Regarding roles
Hi all,
In system administration i am not able to find "System Configuration" in portal .
Is it a portal role or r/3 role?
thanks,
rameshb.
Hi Ramesh,
It is not a R/3 Role.It is a Workset in the SystemAdministration Role..
You can see this in ->
Navigate to Content Admin -> Portal Content -> Portal Aministrators -> System Administrators
Here you can find the System Admin Role
Open this and Check for System Configuration work set...
Check the entry point true for this work set.
Regards,
Raju Bonagiri.
Similar Messages
-
Please help me regarding role upload ?
Hi All,
installed CRM business package in portal. took CUA as user base. now assigning of users to roles is a concern for me.
i.e. CRM 4.0 and BW 3.5 already comes with some predefined roles for portal, for ex : PCCCAMPAIGNMANAGER*
I assigned an user X in CRM and BW system and I want the same user assignment to be used in portal. so I used "Role upload". i.e. I uploaded CRM user to role assignments to Portal, so I got that under migrated content --> sap component systems --> name of crm system --> under that my role (PCCCAMPAIGNMANAGER).
Now I added the portal role com.sap.***.CampaignManager (portal specific) to this role by "Add role to role". so now when the user logs in, he will be able to see the worksets assigned.
please note that we didnt do any user to role assignments in portal.
so all the users assigned to this role in crm and doing manual "role upload" can login into portal and view the worksets.
portal role consists of iviews from both crm and bw. but now we just had the users assigned to role in crm mapped to role in portal, but what about bw iviews?
i.e. what happens when i assign user x,y,z for this role in CRM and only users x,y in BW, so in portal x,y,z will be assigned to the respective role as we took only crm-portal user to role assignments. then the user Z will get an error obiviously for bw iviews, so how to ensure that CRM and BW roles are in sync with roles in portal.
is there some concept of role mapping or something like that to solve my problem?
sorry if my question is not clear, but hope that you can help me in this regard
Thank youcould some one please help me regarding this..
I am in very urgent need..
Thank you -
Regarding role of business analyst
Apart from SAP implementation,,
If u consider software development services , How a SAP professional can do a job of business analyst??
I mean to ask, what would be the job profile?
I am SAP Business one fresher, Kindly guide me.
Thanks in advance.Dear,
Role of a business analyst is depends on your client what they want to fulfill through you. What reponsibilities to be fulfilled by you, what output expecting from an business analyst during SAP implementation purely depends on clients decision.
In general, you can find many useful hints from web on role of a business analyst during SAP ERP implementaion. Please find below an extract information which I found and most commonly match with all clients.
Check this link where explained about BA: http://www.businessgyan.com/content/role_busines
Regards,
Syed Hussain. -
Regarding role resolution using evaluation paths in workflow
hi all,
Could anybody guide me on the steps needed to configure role resolution using evaluation paths in workflow. IF u could provide me with a sample it would be great.
Thanks in advance,
steveHi Steve,
Why dont you check the Standard rule <b>168</b>. I am sure, that will give you some idea of Agent Determination. I mean, please refer the SWX_GET_MANGER function module.
In this,you can see RH_STRUC_GET is the function module that determines the required Agent/related Org Object using the Evaluation path(see the parameter - ACT_WEGID), here they have used SAP_TAGT.
I hope this helps.
Regards,
<i><b>Raja Sekhar</b></i> -
Regarding Role Authorisation and Obejcts
Hello Experts,
I have requirement from the basis team they want to know the object names for the particular transaction like MMBE and also they have request that they want to restrict to view the stock for plant 1000 for particular user, so they need the Object for Transaction and Object for the Plant to restrict how can I find it? Please it is urgent
Can you give me list of T.Code to Check User Authorisatiosn and Obects for the Particular Transaction code.
Regards,
SunduHi Sunder,
You can use PFCG tcode to check the object of particular transaction code.
Execute PFCG and create temp role. Enter tcode in Menu and go to Authorization and click Change authorization profile and here you will get all the object related to that tcode.
Hope this will help.
-Pinkle -
Hi Experts,
Can anyone tell me the creation of roles in SRM.
Currently we have role called Z_EBP_OPERA_PURCH_10000
which means the spend limit of that role is 10000 euros. This way we have multiple roles for different spend limits.
Now I have to create a new role with spending limit of 30000 euros. In this case can I copy the existing role i.e from the above one and name it as Z_EBP_OPERA_PURCH_30000. will this is going to work?
Or additionally do I have to do anything other settings in the system so that the new role works for 30000.
2 .Also creation of any new role is Job of whom SRM Functional consultant or will it be a job of Security and Administartion team.
Because what I feel is SRM functional consultant can only assign the roles which are there available in the search list and new roles has to be created by a S&A am I rt?
Please suggest me on the above 2 queries
Regards
SairamHi Sai,
1. The creation of the role should work, but don't forget to change the spending limit in the role.
2. The depends on the internal functionning. this is different for every project. Your analyse is not wrong but you should ask this question to some project managers.
Regards,
Laurent.
(Oops i think i answered too late for this one...)
Edited by: laurent touillaud on Jul 24, 2008 4:57 PM -
Regarding roles and worksets ??
hi
is it possible ??
i have made 2 roles nd 6 worksets ..in 1 role made the entry point no and made the entry point yes for there worksets....these are shown in tabs ...
now i want to use the same worksets for a new role but want to make the role entry point 'yes'..
and doest not want to show the worksets shown in tab for 2 nd role ..want that 2nd role will be shown in tabsHi Arpit,
If I understand you correctly you have a role with worksets inside the role which are entry points (meaning you see them in the 1st level in the TLN).
Now you have a 2nd role which you want to see in the 1st level TLN, and want the
2nd level TLN for this role to have the same worksets you used in the other (1st) role.
In order to do that, just create delta links for the worksets, and add them to the 1st and to 2nd role.
These will actually be the same worksets. when you make changes to the original worksets, you'll see the changes in both roles.
Regards,
Tal. -
Hi All,
I have one problem,actully I need the data of all roles which are in our system(say in development) to make new template.
So I want that if I can run any report or from some table,I can get all the composite roles with single roles in them as well as all the transactions in that roles.
Please tell me,is that possible to do that in single attempt, or if so,tell me the name of that table or report as soon as possible.Hi,
Please check the below tables :
Security Tables
Table
Description
USR02
Logon data
USR04
User master authorization (one row per user)
UST04
User profiles (multiple rows per user)
USR10
Authorisation profiles (i.e. &_SAP_ALL)
UST10C
Composit profiles (i.e. profile has sub profile)
USR11
Text for authorisation profiles
USR12
Authorisation values
USR13
Short text for authorisation
USR40
Tabl for illegal passwords
USGRP
User groups
USGRPT
Text table for USGRP
USH02
Change history for logon data
USR01
User Master (runtime data)
USER_ADDR
Address Data for users
AGR_1016
Name of the activity group profile
AGR_1016B
Name of the activity group profile
AGR_1250
Authorization data for the activity group
AGR_1251
Authorization data for the activity group
AGR_1252
Organizational elements for authorizations
AGR_AGRS
Roles in Composite Roles
AGR_DEFINE
Role definition
AGR_HIER2
Menu structure information - Customer vers
AGR_HIERT
Role menu texts
AGR_OBJ
Assignment of Menu Nodes to Role
AGR_PROF
Profile name for role
AGR_TCDTXT
Assignment of roles to Tcodes
AGR_TEXTS
File Structure for Hierarchical Menu - Cus
AGR_TIME
Time Stamp for Role: Including profile
AGR_USERS
Assignment of roles to users
USOBT
Relation transaction to authorization object (SAP)
USOBT_C
Relation Transaction to Auth. Object (Customer)
USOBX
Check table for table USOBT
USOBXFLAGS
Temporary table for storing USOBX/T* chang
USOBX_C
Check Table for Table USOBT_C
Regards
Sreedhar Reddy -
Regarding Role And Authorisation
Hello Experts,
I have got a request today from my help desk asking for , they are having some problem when they use some SD t.codes, they don't ahve authorization, so basis team is asking me to give the objects they can access and they are allowed to change or delete like this, for exp when they want o modify material they want are not able to see for some pants.
how can i achive this, how can i make sure the roles of two peopel are same i mean able to access same objects.? pls help urgent
thanks
Sunduhi,
u can do this with the use of Tcode su53.
when the user uses any tcode n he gets an message tht he is not authorised then u go to tcode su 53 immediately after tht transaction, then an Authorisation object appears in tht screen just give the same to ur basis person n tell him to give authorisation of that object to tht user id with the necessary permissions.
Regds,
Laxmikant -
Hello All,
I am new to OBIEE 11g, Can anybody explain me the difference between to create Roles & policies from EM
& from Admin Console.
Thanks,
PradipHi,
Application policy:
1) Granding Access Permission to each components(analysis,Bi publisher,RPD..etc)
2) OBIEE are granted by its Application Roles. In the default security configuration, each role conveys a predefined set of permissions. An Application Policy is a collection of Java EE and JAAS policies that are applicable to a specific application. The Application Policy is the mechanism that defines the permissions each Application Role grants. Permission grants are managed in the Application Policy corresponding to an Application Role.
Application Role:
1) It can have multiple policy store also rolle can map to users and groups,
2) Application role a user has when using obiee,
3) Its granting permissions to members of a role,
4) Its managed in the policy store provider...etc
For More Refer:
http://docs.oracle.com/cd/E23943_01/bi.1111/e10543/authentication.htm#CHDEDHEF
Application Role
Thanks
Deva
Edited by: Devarasu on Jun 19, 2012 6:13 PM -
Regarding role genration information
I have large no of roles in one particukar R/ 3 system .. i want to see whether the roles are properly generated or not .
Is there any table where i can see is ther any open callings or not properly generated roles .Hello,
Goto SUPC and generate all the roles, if some roles not generated then it will automatically generate all the roles.
Thanks,
Biksham -
Assigning roles to 10000 users
Hi Guru's,
I need your solution regarding role assignment to 10000 users.My client is having 10000 users.
My perception for this is
[Role]
Roleid = Path;
user = user1;user2;user3;...............user10000;
Writing above code in text document and importing then exporting in user administration.....
Is there any approach to assign a role to 10000 users in one go.
Please share the solution for this issue.
Regard's,
PrashanthYou can use the Import functionality of User Administration.
Use Groups as principal.
Example
[group]
gid=Z_GRP_HR_ESS
gdesc=HR Group for Employee Self-Service
user=DHANZ1;DHANZ2;.......
Import utility times out for huge user base....so split 10000 in 2 batches...eg first load with 7000 users and second with 3000 users.
Second run do it in overwrite mode
Once the loads are complete you can manually assign the corresponding Roles to the Group. It is best practise to assign
Users -> Group -> Role.
Also you get a detailed log after import with errors -> You can fix that in your import file and run the utlity again.
Good luck ~ Dhanz -
E-Recruiting : Role Authorization in e-recruiting standalone scenario
Hello Friends,
We have EREC on a standalone system (ERD 100). HR ECC is another system (ECD 300), Enterprise portal in another system (EPD 100).
we are on EHP 5, EREC 605, Support Pack 7.
We have activated the single sign on mechanism.
I have following queries regarding role authorizations on EREC in standalone model.
1) We have standard reference users such as recruiter, manager, decision-maker, data entry clerk, rec.admic etc; the" RCF_RECRUIT, RCF_MANAGER, RCF_CAND_INT, RCF_DATA_TYP" etc, Should this reference users be created both in EREC & HR system or only in EREC system ?
2) If the "RCF_XXXX" reference users roles are supposed to be created only in EREC system, how to assign reference user roles to employees whose master data is in HR System. ?
3) Can support teams concept help for mass authorizations? Can someone elaborate on the support team, support group concepts ?
Kindly provide inputs.
Regards,
ER.Thanks Nicole for the inputs.
Just expanding my query on the 2nd point regarding assigning Reference users like manager, recruiter to certain employees :
Example: Say I have Emp. No 20003000. He is an hiring manager, In HR System, IT105, subtype user id is "20003000".
To assign RCF_MANAGER reference user role to user id 20003000, should i have to recreate the userid in EREC system as well and assign it in SU01 for this user id.
Would like to take your comments.
Thanks,
Regards,
ER. -
Hello,
I have a question regarding Roles and ACLs. I understand that I can use one or more security realms to host users, groups, and ACLs. (In fact I am implementing a custom realm for users and groups like RDBMSRealm, and wanted WLPropertyRealm to handle ACL/permission based duties.)
Reading the "Writing a Web Application" it is apparent that ACLs are not supposed to be used for Servlets/JSP anymore, but rather to map roles to security principals via the deployment descriptor files for the web application.
So:
1. I assume that Weblogic will determine, once I have authenticated the user in my realm, whether or not the user is in a certain role, and therefore, whether or not they have access to a particular resource?
2. What happened to the concept of permissions? Is it assumed that if the user is in the required role that they have permission to execute the servlet/JSP?
3. Does it make sense to talk about ACLs anymore? A checkPermissions() method on an Acl object doesn't make sense now. Instead am I to use isUserInRole() ? (This doesn't seem the same to me - asking if User A has execute permission on this resource is different than asking if User A is in the CSR role.)
Your response is appreciated.Hello,
I have a question regarding Roles and ACLs. I understand that I can use one or more security realms to host users, groups, and ACLs. (In fact I am implementing a custom realm for users and groups like RDBMSRealm, and wanted WLPropertyRealm to handle ACL/permission based duties.)
Reading the "Writing a Web Application" it is apparent that ACLs are not supposed to be used for Servlets/JSP anymore, but rather to map roles to security principals via the deployment descriptor files for the web application.
So:
1. I assume that Weblogic will determine, once I have authenticated the user in my realm, whether or not the user is in a certain role, and therefore, whether or not they have access to a particular resource?
2. What happened to the concept of permissions? Is it assumed that if the user is in the required role that they have permission to execute the servlet/JSP?
3. Does it make sense to talk about ACLs anymore? A checkPermissions() method on an Acl object doesn't make sense now. Instead am I to use isUserInRole() ? (This doesn't seem the same to me - asking if User A has execute permission on this resource is different than asking if User A is in the CSR role.)
Your response is appreciated. -
Hello,
I have an ask regarding roles in SAP KM.
I want to set documents with specific criterias (moduls of SAP, project phases, document type, sector, ...).
In my company there are different roles: consultant, developer, manager... Every role wants an other view. (Manager -> project phases, Developer -> moduls of SAP ...)
Is it possible, that different roles can have different structures for the documents and that they can change between the views?
I would be very appreciate if somebody can help me.
With kind regards
SusanneIf each set of docuemnts is in a different folder, you can create KM Navigation iviews to point at each different folder (a property of the iview is the folder name).
If you then assign the different iviews to the different roles, you should be sorted.
Hope that helps
Paul
Maybe you are looking for
-
Batch Input with transaction ME58
Hello SAP: We are trying to do a Batch Input Session with transaction ME58 (Creating Service Entry Sheets) by using a FrameWork Order. After the batch input selects the purchase order and mark all the requisitions related with that order and confirms
-
Like in stored procedure returns incorrect result
Hello all, I have a stored procedure like below Alter PROCEDURE ContactsListBySearch @AuthorID int, @currentPage INT, @pageSize INT, @searchStr nvarchar AS BEGIN set nocount on; WITH tempLog AS ( SELECT distinct ROW_NUMBER()OVER (ORDER BY email DESC)
-
Custmor exit variable - Istep 1, 2 and 3
Hello Could you please let me know when Istep 1 , Istep 2 and 3 is getting called at the time of query execution ? Report is using custmor exit in variable . Regards,
-
7-day advance alerts in Calendar
Is there any possible way of modifying the Calendar to allow for alerts 1 week before an event? At the moment the maximum alert time available is 2 days before, which is too late for sending birthday cards etc. This seems like such a simple modificat
-
Add a new tab in IW31/IW32
Hi, I have a requirement where in I need to add a new tab in IW331, IW32. Also, how do I add fields on to that tab? I know there is one enhancement IWO10018, but I have never worked on enhancement before. So can someone please tell me how to use this