Role to acess ECM Repository
Hi
I have created a a web dynpro application which uploads and downloads a file in ECM repository.
For administrator role it is running fine but for an end user it is showing error ,ie not authenticated to read particular node .
I need minimal roles required for an end user to run the application
thanks and regards
Suresh
Dear Suresh,
Please check the permissions for the webdynpro application.
You should be adding everyone group with end user permission.
Hope this helps.
Regards,
Usha
Similar Messages
-
GetContextURL returns null using the default ECM repository
Hello experts,
This is the scenario.
We are using the SAP ECM repositoy for document storage in our BPM proyect. In this case we are using the default configuration and repository location (ecm/default and DefaultUser), but after the upload, when i try to get the document URL with the method getContentURL(), returns null.
The ECM documentarion saids than this condition is expected when using a third party repostiory, but this is not the case.
I appreciate a lot your advices and recomendations,
Best regards!
Julio C. LeyvaHi Vasil,
We didn't resolve this issue by this method, because we are using the default ECM repository witch doesn't support the operation getContextURL() and gets the "null" result. If you are using a different repository maybe works.
Re-checking the API specification, saids:
getContentURL
java.lang.String getContentURL() throws InvalidStateException, RepositoryException Returns a URL that can be used to retrieve the content directly from the respective backend, thus bypassing ECM. Note that this URL might have several restrictions which depend on the connector's backend store, such as a limited lifetime or requiring a user to authenticate with different credentials than the ones used to connect to ECM. Other stores might provide no content URL at all, in which case this method returns null. Applications might want to consider utilizing the ECM WebDAV server to present their users a URL that is located on the same system as ECM.
Finally, you would consider to expose a webservice (EJB Session Bean) witch encapsulates the ECMI implementation and extract your file content as a binary array (encode/decode), sending as the input your path/fileName for lookup in the ECM repository.
Regards! -
Create Roles with acess control in SAP MDM
Hi Experts,
I am new to SAP MDM.I want to know how to create roles with access control for various users in SAP MDM.
Thanks,
Manojhi,
in the console; you can create roles with access control and you can assign these roles to users.
follow this path:
Console --> repository --> Admin node --> roles,
here you can create new role. for role here you can maintain
1. role detail
2. Functions --here you can restrict the particular role , none / Execute the functions.
3. Tables/fields -- here you can give access to the role Read only / Read and write, and you can apply constraints also.
and follow the links:
http://help.sap.com/saphelp_mdm550/helpdata/en/8e/9f9c427055c66ae10000000a155106/frameset.htm
http://help.sap.com/saphelp_mdm550/helpdata/en/8e/9f9c427055c66ae10000000a155106/frameset.htm
http://help.sap.com/saphelp_mdm550/helpdata/en/8e/9f9c427055c66ae10000000a155106/frameset.htm
http://help.sap.com/saphelp_mdm550/helpdata/en/8e/9f9c427055c66ae10000000a155106/frameset.htm
http://help.sap.com/saphelp_mdm550/helpdata/en/8e/9f9c427055c66ae10000000a155106/frameset.htm
hope this may help you,
Regards,
Srinivas -
Error while granting BPMOrganizationAdmin role to SOAOperator.
Error Starting While starting SOA server. Please advise.
<Mar 5, 2015 12:56:08 PM EST> <Error> <oracle.bpm.services.organization> <BEA-000000> <Exception
exception.70692.type: error
exception.70692.severity: 2
exception.70692.name: Error while granting BPMOrganizationAdmin role to SOAOperator.
exception.70692.description: Error occured while granting the application role BPMOrganizationAdmin to application role SOAOperator.
exception.70692.fix: In the policy store, please add SOAOperator role as a member of BPMOrganizationAdmin role, if it is not already present.
ORABPEL-10513
Cannot get application roles from application identified by "{0}".
An error occurred while getting application roles from application identified by "soa-infra".
The underlying APIs threw an exception. Check the error stack and fix the cause of the error. Contact Oracle Support Services if error is not fixable.
at oracle.tip.pc.services.identity.jps.JpsProvider$1.run(JpsProvider.java:920)
at oracle.tip.pc.services.identity.jps.JpsProvider.lookupAppRole(JpsProvider.java:913)
at oracle.bpm.bpmn.engine.runtime.DeploymentDescriptorUtil.grantBPMOrganizationAdminRoleToSOAOperator(DeploymentDescriptorUtil.java:294)
at oracle.bpm.bpmn.engine.service.BPMNServiceEngine.stateChanged(BPMNServiceEngine.java:578)
at oracle.integration.platform.blocks.mesh.FabricLifecycle.notifyListeners(FabricLifecycle.java:46)
at oracle.integration.platform.blocks.mesh.FabricLifecycle.setState(FabricLifecycle.java:30)
at oracle.integration.platform.blocks.mesh.MeshImpl.postDeployInit(MeshImpl.java:118)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:307)
at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)
at oracle.integration.platform.metrics.PhaseEventAspect.invoke(PhaseEventAspect.java:71)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
at $Proxy307.postDeployInit(Unknown Source)
at oracle.integration.platform.kernel.FabricKernelInitializerServlet$1.run(FabricKernelInitializerServlet.java:555)
at oracle.integration.platform.blocks.executor.WorkManagerExecutor$1.run(WorkManagerExecutor.java:120)
at weblogic.work.j2ee.J2EEWorkManager$WorkWithListener.run(J2EEWorkManager.java:183)
at weblogic.work.DaemonWorkThread.run(DaemonWorkThread.java:30)
Caused By: ORABPEL-10510
Application role not found.
Application role "BPMOrganizationAdmin" could not be found for application identified by "soa-infra".
Check if the application role exists in the repository associated with the application. Check the error stack and fix the cause of the error. Contact Oracle Support Services if error is not fixable.
at oracle.tip.pc.services.identity.jps.JpsProvider$9.run(JpsProvider.java:2338)
at oracle.tip.pc.services.identity.jps.JpsProvider.lookupAppRoleEntry(JpsProvider.java:2333)
at oracle.tip.pc.services.identity.jps.JpsProvider.access$000(JpsProvider.java:169)
at oracle.tip.pc.services.identity.jps.JpsProvider$1.run(JpsProvider.java:917)
at oracle.tip.pc.services.identity.jps.JpsProvider.lookupAppRole(JpsProvider.java:913)
at oracle.bpm.bpmn.engine.runtime.DeploymentDescriptorUtil.grantBPMOrganizationAdminRoleToSOAOperator(DeploymentDescriptorUtil.java:294)
at oracle.bpm.bpmn.engine.service.BPMNServiceEngine.stateChanged(BPMNServiceEngine.java:578)
at oracle.integration.platform.blocks.mesh.FabricLifecycle.notifyListeners(FabricLifecycle.java:46)
at oracle.integration.platform.blocks.mesh.FabricLifecycle.setState(FabricLifecycle.java:30)
at oracle.integration.platform.blocks.mesh.MeshImpl.postDeployInit(MeshImpl.java:118)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:307)
at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)
at oracle.integration.platform.metrics.PhaseEventAspect.invoke(PhaseEventAspect.java:71)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
at $Proxy307.postDeployInit(Unknown Source)
at oracle.integration.platform.kernel.FabricKernelInitializerServlet$1.run(FabricKernelInitializerServlet.java:555)
at oracle.integration.platform.blocks.executor.WorkManagerExecutor$1.run(WorkManagerExecutor.java:120)
at weblogic.work.j2ee.J2EEWorkManager$WorkWithListener.run(J2EEWorkManager.java:183)
at weblogic.work.DaemonWorkThread.run(DaemonWorkThread.java:30)
>
<Mar 5, 2015 12:56:08 PM EST> <Error> <oracle.bpm.common> <BEA-000000> <Exception
BPM-70692
Exception
exception.70692.type: error
exception.70692.severity: 2
exception.70692.name: Error while granting BPMOrganizationAdmin role to SOAOperator.
exception.70692.description: Error occured while granting the application role BPMOrganizationAdmin to application role SOAOperator.
exception.70692.fix: In the policy store, please add SOAOperator role as a member of BPMOrganizationAdmin role, if it is not already present.
at oracle.bpm.bpmn.engine.runtime.DeploymentDescriptorUtil.grantBPMOrganizationAdminRoleToSOAOperator(DeploymentDescriptorUtil.java:324)
at oracle.bpm.bpmn.engine.service.BPMNServiceEngine.stateChanged(BPMNServiceEngine.java:578)
at oracle.integration.platform.blocks.mesh.FabricLifecycle.notifyListeners(FabricLifecycle.java:46)
at oracle.integration.platform.blocks.mesh.FabricLifecycle.setState(FabricLifecycle.java:29)
at oracle.integration.platform.blocks.mesh.MeshImpl.postDeployInit(MeshImpl.java:118)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:307)
at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)
at oracle.integration.platform.metrics.PhaseEventAspect.invoke(PhaseEventAspect.java:71)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
at $Proxy307.postDeployInit(Unknown Source)
at oracle.integration.platform.kernel.FabricKernelInitializerServlet$1.run(FabricKernelInitializerServlet.java:555)
at oracle.integration.platform.blocks.executor.WorkManagerExecutor$1.run(WorkManagerExecutor.java:120)
at weblogic.work.j2ee.J2EEWorkManager$WorkWithListener.run(J2EEWorkManager.java:183)
at weblogic.work.DaemonWorkThread.run(DaemonWorkThread.java:30)
Caused By: ORABPEL-10513
Cannot get application roles from application identified by "{0}".
An error occurred while getting application roles from application identified by "soa-infra".
The underlying APIs threw an exception. Check the error stack and fix the cause of the error. Contact Oracle Support Services if error is not fixable.
at oracle.tip.pc.services.identity.jps.JpsProvider$1.run(JpsProvider.java:920)
at oracle.tip.pc.services.identity.jps.JpsProvider.lookupAppRole(JpsProvider.java:913)
at oracle.bpm.bpmn.engine.runtime.DeploymentDescriptorUtil.grantBPMOrganizationAdminRoleToSOAOperator(DeploymentDescriptorUtil.java:294)
at oracle.bpm.bpmn.engine.service.BPMNServiceEngine.stateChanged(BPMNServiceEngine.java:578)
at oracle.integration.platform.blocks.mesh.FabricLifecycle.notifyListeners(FabricLifecycle.java:46)
at oracle.integration.platform.blocks.mesh.FabricLifecycle.setState(FabricLifecycle.java:30)
at oracle.integration.platform.blocks.mesh.MeshImpl.postDeployInit(MeshImpl.java:118)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:307)
at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)
at oracle.integration.platform.metrics.PhaseEventAspect.invoke(PhaseEventAspect.java:71)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
at $Proxy307.postDeployInit(Unknown Source)
at oracle.integration.platform.kernel.FabricKernelInitializerServlet$1.run(FabricKernelInitializerServlet.java:555)
at oracle.integration.platform.blocks.executor.WorkManagerExecutor$1.run(WorkManagerExecutor.java:120)
at weblogic.work.j2ee.J2EEWorkManager$WorkWithListener.run(J2EEWorkManager.java:183)
at weblogic.work.DaemonWorkThread.run(DaemonWorkThread.java:30)
Caused By: ORABPEL-10510
Application role not found.
Application role "BPMOrganizationAdmin" could not be found for application identified by "soa-infra".
Check if the application role exists in the repository associated with the application. Check the error stack and fix the cause of the error. Contact Oracle Support Services if error is not fixable.
at oracle.tip.pc.services.identity.jps.JpsProvider$9.run(JpsProvider.java:2338)
at oracle.tip.pc.services.identity.jps.JpsProvider.lookupAppRoleEntry(JpsProvider.java:2333)
at oracle.tip.pc.services.identity.jps.JpsProvider.access$000(JpsProvider.java:169)
at oracle.tip.pc.services.identity.jps.JpsProvider$1.run(JpsProvider.java:917)
at oracle.tip.pc.services.identity.jps.JpsProvider.lookupAppRole(JpsProvider.java:913)
at oracle.bpm.bpmn.engine.runtime.DeploymentDescriptorUtil.grantBPMOrganizationAdminRoleToSOAOperator(DeploymentDescriptorUtil.java:294)
at oracle.bpm.bpmn.engine.service.BPMNServiceEngine.stateChanged(BPMNServiceEngine.java:578)
at oracle.integration.platform.blocks.mesh.FabricLifecycle.notifyListeners(FabricLifecycle.java:46)
at oracle.integration.platform.blocks.mesh.FabricLifecycle.setState(FabricLifecycle.java:30)
at oracle.integration.platform.blocks.mesh.MeshImpl.postDeployInit(MeshImpl.java:118)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:307)
at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)
at oracle.integration.platform.metrics.PhaseEventAspect.invoke(PhaseEventAspect.java:71)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
at $Proxy307.postDeployInit(Unknown Source)
at oracle.integration.platform.kernel.FabricKernelInitializerServlet$1.run(FabricKernelInitializerServlet.java:555)
at oracle.integration.platform.blocks.executor.WorkManagerExecutor$1.run(WorkManagerExecutor.java:120)
at weblogic.work.j2ee.J2EEWorkManager$WorkWithListener.run(J2EEWorkManager.java:183)
at weblogic.work.DaemonWorkThread.run(DaemonWorkThread.java:30)
>Hi user,
Can you give us some information on the version you are using and your security setup? Are you using an external security provider? Because to me it sounds that you are using an external LDAP server.
Antonis -
Integrate IdM roles with Sun Access Manager roles
Hi all,
I am currently working on a solution involving Sun Identity Manager 7.1 and Sun Access Manager 7.1 as well. We use AM for overall authentication and SSO across the application, and IdM for user provisioning.
I need to create roles in Identity Manager, and I would like that when I assign a role to a user in Identity Manager, he gets the same role in my Access Manager repository (Sun LDAP). Identity Manager does provide a way to set attribute values in resources when a role is set. Access Manager on the other hand has both dynamic roles, based on an LDAP search, and static roles.
What are the important differences between static and dynamic roles in AM?
Does anybody know a good way to propagate roles from Identity Manager to Access Manager?
Thanks.I found answers to my question. I succeeded in setting the Access Manager role from Identity Manager using the nsRoleDN attribute. Here are some references to begin with:
About directory server roles:
http://docs.sun.com/app/docs/doc/820-2493/fvbrn?a=view
Forum thread reference:
http://forums.sun.com/thread.jspa?threadID=5208694
Here are roughly the steps I followed to get this working.
Access Manager roles setup:
1. In Access Manager, create a new static role named test_role under the identities realm (in Subjects > Role).
Identity Manager roles setup:
1. Create a new role in Identity Manager: tab Roles, click New....
2. Assign the LDAP resource to synchronize the role with.
3. On the Assigned Resources line, click the Set Attributes Values button. This shows up the attributes listing allowing you to bind your IdM role to your LDAP repository.
4. Set the attribute nsRoleDN to the LDAP DN of the role that was created in AM (nsRoleDN must be added in the resource attributes mapping before).
* In the column Value override, select Text.
* In the column How to set, select Authoritative merge with value, clear existing. (* See IDM Admin guide about this setting, I am still not sure how it reacts with multi-value attributes)
* In the text box, enter the role DN text (ex: cn=test_role,dc=com).
5. Save the role. You can now add the role to a user. -
Developping a ECM Connector for LiveCycle Content Services ES
Hello everyone,
I few weeks ago, I saw that Adobe LiveCycle had many connector to store documents in a ECM Repository/Document Repository.
Article onhttp://www.adobe.com/products/livecycle/connectors/ shows integration with ECM documentum, IBM filenet and IBM Content Manager.
I wonder why Adobe does not provide a connector to JSR 170 or JSR 283 : Content Repository for JavaTM Technology API Version 2.0.
JSR 283 is the java specification of documents and content repositories. It has many options. http://jcp.org/en/jsr/detail?id=283
Do you have tested LiveCycle Content Services ES with the JSR 170 or 283 to create a connector and to store documents ?
Do you know where to find these exemples ?
Thank you very much.
ECI
Web developperHello Steve,
Thank you for your answer.
My Content Repository in the one of RSD Folders. In fact, I could have a CMIS interface on it, but after a study, it happends that it will take a lot of time to me. And it is not excatly what I need, because we already have the JSR 170 level 1 compatibilty, with API compatible with JSR 170. ... But your idea is a good idea.
What I wanted, is a example ... but I have started with my API. That I use directly in the component. Adobe does not provide any example with JSR 170 or JSR 283 in order to create a Component. I think they should jave some examples with this.
PS: I also use Flex so we are nearly using the same technologies , lol
Thank you
User2222 -
Role names with spaces (6.1 to 8.1)
Hi All
I'm working in an organization that has group and role names within their LDAP
repository such that the group and role names contain spaces. Hence, for example,
within a web.xml file lines like the following exist:
<role-name>Some Role Name</role-name>
This has worked without problem in Weblogic 6.1 but given some prelimanary work
within 8.1 we are noticing that Weblogic 8.1 does not appear to like spaces within
the <role-name> element.
Is this just the way it is with Weblogic 8.1? Or is there a way to continue to
use role names with embedded spaces within Weblogic 8.1?
Thanks,
Rob"Peter" <PeterB> wrote:
>
"Rob" <[email protected]> wrote in message
news:3f57d329$[email protected]..
Hi All
I'm working in an organization that has group and role names withintheir
LDAP
repository such that the group and role names contain spaces. Hence,for
example,
within a web.xml file lines like the following exist:
<role-name>Some Role Name</role-name>
This has worked without problem in Weblogic 6.1 but given some prelimanarywork
within 8.1 we are noticing that Weblogic 8.1 does not appear to likespaces within
the <role-name> element.
Sounds like a bug. File a support case.
Hi,
A workaround exists :
1 - in web.xml, update your role-name element by replacing spaces with "_"
2 - in weblogic.xml, add :
<security-role-assignment>
<role-name>Some_Role_Name</role-name>
<principal-name>Some Role Name</principal-name>
</security-role-assignment>
Regards
Christophe -
Setting attributes based on role.
Hello,
I'm trying to set up idm 7.0.0 in such a way that user groups are synchronized with redhat resources, and that the idm roles a particular user belongs to, determines "secondary groups" on the resources.
What I've done:
-configured redhat resources. Reconciliation works fine.
-set up roles. Some of the roles are configured to change the "secondary groups" attributes on the resources. (I'm using "authorative merge with values, clear existing")
What happens is that when a user is assigned to a role, then the "secondary group" of the user is changed the way I expect.
The problem is that when the user is removed from the role, then secondary groups is not changed on the resources.
Another problem is that when clicking Server Tasks -> Run Tasks -> Synchronize Identity System Roles with Resource Roles, then the resources are not available from the "select resource" ..
I've seen postings on this forum earlier, in which some users have similar problems. If anyone can tell me what I'm doing wrong, then I'd appreciate it :)It seems that the secondary group is updated, but that it is only possible to set it to one value.
A redhat user can only be member of one single secondary group.
In the documentation, it says:
Note: For multi-valued attributes, you must edit the role object in the repository to indicate that it holds a comma-separated value (CSV) string; for example:
<RoleAttribute name='attrs role:Database Table:attrs' csv='true'>
I'm using a mysql backend, and it would be inconvenient to edit the xml for each role we create. Is there any way we can set that roles implicating redhat resources should have secondary group attributes which holds multiple groups? -
Hi all
Inside the Data Manager i create 2 rows in the Named Serches table, then i did a query (in the free form search --> i look for a value in qualified) and I finally I assign to one of them.
I prude the resulset: Search --> Restore Named Search --> My_NamedSearch and got the filter. Now i want to assign this named search for a role, but in the console i don't have an option to choose this (the label constraint doesn't show me [ALL])
Im using MDM 5.5 SP05 (5.5.42.84)
Any suggestion.
Rhi,
upto MDM 5.5 SP05 versions, constriants are available for look up tables, Categories and mask table only.
in SP6 version you can assign Named searches to a role;
Enhanced Administration and Repository Reconciliation
􀁸 MDM Server and MDM Console
o Roles may include constraints based on Named Searches.
o The Relationships table in the MDM Console now contains the Code field.
o The default Remote System is created as type Inbound/Outbound (previously
Inbound).
o Austrian German is available as a data language.
More information: MDM 5.5 SP06 Console Reference Guide.
follow the link:
http://service.sap.com/installMDM. you will find sp6 release notes.
hope this may help you,
Regards,
Srinivas -
Hi,
I would like to move my users and roles from one system to another . Is there a way i can export and import the data back into the system.
I have already tried to export the repository schema and it did not give the necessary output.
I am working in 5.5 SP6 version
Regards,
VigneshHi
You can do at Data base level using DML Queries, follow the below links.
How to Create Mass Users/Roles in SAP MDM Repository Running On Oracle Database
http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/a0daad81-6a4b-2c10-9cb8-9586b0ebfb28?quicklink=index&overridelayout=true
How to Create Mass Users/Roles in SAP MDM Repository Running On SQL Database
http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/f0224edf-bf37-2c10-228f-c16415815c5f?quicklink=index&overridelayout=true
regards
Sowseel -
Role based session service setup on AM 7.1 with separate conf/user ldap
AM 7.1 is installed with two separate LDAP instances used for AM config store and user repository.
I want to setup different active session quota based on role assignment.
The session service cos only existed on the AM config LDAP store.
If I create the role and assigned and customize the session service to the role on the AM config LDAP store, the role cannot be assigned to user profile only existed on the user repository.
If the role is created on the user repository, then the session service cannot assigned to the role on the user repository.
I try created roles on both repository, assign session service to the role on AM config ldap and assign role of same name on the user repository to the user. The role based session is not effective.
Would appreciate if any one can shed some light on how to setup role based session service on an AM installation with the AM config ldap and user repository being on 2 separate ldap instances.
Thanks
MoAM 7.1 is installed with two separate LDAP instances used for AM config store and user repository.
I want to setup different active session quota based on role assignment.
The session service cos only existed on the AM config LDAP store.
If I create the role and assigned and customize the session service to the role on the AM config LDAP store, the role cannot be assigned to user profile only existed on the user repository.
If the role is created on the user repository, then the session service cannot assigned to the role on the user repository.
I try created roles on both repository, assign session service to the role on AM config ldap and assign role of same name on the user repository to the user. The role based session is not effective.
Would appreciate if any one can shed some light on how to setup role based session service on an AM installation with the AM config ldap and user repository being on 2 separate ldap instances.
Thanks
Mo -
Purchase Orders Authorizations M_BEST_EKG
Hi all,
I have one USER with 2 role´s:
1ºROLE - Grants acess to create PO for for the following objects:
M_BEST_EKO=001P
M_BEST_EKG=308
M_BEST_WRK=9009
2º ROLE - Grants acess to create PO for for the following objects:
M_BEST_EKO=001P
M_BEST_EKG=002
M_BEST_WRK=9004
Could you explain me the reason why this user can create PO for the
following Organizacional Levels:
EKORG=001P
EKGRP=308
WERKS=9004
THANKS in advance!
Best Regards
JECAnd with this scenario:
One USER with 2 role´s:
1ºROLE - Grants acess to create PO for for the following objects (act 01 for all objects):
M_BEST_EKO=200M
M_BEST_EKG=308
M_BEST_WRK=9009
2º ROLE - Grants acess to create PO for for the following objects (act 01 for all objects):
M_BEST_EKO=001P
M_BEST_EKG=002
M_BEST_WRK=9004
Do you think the object´s in the roles should sum???
THANKS in advance!
Best Regards
JEC -
IDM / GRC 10 - Post approval issue
We are using IdM 7.2 sp8 and GRC 10 and have a full workflow created as follows:
NOTE: Risk Validation and GRC System Auto-Approval Step are currently both disabled
Manager -> Role Owner -> GRC Risk Analysis -> Approval -> Provision Seems quite simple. right? :-) Getting every detail correct to make sure this works seemlessly is the issue I seem to be running into.
My issue is that I am trying to assign an IdM Business role that contains privileges from two different ABAP systems (very standard). After everything gets to approved, submitted to GRC and comes back to IdM, polling starts and the result is read back in and the check status task runs its "Approve" tasks. It looks like the provision job is trying to provision the requested roles into the GRC10 repository instead of the ABAP systems the privileges should be provisioned in and I get the following in the log:
This is found in the provisioning framework
Naturally the privileges have a default repository but the Business Role does not.
The GRC10 Repository only has the workflow (full not just AC Validation stage) in the Validate add task, no assignment tasks
Each ABAP system only has the three normal provisioning tasks assigned, 601, 1345 and 751
The error I get when its all said and done is "uSkip Called to skip entry"
There is some small detail I'm missing.
Your thoughts?We are using IdM 7.2 sp8 and GRC 10 and have a full workflow created as follows:
NOTE: Risk Validation and GRC System Auto-Approval Step are currently both disabled
Manager -> Role Owner -> GRC Risk Analysis -> Approval -> Provision Seems quite simple. right? :-) Getting every detail correct to make sure this works seemlessly is the issue I seem to be running into.
My issue is that I am trying to assign an IdM Business role that contains privileges from two different ABAP systems (very standard). After everything gets to approved, submitted to GRC and comes back to IdM, polling starts and the result is read back in and the check status task runs its "Approve" tasks. It looks like the provision job is trying to provision the requested roles into the GRC10 repository instead of the ABAP systems the privileges should be provisioned in and I get the following in the log:
This is found in the provisioning framework
Naturally the privileges have a default repository but the Business Role does not.
The GRC10 Repository only has the workflow (full not just AC Validation stage) in the Validate add task, no assignment tasks
Each ABAP system only has the three normal provisioning tasks assigned, 601, 1345 and 751
The error I get when its all said and done is "uSkip Called to skip entry"
There is some small detail I'm missing.
Your thoughts? -
Hi,
Is it possible to change the text of a button which is in the LSO Test Player application?
We would like to amend the text for the finish test cmd button.
If this is not the best forum for this, please can you suggest where would be more appropriate.
Regards,
RobHI, Niladri.
If It was in authoring environment during testing WBT local, it would be 4),5) relevant for you.
1) Check config of your LSOCP <j2ee-server>:<part>/lms/checkconfig?sys=<backendsys>&client=<client>
2) See configuration http://<J2EE-server>:<port>/lms/mediator/config
3) Check tech users(LSO_CP, CMS_User) roles and acess in backendsys
3) Also check RFC SAP_LSO_BACKEND
4) Downgrade Java\reinstall
5) Use another version of LSOAE
This note may be halpful 746917
Also see instalation guide
Regards,
Alexey. -
CQ5 with InDesign, Bridge, and Drive
We make lots of catalogs. We use the full CS5 suite currently, and are considering purchasing CQ5 as the repository for the assets and then to move on to the web content management. Some thoughts and questions on how CQ5 might support a print production flow:
All our assets for the catalogs will be in a CQ5 repository.
1) We need to use InDesign's Place command to get assets from the repository into InDesign. Therefore Drive's role in virtualizing the repository is a must have. Our system integrator is telling us to stay away from Drive because Drive 3 is buggy and hasn't been tested thoroughly with CQ5. Well Adobe, no production ready Drive vitrualized repository then no sale. Any thoughts on CQ5 and InDesign working through Drive in high volume, large file size environment?
2) InDesign has a fabulous feature called Live Caption. It's a dynamic text box that shows the File-->Info metadata of any image the text box touches. We incorporate this heavily in our print production workflow. Through XMP we built a custom File-Info palette for images. Then with the Live Caption we can dynamically display that info - image name, item number, styling notes, color. Works great. We'd like to workflow the pages and images and metadata through CQ5, but CQ5 doesn't write metadata back out to the file info, so therefore we would no longer be able to take advantage of InDesign's Live Caption feature. What is involved in getting CQ5 to write select fields of metadata to the file info metadata so we can use it in InDesign Live Caption? What's involved in using Bridge to change the File Info metadata and have that properly update the corresponding metadata in CQ5.
3) We routinely reuse images. For search and reuse capability, the DAM has to automatically record the relationships of images on what pages and what pages have what images. That allows us to search for an InDesign page and see all the images on it, and also search for an image and see all the InDesign pages where it was used. This functionality is completely out of box with other content management systems designed to support print. It's certainly a feature I'd think would be out of box for the Adobe suite, but it isn't in CQ5 or doesn't seem to be. How might this be done?
Very, very disappointing that Adobe CQ5 does not have a better understanding of print production workflows. If it did, then Adobe would have an unbeatable multi-channel story to tell.Since I put it out there, it's fair that I step up. This is a list of 30 enhancements to the DAM landing page only. And yes, I know what the sales folks would say: "we can do all those things." But, just not interested in paying staff or consultants to customize in order to get what are mostly obvious and expected.
Overall, the interface is a mish mash of buttons, links, folders, grid - it doesn't know what it wants to be. Is the interface supposed to mimic a file system, a web page, a spreadsheet? The schizophrenia creates confusion as end-user can no longer rely on their past experiences working on a common interface. Pick an interface metaphor and own it completely. (Rebuid it in Flex.)
Implementation of functionality is so incomplete. It clearly was put together foremost to meet a checklist for the sales team and not to be great software. Search – check; Thumbnails – check; Copy and Paste – check and check. But, the incomplete implementation of every one of those is downright demoralizing. When functionality is added – please make it complete and great.
The buttons across the top for Home, Websites, DAM, Campaigns, etc. should be selections in the left nav similar to the way Outlook lets you select Mail, Calendar, Contacts, Notes, etc. This would free up important real estate and move some elements that are selected maybe once or twice during a session.
The menu choices at the top New, Copy, Paste etc. are implemented like links, but the should really be built with standardized menus and selections. File->New, Edit->Copy, etc. This would be intuitive to end users and facilitate easy growth and organization as new commands are added.
The menu choices should be context aware and toggle when applicable - Activate Deactivate and Copy Paste for instance.
The search box on the right needs significant enhancing. (I do see how it may be more effective when searching in Websites, but in DAM it is woefully incomplete.) A couple of quick ones: need better indication of what location you're searching – current folder or whole repository; need options for searching content or file names; results list is too small; need ability to switch to advanced. It's probably all configurable but with a little thought it could have been great out of box.
EVERY file of any type that's in the repository should get a gorgeous scalable thumbnail automatically. Adobe owns Scene7 and Acrobat - of course this can be done. For me, sadly, for thumbnails to be so incomplete reveals a lot about the strategy and priorities of the folks making the software. See #2 above.
Should have a View menu that lets you select from multiple out of the box views, including:
The Standard view, which should have a slider to control the size of the thumbnails.
A Thumbnail view also with a slider to control size.
A cool Carousel view.
A plain List view, which doesn't have thumbnails.
The List view should have a feature where when you rollover you get a thumb preview.
The columns don't size in a common intuitive way. Sizing one column shouldn't alter the size of the other columns.
Should be able to create columns in the list views of a metadata attribute.
Should have a small drop down arrow for all items that displays a pop-up of the details info. This would save a lot of clicks opening to view the details, closing, and then trying again.
Needs a Cut command (which would fall with Copy, Paste, and Move under an Edit menu). Cut and Paste would in some cases be easier and more intuitive than using the full Move dialog.
Needs a Rename command (which woud also fall under an Edit menu). Using the Move command for a rename is not ideal.
Could use a Duplicate command (or the Move dialog could have a check box in it for Duplicate).
Should show at the bottom of the window the number of items in the window being browsed.
Should show user info and role somewhere.
Should have an option at the bottom for viewing all on one page.
Should have a drop down for selecting how many to view on a page i.e.16, 50, 100, all.
Should be able to have saved searches appear as Smart Folders in the left nav.
Default Smart Folders for left nav should include most recent, checked out, in workflow, to do.
Need to be able to launch any asset into its native app for editing (in combination with Adobe Drive installed).
Tools dropdown should have a choice for Audit, which shows the file's complete history including:modification history, number of times downloaded, by who, workflow steps, etc.
Ability to select an asset (or multiple), and click an email link to send it as an attachment.
Ability to have Favorite folders in the left nav. Would allow you to jump around without navigating the tree.
Would be cool to have folders in the left nav that map to folders outside of the repository. You could create some really neat import and export functionality for the DAM.
There are more, and thanks for the time.
Maybe you are looking for
-
This function would be tremendously useful for students sharing class notes or for family members or friends sharing daily-life notes. Similarly, it would be wonderful if we can share Reminders, so that if I have a grocery list on my reminder and I c
-
Dynamic Text Field is not displaying foreign characters... HELP!
I have a dynamic text field that is not displaying foreign characters properly. They appear as boxes. Here's what I've tried. Under properties for the text field, I clicked on the embed characters button. In there, I pasted all the special characters
-
Ordinal 55 could not be found in the dynaminc link library iertutil.dll cs5.5 installation problem.
Okay, so when i downloaded the trial version of Flash Professional CS5.5, the following popup "popped up". "The dynamic link library iertutil.dll could not be found. Reinstalling the application may solve this problem." So i went to a site that had h
-
Where do I enter PPP user name and PPP password?
Where do I enter PPP User Name and PPP Password when installing a new modem? I followed directions for installation but a dialog box asking for those items didn't come up. I reset the Wi-Fi on the System Preference > Network Pane after turning off al
-
ANM - mysql create other databases
Hi, I have ANM 4.3 installed and running (demo licese expired, but we are getting a new license). It worked without problems. I could log, create new users, monitoring, deploy.... I need to install a softwar that needs a MySQL database. Is it possibl