  Attached to Initiator B & workflow B (routes to auto approval or no approval)
  *Problem with the Scenario 1setup above, the dependent role will always get approved & provisioned regardless of the approval or denial of the main role. 
  Scenario 2:
  Main Role:  Attached to Initiator A & workflow A (routes to single approver based on role)
  Dependent Role:  Attached to Initiator A & workflow A(routes to single approver (same as main approver) based on role)
  *Problem with the Scenario 2 setup above, the dependent role will always also need to get approved by the same approver as main role and it opens the possibility that the approver may accidently approve the main role and deny the dependent role, which is not the ideal setup as we inherit the risk of human error.
  Questions:
  1. Does the dependent role need to be defined in an initiator at all since it will never directly be requested directly?
  2.  If the dependent role does need to be in the initiator file, please describe how to properly setup the initiator and workflow stage & path so that we can maintain the desired relationship with the main role approval dependency? (if the role owner for the main role approves the main role, then both the main role and dependent role will be provisioned by GRC and if the role owner rejects/denies the main role, then neither the main role or depedent role will be provisioned by GRC
  Edited by: Rene Griffith on Feb 26, 2010 10:22 PM

  I tested this set up.
  1.  Defined ABAP role as Manin role
  2.  Defined Non-ABAP role as dependednt role
  3. ABAP role  is set up in initiator requiring business approval.
  4.  Non-ABAP role is set up in initiator with no approval required.
  Results Where Business Approver approves the ABAP Role
  1. Only the ABAP role is displayed in approver view which is desirable.
  2.  ABAP role is approved and Non-ABAP role and ABAP role is provisioned.
  Results Where Business Approver rejects the ABAP Role
  1. Only the ABAP role is displayed in approver view which is desirable.
  2.  ABAP role is rejected but  Non-ABAP role is provisioned which is not what we want.  We want the Non-ABAP role not to provision if the ABAP role is rejected by the business approval.
  Thanks again for your help.

• Unhandled exception for uploading BW roles into portal

  Hi experts:
  I  got the following warning in the log viewer when I uploade 2 BW roles, ZB_SAP_BW_DEVELOPER
  ZB_SAP_BW_WEB_ADMINISTRATOR, into portal (7.3). They are copies of the standard SAP roles.  I succcessfully uploaded other BI roles. These are the only ones that can not be uploaded. There is no error on the portal. Upload completed 100% but these 2 roles are not in the uploaded role list.  I checked sm12 and they are not locked. Wonder if anyone has had the same issue and solution?
  Log viewer warning:
  The following unhandled exception: [java.lang.NullPointerException: while trying to load from an object array loaded from local variable 'templateUrlArr'] was detected in [Thread[RoleUpload_1312911561066,5,Dedicated_Application_Thread]]
  Thanks

  Hi Tiberiu,
  I am also getting the same while uploading the BW 3.5 role to Portal 6.0, Role gets created but iviews throws the same error as you are getting.
  Please help if you have found the solution for the problem.
  Thanks in advance.
  Bhuvnesh Goel

• Changing the sequence of roles/groups for Portal users after Login

  Hi
  We are at EP 7.0 SP11.
  We have developed custom role for ESS, MSS, EIC and Reports etc.
  Now when all the 3 roles are assigned to any user, the sequence of the display is generally
  Employee Self Service, Manager Self Service and then EIC.
  We need to change this sequence in Dev QA and production environment for some users preferably (or for all portal users), so that the 1st page which loads in portal after user logs in , is not necessary ESS. 
  The requirement can also be considered as, we need to change the default page which displays after user logs in.
  Does someone have any idea how can we achieve this ?
  Looking forward for your response.
  Thanks
  Neha

  Hi Neha,
  Add custom Welcome page/Home page(eu_role) and Sort Priority property as per  Koti Reddy.
  Hope it helps
  Regards
  Arun

• PASSWORD FOR FLODERS  PLEAse  HELP URGENT

  HI ALL
  please tell me the method of implementing password
  provision for some folders/files in the system.
  it should ask for password authentification before
  opening when i click on the folder.
  please help urgent
  thanks
  belur

  Hi Swaroopba,
  It can be very well done thru Form based Authentication.
  For eg let me explain with respect to Tomcat.
  Go to
  $TOMCAT_HOME/webapps/examples/WEB-INF directory.
  Please add the following code in it.
  <security-constraint>
  <web-resource-collection>
  <web-resource-name>Protected Area </web-resource-name>
  <!-- Define the context URL's to be protected -->
  <url-pattern>/jsp/security/protected</url-pattern>
  </web-resource-collection>
  </security-constraint>
  Please add the following code in it. And you have to specify the roles for it.
  I hope this will be helpful for you.
  Or if you want it in an application, please let me know.
  Thanks
  Bakrudeen

• Help, need to change IP address on host database for Portal

  Hi folks,
  Rather urgent assistance (as usual) needed. I have an installation working correctly on a pair of Win2k machines, one as the 9i database, one as the 9iAS/Portal. The app server has 2 NIC cards, one with public IP address (which is ok), one on the LAN. I need to reconfigure the LAN addresses on both the machines. Initial Portal install done without DNS, i.e. actual server/host addresses entered in the configuration.
  I have tried changing all of the TNS/Listner settings and the NIC card IP addresses and restarting the machines. The likes of SQLPlus work ok, with the TNS connect name allowing over the LAN access into the database with the new LAN addresses. I cannot seem to get the 9iAS/Portal to find the repository with the new addresses.
  Can someone help please? I can't find the answer in any documentation or other postings.
  Thanks in advance
  Rob

  There are other modes of operation for the plasst as well. I am listing them below but the formatting will make it difficult to read. If you like I can email it to you.
  Bill G...
  Configuring Portal when the HTTP server host name of the Infrastructure is changed
  Run the following from the $ORACLE_HOME/assistants/opca dir
  ptlasst.bat -mode SSOPARTNERCONFIG -i typical -sdad portal -host myApache.domain.com -port 7777 -silent -verbose
  NOTE:
  (1) This command would create a new Portal partner application in the SSO to reflect the changes of the Infrastructure. Before running this command please ensure to configure the SSO with the correct hostname by running the ssocfg.bat script located in the Infrastructure install (<infra_home>\sso\bin).
  The value for -host parameter will be the IP address of the infrastructure server and -port will be the port where the infrastructure http server is running on.
  Configuring Portal when the HTTP server host name of the Middle tier is changed
  ptlasst.bat -mode MIDTIER -i typical -host myApache.domain.com -port 7777 -ldap_h myOID.domain.com -ldap_p 389 -ldap_w welcome -pwd secret123 -portal_only -oh /home/oracle -chost myHostname.domain.com -cport_i 8001 -cport_a 8000 -wc_i_pwd invalidator -mc false -mi true -silent -verbose
  NOTE :
  (1) The -host value should match the serverName value of the httpd.conf
  (2) The -chost should be updated with the correct webcache hostname. In a default iAS midtier install the -host is same as the -chost.
  The value for -host parameter will be the IP address of the midtier(portal) server and -port will be the port where the portal is running on.
  Parameter Description Default Value Mandatory
  -i install_type Installation Type
  In the typical mode, the OPCA would get the Infrastructure information like the Portal schema name, Portal schema password, connect string to the Portal repository, SSO Partner application schema and password, SSO Password store schema and password and connect string to the SSO repository from the Repository Access API's.
  In the custom mode, the OPCA would take whatever is passed as the command line arguments.
  CUSTOM
  -mode mode The different install modes are : PORTAL, SSO, SSOPARTNERCONFIG, LANGUAGE, MIDTIER, ALL, SYSOBJECTS , DEINSTALL
  -s portal_schema Oracle Database schema for Portal database objects. In an iAS 9.0.2 install
  the default Portal schema name is portal portal
  -sp portal_password Password for Portal schema. In an iAS 9.0.2 install the portal schema password is randomized by default. Refer to the note "How to get the Portal schema password of the Infrastructure database ?" for details. <portal_schema>
  -c portal_connect Connect string to connect to the Portal repository <hostname>:<port>:<sid>
  -p sys_password The Oracle Database password for the Oracle SYS user MANDATORY
  -sdad portal_dad DAD for the Portal schema. Create the DAD to the Portal repository through the OEM. Refer to the note "How to create and manage the Portal and SSO DAD ?" for details. <portal_schema>
  -host portal_host Hostname of the HTTP server for Portal. This should match byte to byte with whatever is present in the ServerName attribute in the $OH/Apache/Apache/conf/httpd.conf file of the midtier. MANDATORY
  -port portal_port Port of the HTTP server for Portal. The Port attribute in the $OH/Apache/Apache/conf/httpd.conf file of the midtier would provide the value. 7777
  -ldap_h oid_host_name Host name of the OID server MANDATORY
  -ldap_p oid_port_number Port number of the OID server 389
  -ldap_d oid_admin_DN Admininstration DN cn=orcladmin
  -ldap_w oid_admin_pw Password for DN welcome
  -pwd initial_password Initial Password for seeded OID users. In iAS 9.0.2 install this is defaulted to the iAS instance password of the midtier installation. MANDATORY (for ALL or MIDTIER)
  -das_public Add Portal Groups to DAS Public Groups. The values could be Y or N. The default is Y. The setting publishes the Portal groups that the user can add to when creating the new user in OID. Y
  -u default_tablespace Install Portal objects in this tablespace. The default tablespace selected should have atleast 75 MB of free available space and should have autoextend on. Refer to the note "What are the recommended tablespace size required for Portal installation ?" for details. The default tablespace selected by default is users tablespace. users
  -t temporary_tablespace Use this tablespace for temporary objects. The temporary tablespace selected should have atleast 20 MB of free available space and should have autoextend on. Refer to the note "What are the recommended tablespace size required for Portal installation ?" for details. The temporary tablespace selected by default is temp tablespace. temp
  -d document_tablespace Install Portal document table in this tablespace. The document tablespace selected should have atleast 4 MB of free available space and should have autoextend on. Refer to the note
  "What are the recommended tablespace size required for Portal installation ?" for details. The documented tablespace selected by default is users tablespace. <default_tablespace>
  -l logging_tablespace Install Portal logging tables in this tablespace. The Logging tablespace selected should have atleast 4 MB of free available space and should have autoextend on. Refer to the note "What are the recommended tablespace size required for Portal installation ?" for details. The Logging tablespace selected by default is users tablespace. <default_tablespace>
  -in index_tablespace Install Portal index in this tablespace. The Index tablespace selected should have atleast 20 MB of free available space and should have autoextend on. Refer to the note "What are the recommended tablespace size required for Portal installation ?" for details. The Index tablespace selected by default is users tablespace. <default_tablespace>
  -lang language Abbreviation for the language to install us
  -m language_mode Specifies the mode for language installation
  if sso, translations only for Login server.
  if portal, translations only for Portal.
  if -m not specified, translations are installed for Both
  -demo Install Portal webview demos
  -silent Run mode for Portal Configuration Assistant. There is no UI provided by OPCA in the iAS 9.0.2 install. Use -silent option always
  -verbose Log mode for Portal Configuration Assistant. If this parameter is not set, logging information would be in brief and the OPCA would abort the install if it encounters any errors of kind
  ORA-, PLS- or SP2 errors.
  -report Install reports integration with Portal
  -owa Install OWA packages along with Portal This option behaves the same as the SYSOBJECTS mode.
  -sso_only Configure only SSO in mid-tier mode
  -portal_only Configure only Portal in mid-tier mode
  -available Language will be available for user translation
  -chost cache_host Cache host for Web Cache <hostname>
  -cport_i cache_inv_port Cahe port for Web Cache Invalidation 1100
  -cport_a cache_adm_port Cahe port for Web Cache Administration 1000
  -wc_i_pwd wc_inv_passwd Web Cache invalidator password invalidator
  -wc wc_on_off_flag Web Cache ON/OFF flag to enable or disable WC. The default is ON. If set to OFF Portal would not use Webcache though Web Cache may be up and running. on
  -o sso_schema Oracle Database schema for Login Server objects. In an iAS 9.0.2 install the default SSO schema name is orasso orasso
  -op sso_password Password for Login Server Schema. In an iAS 9.0.2 install the SSO schema password is randomized by default. Refer to the note "How to get the Portal schema password of the Infrastructure database ?" for more details. Use similar steps to get the password of the orasso. MANDATORY for the following modes:
  -MIDTIER: except when '-portal_only' is specified
  -LANGUAGE: except when '-m portal' is specified
  -DEINSTALL: except when '-drop PORTAL' is specified
  -odad sso_dad DAD for Login Server objects. Create the DAD to the SSO repository through the OEM. Refer to the note "How to create and manage the Portal and SSO DAD ?" for details. <sso_schema>
  -sso_c sso_connect Connect string to connect to the SSO repository If the Portal and SSO use the same database this option need not be passed and would default to the -c argument. <hostname>:<port>:<sid>
  -sso_h sso_host Hostname of the HTTP server for the SSO. If Portal and SSO use the same HTTP server this option need not be passed. It would default the HTTP server used for the Portal.
  -sso_p sso_port Port of the HTTP server for the SSO. If Portal and SSO use the same HTTP server this option need not be passed. It would default the HTTP port used for the Portal.
  -pa papp_schema SSO Partner Application Registration Schema. In an iAS 9.0.2 install the default Password store schema name is orasso_pa <sso_schema>_PA  
  -pap papp_password SSO PA Schema Password. In an iAS 9.0.2 install the SSO schema password is randomized by default. Refer to the note "How to get the Portal schema password of the Infrastructure database ?" for more details. Use similar steps to get the password of the orasso_pa <papp_schema>
  -ps pstore_schema Password Store Schema. In an iAS 9.0.2 install the default Password store schema name is orasso_ps <sso_schema>_PS  
  -pp pstore_password Password Store Password. In an iAS 9.0.2 install the SSO schema password is randomized by default. Refer to the note "How to get the Portal schema password of the Infrastructure database ?" for more details. Use similar steps to get the password of the orasso_ps. <ptore_schema>
  -pd pstore_dblink Database link from Portal schema to Password store. If the Portal and SSO use the same database this option need not be passed. <portal_schema>_DBLINK  
  -p_tns pstore_tns TNS connect string to Password Store. If the Portal and SSO use the same database this option need not be passed. The tnsalias should be created in the iAS 9.0.2 Portal middle tier.
  -s_tns portal_tns TNS connect string to Portal
  -ssotype ssotype SSO install type. Valid values are repository, midtier, all Repository
  -ultrasearch Ultrasearch configuration
  -drop drop_obj Drops either PORTAL or SSO or ALL (Both)
  if PORTAL, drops Portal schema and OID entries.
  if SSO,drops Portal schema and OID entries.
  if ALL, drops Portal and SSO schema and OID entries
  -oh oracle_home Oracle Home
  -mi midtier_install Midtier Installation
  -mc midtier_config Midtier Configuration
  -ssl Use SSL protocol for configuration. Pass this parameter only if SSL configuration is required. If this parameter is passed the -port passed should also be the SSL port of the HTTP server. Bt default this is not passed.
  -emhost em_host Enterprise Manager host for monitoring <hostname>
  -emport em_port Enterprise Manager port for monitoring 1810
  -iasname ias_name Name of the iAS instance that the install is installing on

• Error while accesing requisition from recruiter role in portal

  Dear Experts ,
  When we are trying to access *requisition in recruiter role in portal it is showing you are not authorized to perform this applcation. Can you pleae suggest me what will be the problem.
  For clarity we are having EHP4 , and the portal nw7.1 , we have assigned SAP _ALL to the user we are testing and in portal we had assigned super admin , recruiter , recrutiment administrator.
  Quick reply is highly appreciable.
  Thanks & Regards,
  Ravi

  Dear Bala ,
  Thanks for your support the erro got resolved actually the candidate has not been maintained , after doing that in weekend it got resolved.
  Thanks
  Ravi vemuri.

• J2EE roles vs Portal roles vs ABAP roles

  (I also posted this on portal implementation, but i hope i receive more reactions here )
  Dear all,
  I have a question about the information on the following link:
  http://help.sap.com/saphelp_nw2004s/helpdata/en/4c/6c0f40763f1e07e10000000a1550b0/content.htm
  It says the following:
  "These functions are intended to assign users and their assigned portal roles a corresponding role in the SAP System. This corresponding role (authorization role) contains the authorizations needed to execute certain functions from the portal."
  1. These "...certain functions..." they talk about, can someome give an example of these functions?
  2. Is it possible for example to create a role in the portal that gives a user authorisation for starting transaction SE80 in the backend system? Without making the role in the backend first and uploading it to the portal.
  3. It's also possible to upload ABAP roles to the portal. Is the main reason for this that users can see their SAP menu (or part of it) in the portal? Or does this have other advantages too?
  4. I'm very confused about the relation between J2EE roles, portal roles and ABAP roles. Is it possible to manage the roles for a user in one place, without having to do certain actions in the portal AND the backend system?
  From what I've read on help.sap.com, you always need to do certain actions in both places.
  A possible approach is the following (from what i know): Creation of roles in the R/3 system, without assigning to users. From a webdynpro application, a user can then be created and roles can be assigned: portal roles (via some API) and R/3 roles (via BAPIs).
  I hope someone can give a bit information on this issue. I've done alot of reading on help.sap.com, but it's still an abstract issue for me.
  Kind regards,
  Joren

  Hi Jorem
  Re: point 3. I don't build portal roles through this mechanism as I don't believe in replicating the SAP easy access menu inside the portal. If there are some specific functions (transactions) that I want to run inside the portal, then I might use this mechanism to build the iViews once. I would rather start an iView that runs transaction SMEN and let the user see their regular easy access menu.
  Please note that the speed of executing transactions in the portal isn't a function of the portal, but the fact that you are using ITS, for example, to web enable the transaction...
  Re: point 4. Groups are a UME concept. They have nothign to do with ABAP groups. They can be created directly in UME through user administration functions, or they can be created in the LDAP and then they are visible in the portal. If the UME points to an ABAP system, then the ABAP roles are autoamtcially visible as UME groups. Groups created in the UME need to have the members assigned through user admin functions of the Java engine. Groups stored in LDAP are maintained using LDAP admin tools. There are upload utilities that allow you to maintain LDAP users and groups through text files. Google LDIF for more details.
  Roles on the portal need to be built in the portal contetn directory. As Michael mentioned, this can be automated by the use of the role upload function built into the portal.

• Runtime error in Business planning role on portal EP7.0

  Hi all,
  We are using the BI integrtaed planning role from portal.( Ep 7.0) and backend system is BI7.0.
  1)I added the role com.sap.ip.bi.business_planning_showcase to the user
  2) I created the JCO connections
  BI_MODELDATA
  &#9679; BI_METADATA
  &#9679; WD_ALV_MODELDATA_DEST
  &#9679; WD_ALV_METADATA_DEST
  3)In spro of BI7.0 settings for starting planning modeler I gave the url of the portal.
  Now when open the BI planning role it is throwing the error
  com.sapportals.portal.prt.runtime.PortalRuntimeException: Failed in WD JNDI lookup. javax.naming.NameNotFoundException: No child found in WebDynproContext with name biplanstartpage .
  Any suggestions please.
  Thanx and regards,
  rajesh

  Hi,
  If you are using Ep 6.0 Sp 15 then you have to deploy the BIKIT for Sp 13 on the portal using SDM.
  This will solve Your  problem.
  Regards,
  Naveen Gupta