Roles for REACh Compliance

Similar Messages

• BI Content for REACH

  Hi Experts,
  Is there any BI Content for REACH Compliance. Or any other work going on in this area within BI.
  Regards
  Meiyappan

  hi,
  www.takesolutions.com/Documents/BI/events/TAKE-BO-XI-3-Webinar.pdf
  http://www.zdnet.co.uk/tsearch/analyticstechnologybi.htm
  www.itbusinessedge.com/item/?ci=28620
  naresh

• SAP REACh Compliance Project Management Capabilities

  Dear experts,
  Do you have any list of the report names is SRC that can be used for project management? (i.e. Endpoint coverage, Status of registration at Substance level...)
  Many thanks and best regards,
  Alberto

  Dear Alberto
  Here are the list of report names relevant for REACh
  End Point - Information
  End Point - Gap Matrix
  Endpoint - Coverage Check
  Besides Reporting, you also have couple export capabilities
  Legal Process - Export Registrations
  Substance Management -Costs
  Substance Management - Export Internal and External Organization
  Substance management - Export Priorities
  Substance Management - Export Roles and Volumes (Quantities)
  This is just a addition  to SRC reporting capabilities -
  If you want to make use of Compliance Workbench capabilities - here's the list
  i) Compliance Status for Products
  ii) Compliance status for Substances
  iii) Product - Pure Substance Analysis
  iv) Product - Chemical Data Analysis
  v) Displaying pure substance lists for review.
  Thanks
  Jayakumar
  Edited by: Jayakumar Indracanti on May 21, 2009 11:45 AM

• SAP Product and REACH Compliance 2.0 dese not add-on in SAP ECC 6.0 EHP5

  hi experts,
  I upgraded ECC 6.0 EHP5 and then try to add-on SAP Product and REACH Compliance 2.0 in SAP ECC 6.0 EHP5.
  I aleady knew REACH 2.0 is available with ERP 6.0 EHP5 through Note 1389561 - SAP PRC 2.0: Installation and upgrade for ERP 6.0 and SAP Note 1456663 - SAINT: Enhancement Package 5 components on NW 7.02.
  But unfortunately, When I try to install REACH 2.0 using SAINT, The error message was pop-up
  ========================================================================
  OCS package SAPK-360COINTDAGBCA does not match the current software component vector
  ========================================================================
  any idea pleas...
  For reference
  ==========================
  tp version : 720 patch 90
  R3trans version : 720 patch 89
  SPAM/SAINT : 7.02/43
  SAP_BASIS : 702 sp 07
  SAP/EA_APPL : 605 sp 04
  Thanks and regards,
  Jun

  Hi Jun,
  You could check the upgrade logs and traces at the location ../usr/sap/<sid>/upg/abap/logs.
  Check for the latest last changed logs. Mos probably a prerequisite package for the REACH 2.0 installation is not included in the upgrade. The detailed logs should mention which prerequisite is missing.
  Fore reference see thread: EHP4 upgrade error on SAPK-603DHINEAPS
  Regards,
  Srikishan

• Hi I need help in creating role for DEVELOPERS and HCM GUYS in ERP DEV. sys

  Hi Experts
  I am working as a Support Security Consultant. Now I have assigned to another implemenation Project.
  My client asks to create 2 roles in DEV. system the requirement is:
  1) He asks to create a role for develpoers in dev system fro devepment activities ( report creation, screen creation..etc..) and these people don't modify the HR related tables
  2) He asks to create role for HCM guys in development system to work on HCM Configuration and to work on HCM areas but these people should not involve into develpometn activites
  My questions is what are the tcodes we have to maintain in the roles to reach his requirement.
  I asked the same thing to my Client he doesn' t provide any information
  Please anyone help me on this
  Thanks
  Naresh

  Hi,
  for the first query please check auth object -Authorization Object S_TABU_DIS (Table Maintenance)
  http://help.sap.com/saphelp_nw04s/helpdata/en/1e/e867408cd59b0ae10000000a155106/content.htm
  No Worries
  KG

• Tcodes & Roles for SAP GRC AC 5.3 SPM in R/3

  Hello,
  After installing part of the SAP GRC AC 5.3 SPM in the Tcode SAINT (R/3).
  I want to know what Tcodes do I need to use the Tcode /VIRSA/VFAT.
  Or what type of roles do I need. Is there some.
  I have read the PDF "SAP Governance, Risk & Compliance Access Control 5.3 - 02 Post-Installation - SPM.pdf", and I have seen some roles. Are this the standard roles for the SPM in R/3?
  Best Regards.
  Pablo Mortera.

  Hi Pablo,
  In 5.3 we can use the SPM by two different ways.
  1. FFID based: In this you make a user as a FFID and then you use this FFID to perform all the actions.
  User based roles are for the above.
  3. Role based: In this you assign the roles(maintained in SPM) to the user.
  Role based roles are for above.
  The basic diffeence is in first one you use user (FFID) to perform the activities whereas in second you use role (which are maintained in SPM).
  You can get more details of this in user guide and configuration guide.
  Regards,
  Shweta

• Investigate - ECC roles for retirement.

  I am trying to investigate and find roles that can be retired in the ECC system. How do I come up with a list of roles that are ready for retirement (due to unuse or wrong naming convention, etc,etc)?
  What are the questions I should be asking?
  I have tried to follow the below approach, but it doesn´t seem to be effective enough:
  note- From hereon, when I mention roles, it means Z-Roles only.
  Please find the method I used to analysis the issue below:
  Requirement:  Investigate - ECC roles for retirement.
  (Self made points below)
  1. Document all roles in ECC, that have never been assigned to any user.
  2. Document all the roles in ECC, that do not have any users assigned to
  it since atleast one year.
  3. Document all the roles in ECC, that are forbidden to be assigned to
  any roles.
  4. Document all the roles in ECC, that do not follow the standard naming
  convention defined by the organisation.
  My question - Should I extend this list?
  Analysis:
  Transactions used extensively during analysis:
  SE16 Data browser
  SUIM User Information system
  S_BCE_68001425 Roles by Complex Criteria
  PFCG Role Maintenence
  Tables user extensively during analysis:
  AGR_AGRS  Roles in Composite Roles
  AGR_DEFINE  Role definition
  AGR_USERS  Assignment of roles to users
  Actions taken, to reach the solution:
  1. Single Roles - Without assignment in the last one year ( There has been no user assignment to these roles for atleast one
  year and no changes have been done to the role during this time.
  These roles are currently without any user assigned to them.
  2.Forbidden roles: These roles are not to be assigned to any users and it
  can be strongly recommended that they should be retired.
  There are currently no user assignement for this roles.
  3. Wrong Naming convention :  Roles that donot follow the
  standard role naming conventions (as defined). These roles should be
  retired.

  Hi..
  Last month we did this clean up activity. But after a lot of meandering here and there, like what has been stated, finally i decided to take help of the functional consultants of each module of SAP and removed all unwanted roles - from end users. It was a massive exercise, esp when roles were assigned indirectly,  but finally we could clean up a bit.
  But for some reasons, the back end team has kept the roles on the system and roles have not been deleted or completely removed from the system itself. May be as part of 2nd phase of clean up, we would do that.
  And also that was the reason why we felt - as to whether it is ok, to make any role as non-editable, and identify it, all those roles in one go, for a direct clean up at a later date. But I was not able to categorize that way.
  In case you have some other better ideas of cleaning up the system completely, please share your thoughts too. It would be very helpful.
  Thanks
  indu

• Lock Role for Changes till the transport is released

  Issue : since roles are managed by multiple security administrators, changes are moving against the sequence.
  We have multiple security administrators, is there a way to lock a role for changes until the task/ req is released.
  Example Scenario :
  Security admin 1 : if there is a change request to add SU01 to the role: Z_TESTROLE, Security admin adds it and creates a Change request but does not release it.
  Security Admin 2 : the security admin 2 will get a Change req for the same role Z_TESTROLE to add a tcode PFCG to it. Security admin 2 does his job and moves his transport now even though the first transport does not move the change made by the first security admin moves with the transport for the second admin.
  We have multiple security administrators, is there a way to lock a role for changes until the task/ req is released.

  Hi all,
  Thanks for your responses.we follow a change procedure but I guess its just needs to be refined. Everybody figured out that this is a coordination issue but I was asked to research on any technical ability to handle this.
  Here is a brief overview of our process :
  1) BPO approves the change
  2) Role owner support manager approves the change
  then the Change request comes to 3)Security Manager for her approval.
  I feel from Sox prespective the 3rd approval in not manadatory.
  I'm I correct ??? where can I find Sox guide for SAP ?
  Recap of the incident:
  1)A change ticket is created for the t-code creation and a task is created for the role in which this report is to be added.
  State I role Z_TESTROLE  is with ZMMR0025
  After adding the new report ZMMR0055 the old report ZMMR0025 is removed.
  State II
  The role Z_TESTROLE has tcode ZMMR0055
  now this is tested in development system by the requestor.
  Before this goes into PRD via QA a newsflash is sent to all the endusers (so that they know which t-code to use)
  Meanwhile if another security administrator works (suppose adds a new tcode or changes an authorization)  on this while the role is in state II changes made by Admin 1 are transported along with the second change.
  State II + new changes = State III
  When the role reaches PRD in state III result is the end user losses access to the required functionality ZMMR0025 before ZMMR0055 is made available.
  I hope I’m clear , please let me know if I need to be more specific on any part.
  I appreciate your help.
  regards,
  Salman.

• E-Recruiting 6.0: Business Partner Role For Branches

  Hi Experts,
  In the IMG, SAP E-Recruiting > Basic Settings > Enterprise Structure > Define Business Partner Role for Branches
  Can anyone help in the following:
  1) What is the purpose of Business Partner Role and how does it relate the Branches? Or how can i make use of it?
  2) If i am going to maintain the Company & Branches via the Administrator function instead of IMG, do I still need to configure this step: Define Business Partner Role for Branches
  Thanks.  Will reward points for any helpful tips.
  William

  Hello William,
  the Business Partner is an application / module which belongs to the base components of the SAP. It is used and partly extended by various other applications / modules. Next to E-Recruiting it is used for example by CRM and the financial service solution (FS-CS, FS-PM, FS-RI). All of these modules can put their data for a person or an organization into the same tables. Depending on the installation / system environment or even within one single module the requirements for available fields and business checks as on authorization differ between kinds of business partners (e.g. in FS-CS the commission solution for the financial service sector knows external agents and internal employees which have to be treated differently). The business partner is the element to assign the logical / business role in which a person is handled by the system.
  For E-Recruiting you have 2 kinds of business partners, too. On the one and there are people being candidates and on the other hand there are branches of your company which hire people. The configuration allows you to seperate them if you need to identify anywhen which business partner is a branch and which is a candidate. So far I never tried if this is really working as there is no real use for this I never set it up. The attributes and the business checks are the same anyways.
  Hope that helps a bit to understand the context
  Best Regards
  Roman Weise
  PS: please remember that you have to maintain the branches via administrator bsp application. Using the IMG entry won't work.

• Roles for Contact Person in MM-SUS Scenario

  Hi !
  When we create a contact person using the Create user option in SUS, we assign the roles to the contact person. These roles are basically the standard SAP roles for SUS. We have created Z-roles ( a copy of the standard roles) to restrict cetain txns for users and would like to assign these Z-roles to the contact person . How can we ensure that the Z-roles are displayed instead of the standard roles ?
  Regards

  Hi
  <u><b>Please go through these complete SUS-MM Configuartion detail links, which will definitely help  -></b></u>
  <u>Roles:</u>
  SAP deliver standard roles with authorisations, if You want to maintain your own go to transaction PFCG.
  There are two type of role:
  - single role
  - composite role - (one or more single roles)
  To roles You can assign transaction codes, reports, URL links, etc. SAP System automatically creates the authorisations that you can set on Authorisations tab page.
  <u>Authorisation:</u>
  Authorization profiles must be generated before you can assign them to users. An authorization is generated for each authorization level in the browser view, and an authorization profile for the whole role as represented in the browser view.
  Re: Clarifications on EBP-SUS and MM-SUS Scenario
  Re: Cancellation from SUS hangs in XI interface
  Re: Vendor Replication in SUS scenario
  Re: SUS-MM for service items
  Re: Central Person already exists
  SUS and Central User Admin
  Re: User roles.
  <b>Please look at following links for Roles and Authorizations </b>
  <u>Links for user roles:</u>
  http://help.sap.com/saphelp_nw2004s/helpdata/en/52/6714b6439b11d1896f0000e8322d00/content.htm
  http://help.sap.com/saphelp_nw2004s/helpdata/en/42/271d24d86211d2961a0000e82de14a/content.htm
  http://help.sap.com/saphelp_nw2004s/helpdata/en/e4/15e48efd6c11d296430000e82de14a/frameset.htm
  http://help.sap.com/saphelp_erp2005vp/helpdata/en/d3/559a4271c80a31e10000000a1550b0/frameset.htm
  http://help.sap.com/saphelp_erp2005vp/helpdata/en/4e/52b74065448431e10000000a1550b0/frameset.htm
  <u>For profiles and authorisations:</u>
  http://help.sap.com/saphelp_nw2004s/helpdata/en/52/67151e439b11d1896f0000e8322d00/frameset.htm
  http://help.sap.com/saphelp_erp2005vp/helpdata/en/20/efcbfed8a511d397110000e82de14a/frameset.htm
  Regards
  - Atul

• Error during create CR for MDGC "Enter a relevant role for creation of customer master data"

  Hello Experts,
  I am unable to create a Customer CR in 'MDG 6.1 Customer UI' , the UI throws an error saying "Enter a relevant role for creation of customer master data".It looks like it is expecting me to mention the BP role ( like FLCU01 Customer or FLCU00 FI Customer ) , but I don't see that BP role section in the Customer UI to mention .
  While creating the vendor CR  , I am able to enter the BP role ( like FLVN01 vendor or FLVN00 FI Vendor ) in the UI BP Role section.
  Following are the UI's for Customer and Vendor
  Customers BS_OVP_BP: BS_OVP_CU > OVP: BS_CU_OVP - I do not see BP role section here.
  Vendors BS_OVP_BP: BS_OVP_SP > OVP: BS_SP_OVP - This is working fine  , I see BP role section here.
  Please advice what I am missing here , what should I do for the successful CR creation . Should I change the UI for Customers or do I need to do anything in CVI configuration.
  Thanks,

  Hi Abdullah,
  You were right in the first place the UIBB is missing  , the UIBB 'Role' was present in the 'Search Customer' page but not available in the 'Create Customer CR' page , so I created the 'Role' UIBB again and was able to create the CR now . Not sure how it got deleted in the first place , is there any options where we reset the UI screen to the default initial configuration
  But after approving the CR , only the Business Partner BP is getting created and the Customer is not getting created . Not sure what might be the issue now. Is there any config that tells to automatically create customer when BP is created. I was able to create Vendor using the create Vendor CR before.
  Thanks

• More than one role for a clip.Is it possible?

  Is it possible assign more than one role for a clip?
  thx

  Only one video role, only one audio roll, per clip.  Only one as these are "Media Stems", and when you work with Stems, only one roll per asset video, one per asset audio.

• I'm a newbee, (Win Tech)  Would like to know what command it is for reaching the reinstall menu at boot-up. I do not meen cmd r menu wich just install OSX above the OS. I think I need a totally fresh installation. Do you have any clue?

  I'm a newbee, (Win Tech)  Would like to know what command it is for reaching the reinstall menu at boot-up.
  I do not meen cmd r menu wich just install OSX above the OS. I think I need a totally fresh installation.
  Do you have any clue? Have several issues on a new MacBookPro but it's propably "PEBKAC" made.. 
  Uffe

  It is Command+r or for the online internet system it is Command+option/Alt+r keys. Then you use Disk Utility to erase the macintosh partition, from the built in recovery hd, or you can repartition the drive as one partition from the online system.
  To actually get to the online internet system you have to hold that key combo down until you see a globe on the screen. Otherwise it will just boot from the built in recovery hd on the internal drive.

• Help Required in Authorization Roles for Workbooks

  Hi All,
  In our project, we have a requirement of creating a role for users with below authorizations.
  1.     Can display and execute the workbooks in the role menu.
  2.     Can create copy workbooks ( Save as) in the role menu.
  3.     Can not delete the original and the copy workbooks from role menu.
  We are using an authorization object S_RS_FOLD with u2018FALSEu2019 for restricting the user from deleting workbooks.
  We also need to add one more object S_USER_AGR (without u2018Deleteu2019 property) to give the authorization of creating copy workbooks in the role menu.
  Object S_RS_FOLD this is working fine without S_USER_AGR. But after adding S_USER_AGR (without delete property), user is again able to delete the workbooks.
  So how can we achieve both the functionalities where user can not delete the workbook but can create copy workbooks in the role menu.
  Thanks,
  Sachin

  Re: Adding report (query & workbook, templates) in roles
  Go through this thread.
  And in our Project we have created one role for accessing workbooks. in that end user can access the work book but saved one and user cannot resave or delete the work book.
  we have added Auth objects S_TCODE and S_GUI.
  in S_TCODE we have added RRMX and in S_GUI we have given 60(IMPORT) access to the users.
  So that they can just share the workbook. nothing else can be done.
  Try like this. Hope this would help you.

• Portal Run time error when created a seperate role for Transport package.

  Hi Experts,
  I have created a seperate role for Transport Package(import/export iviews).
  Normally we have transport package functionality in system admin.
  Below steps i followed for creating the new role(trans admin)
  1.Copied SAP provided system admin role to a seperate folder.
  2.Deleted reamining portal objects(like UWL, portal display etc ..) except transport packege workset.
  3.Renamed the role to trans admin.
  I have assigned that role to my self, it is working fine to me when i clcik on export and import.I have super admin role.
  when i assign this role to some portal users, Export is not working.
  when user clicks on Export role they are getting below error.
  Portal Runtime Error
  An exception occurred while processing a request for :
  iView : N/A
  Component Name : N/A
  Access denied (Object(s): com.sap.portal.system/security/sap.com/NetWeaver.Portal/medium_safety/com.sap.portal.appdesigner.contentcatalog/components/Framework).
  Exception id: 12:10_31/08/09_0031_21763550
  See the details for the exception ID in the log file
  By looking into exception iD also, same error access denied it is showing.
  Please Advice.
  Thanks
  Sony.

  Hi Raghu,
  Thanks for the reply.
  I have given full permissions to all users to this trans admin role before itself.
  Thanks in advance.
  Sony.
  Edited by: ambica sony on Aug 31, 2009 1:53 PM