Remove a particular User Role (SU01) using an FM
Hi Gurus,
I would like to know if it is possible to remove a user role (SU01) using a function module/BAPI and how? I need to create a program that will remove all expired roles from all users. I've already researched about it and I can't seem to find an FM that will delete particular roles.
Thanks in advance.
Regards,
Dexter
Hello
What about ISAI_USER_ROLES_MAINTAIN ?
Similar Messages
-
UMX - Enabling the Remove button on User Role Management screen
Hi,
I tried looking everywhere on how to enable the Remove Button on the UMX Role Screen. Please advice me if anyone knows about this. Appreciate it.
Navigation
1 User Management Responsibility
2. Users tab -> look for any user -> click on update button on the search result
3. on the Roles tab , you will see a list of role assigned to the user , on the far right , there will be a Remove column with all the icon grey out. (How do i enable this???)Laurent wrote:
Hi,
I tried looking everywhere on how to enable the Remove Button on the UMX Role Screen. Please advice me if anyone knows about this. Appreciate it.
Navigation
1 User Management Responsibility
2. Users tab -> look for any user -> click on update button on the search result
3. on the Roles tab , you will see a list of role assigned to the user , on the far right , there will be a Remove column with all the icon grey out. (How do i enable this???)You cannot remove a role and you will have to end-date it (click on the plus sign with the "Show" text > Set "Active To").
To revoke a role from the user, you must end-date the role. If the role is an inherited role, you can only remove it by removing the role from which it originates in the role inheritance hierarchy. You can view a role's inheritance hierarchy by clicking on the Show hyperlink next to the role.
Assigning Roles to or Revoking Roles from Users
http://docs.oracle.com/cd/E18727_01/doc.121/e12843/T156458T156460.htm#366082
Thanks,
Hussein -
UWL Universal Worklist use User Role Negate Filter
Hi, SDN Expert.
In my UWL configuration, I am trying to exclude to display my task items to one user role.
I know that the "User Role" parameter can help me to restricts/allows who can get work items via the user role. I can also have multiple user roles separated by semi-colon to cover all the roles to receive the task.
BUT in my case, I only want few roles NOT to receive the task items, and all other roles to receive them.
My question is can I use the "NEGATE SIGN" , "!" (means Not Equal To) to exclude the particular user role to receive the task item, says I want to exclude the role name: "mydemorole", I just enter this "!mydemorole" in the "Use Role" parameter of the UWL configuration.
If NOT, what is the right way I should use to achieve this purpose?
Thanks for advise,
KCMichael, you can do this in the UWL but only with a 6.40 backend (ex. ECC 5) with a specific patch level (can not remember that patch level).
Before this you need to set these substituion in the R/3 inbox.
This being said it is only for workflow task routing. If I read your message correctly you want a manager to assign his authorizations (roles in R/3 or the portal) to a secretary. This is not supported in any standard SAP (or portal) scenario as far as I am aware.
Cheers,
D. -
OIA webservice for removing user role
Hi,
I need information regarding web services exposed in OIA for removing roles etc. We need it in our environment wherein we may not be having priviledge to make database query directly for removing user roles.
(the use case is as follows:
when user id disabled in OIM, assosciated database resource (DBAT, OIA database is used;rbx_users) is disabled ,and user's role is to be removed)
how this can be achieved via web-service call.
any pointers will be helpful
regards,
chhaviHi Pallavi,
i have the same problem, can you provide me more specific details?
-exactly oimjdbc.properties location please?
-which is what I have to modify?
Thanks in advance! -
Security Issues with the BP Internet user role creation--SU01
Hi All,
We are implementing the B2B Internet sales scenario using CRM 4.0. we
have contact persons who logs in and chose the distributor and then
start placing orders or look at product catalog .... Now contact person
is created as a BP in CRM and relation ship is maintained to sold to
(bp). During this process the contact person should be created under
the Internet user role which uses the SU01. so we will be able to
change password or change the roles of the users while creating BP
under the internet user role -- same as what we do in SU01.
This is now a security Issue because who ever can access the BP
(create/change) will be able to do the things we can do under
transaction SU01. But we still need to access the Internet user role in-order to assign the user id to the contact person . Is there any other
way of doing this.
Please advice ASAP.
Thanks
VasuHi Ashwini,
you need to modify the logon routine and then in the user management (isauseradmin application) to do this. Then there are likely changes to the catalog identification, and very likely to most processes in the shop. I really wouldn't advise doing so. As accounts usually have contact persons: Why does your client insist in providing a login for the organization and not for a person?
To achieve something that looks almost like the desired solution you, e.g., could model a dummy contact person for each account that shall get a logon, that then does the job. The contact person could be named like the company and then you are back to plain standard.
Rgds
Thomas -
How to add a BSP application to user role
What is the procedure to add a custom 'Zbsp' BSP application to the user role in PFCG Transaction code ?
When we add a transaction or report. it is working fine.
Please Suggest to add BSP application by defining required parametersHi Raja,
The BSP application which i have created used to access a custom based abap program by means of Ztransaction or Z internet service.
In SRM, I want to assign this BSP application page which has link to the abap program to SUS suppliers portal page . i.e add to the particular user role.
When i try to add this application to the user role in PFCG , it asks for the parameters action-id menu no and controller name.
These are all used in the standard BSP appliaction say SRMSUS bsp application..
Suggest what values should i give it to access this BSP application to the particular user role..
If you have questions in my requirement, do ask me.
Thanks in advance -
Hi,
we have created views for a particular application. Now we want to assign it to particular user "roles". Iam not sure of few things.
1) How to create a role ?
2) How to assign a particular view to a respective role?
Thanks in advance,
RavirajFollow given steps:
1 . For creating roles use the transaction PFCG ( Role Maintenance)
2 . After creating the role ,inorder to provide authorization access to PCUI application use the authorization object BSP_APPL.
After adding the BSP_APPL auth object ,you get 2 rows under 'Application Scenario' add your PCUI application object name and under 'View for UI Display ' add the view name.
Thanks,
Thirumala. -
How to hide custom fields in Shopping cart depening on user role
Hi,
We have some custom fields in shopping cart for basic view. Every thing works fine. Now client is asking to hide all the custom fields based on user role.
I found some function module to fund roles. now my main problem is unable to find the cusotm filed screen field name.
When I tryed to find the screen field name using BBPSC02/03, its giving 'GT_DISPLAY_100-FIELD'. If I try to use this field, its not working.
Could you pls tell me how to find custom screen filed name to hide in shopping cart.
Thanks,
RamHi Ram,
As Laurent suggested,to hide the custom fields based on the user role,you need to implement the logic in BADi "BBP_CUF_BADI_2".
You have the importing parameter IV_USER in this BADI.
Pass this parameter to tables AGR_USERS and AGR_USERT to get the user role
OR
Use FM: BAPI_USER_GET_DETAIL
with USERNAME= user id and can retrieve Table: ACTIVITYGROUPS Field:AGR_NAME
if you want the otherway around
you can also use FM: RSRA_USERS_OF_AGR_GET
with I_AGR_NAME= role and you can retieve Table: ACTIVITY_GROUPS_USERS Field: UNAME(usr Id)
Then check the value for the User role as obtained using the above steps and accordingly set the property for the custom fields to hide them.
BR,
Deepti. -
Hello all,
I have a support group that need the access/rights to create/publish knowledge articles.
What is the best user role to use in this case?
Regards,Advanced Operators role is the most suitable. Authors have more rights then required.
Cheers,
Marat
Site: www.scutils.com
Twitter: LinkedIn:
Facebook: -
I lose the 'authorization' tab in PFCG T-CODE on particular user
hai sap guru's ,
i lose the 'authorization' tab in PFCG T-CODE on particular user . (if i use PFCG in particular user i loose authorization tab)
how can i solve this problem ?
thanks & regards
sathish.hello
i suggest to make profile parameter
"auth/no_check_some_in_cases = Y or N "
it will help you.
then authorisation tab will be appear
regards
Ramesh -
Regarding user role!!!!!!!!!!
One of the user here wants to know , For one particular vendor the user wants access only for herself. All other users shoudn't have access to post invoices or do any transactions to this vendor. My question is ,Is it possible to assign this role only to this user. If yes, please tell me how to do it.
Hi
Create the Vendor in Seperate Account Group and ask the Basis person give authorsation to Particular user role .
Ravi -
Hi,
Can I access user roles by using the following code and if so, then how do I retrieve the role information from the iterator.
//This is code for getting Username and role.
IWDClientUser user1 = WDClientUser.forceLoggedInClientUser();
IUser user2 = user1.getSAPUser();
try{
if (user2 != null) { IUserAccount[] acct = user2.getUserAccounts();
if(acct[0] != null)
String strUserid = acct[0].getLogonUid();
wdComponentAPI.getMessageManager().reportSuccess("name"+strUserid);
Iterator it = acct[0].getRoles(true);
catch (UMException e) {
wdComponentAPI.getMessageManager().reportSuccess(e.toString());
Thanks,
JayHi
This should help you.
//Get Role Information
if (it.hasNext()) {
IRoleFactory rfact = UMFactory.getRoleFactory();
while (it.hasNext()) {
String roleName = (String) it.next();
IRole role = null;
try {
role = rfact.getRole(roleName);
wdComponentAPI.getMessageManager().reportSuccess("Role:" + roleName
+ "Display Name:" + role.getDisplayName()
+ "ID: " + role.getUniqueID()
+ "Uniquename: " + role.getUniqueName()
+ "Description: " + role.getDescription());
} catch (UMException e) {
wdComponentAPI.getMessageManager.reportException("error: " + e.getLocalizedMessage(),true);
regards
ravi -
Role removal from Multiple users
Hi All
I have a query related to removal of roles from user profile.
I want to delete a particular role from a set of users (say more than 600 users)
is it possible with su10 you to remove the role from the users at a stretch or is it the right way to get it removed from the user tab in PFCG and get the user- master record adjusted?
Please SuggestHi,
Preferably, you should use PFCG for your need...
It will be a easiest way to perform this task...
After that dont forget to do "user comparison"...
Regards.
Rajesh Narkhede -
BAPI - user last modified Name, Date and Time in SU01 of a Particular User
HI Experts,
After searched a lot in SDN , i am posting this thread,
I want to know any Standard BAPI to give LAST modified User name , time and Date in SU01 of a particular User.
I checked * BAPI_USER_GET_DETAIL* , its giving LAST modified time and Date in SU01, But I want Last modified user name as well.
I have 2 questions related with the above scenario,
1) Which BAPI gives the details of LAST modified User name , time and Date in SU01 of a particular User.
2) Any Table is there to give details of LAST modified User name , time and Date in SU01 of a particular User for a time period ,
For eg : 1 month, if i would have set the time line, it should give the three details .
Regards,
Saravana.SHi,
I am not sure, if there would be any BAPI particularly for giving such particular information. Even if you can, you might have to call 2 BAPIs, one for finding the list of such users modified within 1 month eg., and then getting the mod date and mod time.
BAPI_USER_GETLIST - this can be used for searching.. but tricky
then you have to call another bapi for getting the details.
One option is you can create a new Z BAPI using the table and get the results.
Regards,
Amit Mittal. -
Copy user roles/profiles : Su01
Hello,
I want to copy user roles /privileges from one user to other?
how do we do this and which user can do this ? my pisuper does not seem to have authority to copy user profiles from one user to other?
ThanksTry to Copy the user(Src user to Target user) from SU01 by logging in your user. When it displays authorization error, open a new Session of SU53. It will tell you the missing authorization objects. Add those authorizations to your user & you will be able to copy Users using ur userid.
If you want to keep it simple.. Give yourselves SAP_All. You can do whatever you want.
Copying Users
http://help.sap.com/saphelp_nw04/helpdata/en/52/6711c5439b11d1896f0000e8322d00/content.htm
Regards,
Siva Maranani
Maybe you are looking for
-
How can I change my iTunes, Apple and icloud to my yahoo account instead of it being on hotmail, I have yahoo on apple but my iTunes and iCloud still reading my hotmail and I don't know my pw for my hotmail account. I can't update or get apps due to
-
Disk Utility Image from Disk (whole disk) Error -39...
Hi - I've been trying to make a compressed/encrypted image of my primary hard drive without success. Using Disk Utility so I can have an image I can mount to retrieve files off an external HD when necessary. Booting from external firewire drive (part
-
Transfer material stocks to PCA for previous periods (1KEH)
I have an issue with 1KEH. We did not run the 1KEH(generate opening bal for material stocks) for period 2 . In SAP it looks like you can either run in for current period or previous period. (not 2 periods back). I looked this up with SAP note 858363.
-
Hey Everyone, We recently upgraded from 4.6C to 6.0 and using latest version of excel. Now, when I try to export a file from KE33 report to excel file, I am not able to do it. I am getting a pop-up window which gives the following options: 1. Copy Re
-
Hi all, We recently switched the location of our Shared Services schema from our main to secondary site oracle server. In the "reg.properties" file found under "hyperion/common/config/9.5.0.0" there's the configuration for where to look. If you chang