Roles for User
Hi ,
Can anyone pls help me to find out roles assigned to particular user .
In Su01 transaction we can viewdata for particular user .
I need some function module or table which gives / reads information of roles assigned to particular user .
Thanks ,
Amee Anadkat .
Please check table AGR_USERS
Also check program RSUSR002
also check out the function group PRGN_AUTH
It has the function modules like
PRGN_AUTH_PROFILES_ASSIGN
PRGN_AUTH_ASSIGN_USERS_TO_AGR
Similar Messages
-
Hi,
in forms 10g , it's possible to change the role for user
REVOKE role_name FROM :USERNAME;This should work, but the user revoking a role from a different user needs to have the admin option of this role.
When creating a role, by default the "Admin option" for that role should be enabled for the user creating the role.
Normally, this would be the schema-owner of the application objects ...
A user holding the "admin option" may grant a role to a different user and grant the other user "admin option" on this role... -
HI,how to find roles for user based on userid?
hi,
i need to find roles for each user based on user id.
can i know any one knows this how to get roles for user?
thanks,
jpullareddyhi,
i solve my self.
i am getting values
jpullareddy -
I swich to Oracle11g express and create user
CREATE USER LEO
IDENTIFIED BY xy
DEFAULT TABLESPACE USERS
TEMPORARY TABLESPACE TEMP
PROFILE DEFAULT
ACCOUNT UNLOCK;
-- 3 Roles for LEO
GRANT AUTHENTICATEDUSER TO LEO;
GRANT CONNECT TO LEO;
GRANT FER_ADMIN TO LEO WITH ADMIN OPTION;
ALTER USER LEO DEFAULT ROLE FER_ADMIN;
-- 1 System Privilege for LEO
GRANT CREATE SESSION TO LEO;
-- 1 Tablespace Quota for LEO
ALTER USER LEO QUOTA UNLIMITED ON USERS;
and after login i check
select * from SESSION_ROLES
and i have none role
if I set role all works fine.
Why I doesn't have DEFAULT ROLE after login.
Pleas for help .here is the solution
default roles and grants
Edited by: Leo Lakota on 4.10.2012 5:52 -
Roles for user in supplier self-registration
Hello everyone,
I was checking the configuration guide for Strategic Sourcing and for Servece Procurement and I have a doubt.
For supplier self-registration is needed an anonymous user, but in the guide for Strategic Sourcing says that the roles for this user are SAP_EC_BBP_CREATEUSER and SAP_EC_BBP_CREATEVENDOR, however, in the guide for Service Procurement says that the roles are SAP_BC_BASIS_MONITORING and SAP_EC_SUS_ADMIN_VENDOR
What are the right ones?
Thanks,
IváHi,
The user should have the roles: SAP_EC_BBP_CREATEUSER & SAP_EC_BBP_CREATEVENDOR.
This user is maintainted in ROS client BSP service ROS_SELF_REG in Log on Data
with ROS client, user ID and password.
BR,
Disha.
Do reward points for useful answers. -
Oracle Role for User Administration
Hello,
I am a DBA. We have a separate group that maintains oracle user accounts within an oracle database. We would like that group to maintain users (add/remove users from database, add/remove roles, etc.) but we do not want to give them the 'DBA' role for security reasons. Ideally, we want to grant them a role that gives them the ability to administer users but not do anything else.
Does a role like this exist within Oracle? If not is there a workaround to obtain this type of functionality?
Thank you!Do you have this actually working? I have it complaining about permissions on the line that tries to create the user. I thought oracle restricted doing this for security reasons. I am creating this as a user with the 'DBA' role and then when I try to execute it as the same user (which can create users normally) I get this error:
SQL> exec system.create_user('troy1','troy1');
BEGIN system.create_user('troy1','troy1'); END;
ERROR at line 1:
ORA-01031: insufficient privileges
ORA-06512: at "SYSTEM.CREATE_USER", line 4
ORA-06512: at line 1
And here is the code (based off of the example)...
CREATE OR REPLACE PROCEDURE create_user( p_username IN VARCHAR2, p_password IN VARCHAR2 )
AS
BEGIN
EXECUTE IMMEDIATE 'CREATE USER ' || p_username || ' IDENTIFIED BY ' || p_password || ' DEFAULT TABLESPACE users ';
END;
Any ideas? -
I can not find sap_bc _jsf_communication role for user sapjsf user
hi Masters,
when i am trying to create user in portal, it showing error message. " an error occured in persistence .Please contact system administrator"..
i found there are no roles assigned to sapjsf user. we need sap_bc_jsf_communication role for sapjsf user.. But there are no roles assigned to sapjsf user.
how can i assing the sap_bc_jsf_communicaiton role to sap jsf user. Pease give reply.
POrtal and r3 are installed in one system only on db2 database.
Edited by: sujana mullapudi on Dec 7, 2009 4:34 PMhi ,
I have checked the sapjsf user roles in su01 t-code- r3 side. for sap jsf user the two roles sap_bc_jsf_communication and another role sap_bc_jsf_communication_role(something Like). these two roles already exist for sapjsf user in r3 system.
but in portal side the roles are not exist . can you tell me whats the reason, and please reply me. -
Remove T Code for each ROLE for user
Hi Experts
Can anyone tell me how to remove the T code for each role which was define individually for users Eg
CR01 has been assign to 50 users, the difficulty is I have to go to each role then search for CR01 t code then delete and again generate the Authorization
In this way there are so many t codes which I have to go one by one to delete it.
Any help to remove the t-code for each role through any way.
regards
Piroztry the Security forum at Security
they might have trick (such as CATT scripts).
doing this via SQL commands is dangerous. avoid this solution if you are not 100% sure of its impact. -
Hi, I am trying to implement a role that would enable a user to have the same functionality as the out-of-the-box User Admin role, but that this user would not be able to actually create or modify users, roles assignments, etc.
The idea is to have a 'Display' role - with read-only access.
The solution we are comtemplating right now involves getting the source code from SAP, copying it, and modifying it - disabling any interaction. We would then create new iviews, pages, etc from there only for this role. This is a tedious task.
Any ideas on how else this can be done?
ThanksI have only managed to do this by creating a role and assigning the relevant User Admin iViews to the role and then changing the End User Permissions on the role.
I assigned the ReadAll Premission. That did the trick for me.
Groups unfortunately require the manage_groups Permission, so we do not allow the viewing of groups. -
User role for user authentication in a SOAP receiver channel
Hi,
What is the role required for a user in a SOAP receiver channel. This user is specified in the User Authentication while configuring the channel.Hi,
User Authentication is not mandatory but If your Web service requires logon data, select the Configure User Authentication checkbox and fill in the corresponding fields.
If the Web service is outside your system landscape and you need to address a proxy
server, select the Configure Proxy checkbox.
The sender SOAP adapter does not require a SOAP action, but you always have
to apply logon data when using the SOAP adapter. In the central adapter engine
you can use a service user such as xiappluser; in a non-central adapter
engine or a PCK you must use one of the user names assigned to security role
xi_adapter_soap_message for component XISOAPAdapter.
Regards,
Divya -
Role for User Administrator(Read only)
Hi All,
I want to create a role just like the role ofUser Administrator.But I want to make it read only.I want that the end user can perform search operation,can see the locked user,can see the roles but can't delete the user.Basically ,they shouldn't able to do the modification.
Any suggestions will be appreciated.
ParitoshI have only managed to do this by creating a role and assigning the relevant User Admin iViews to the role and then changing the End User Permissions on the role.
I assigned the ReadAll Premission. That did the trick for me.
Groups unfortunately require the manage_groups Permission, so we do not allow the viewing of groups. -
What authorization-roles for user login (java stack)
Hello SAP-Fans ,
which authorization role needs to be assigned to the users for logging into a java-stack on port 50.000?
We always get the error-message: "Error 403 forbidden, You are not authorized to view the requested resource."
I know this is a beginner's question. Java is completely new to us.
Thanks in advance
Danny WinnHi Danny,
Welcome to SDN,
Logon to the portal with the user Administrator, go to User Administartion and create a user for yourself by assigning Super Admin Role.
portal Url must be http://<host.fqdn>:50XX0/irj/portal where XX is the system number in this case 00.
You will able to see at the user admin tab all the SAP standard roles.
regards
Juan
Please reward with points if helpful -
Backend BW roles for users needed when running reports in infoview?
Hello all,
We are using SAP BI Queries as the sources of our universes, the user is going to logon to infoview to run report in webi. We have created some access levels in CMC to restrict users, the question is - the user will still need some kind of backend BW roles to have access to the BI query that is developed in BW system right? That way the user can fetch data?
Let me know
Thanks in advance.Hi,
If you are using SAP Authentication and Single sign on option in universe connection, the users must have sufficient roles to access SAP BW database.
if not, the only user login which you create during connection creation having roles to access to BW database is enough. In this case, the user can login to Infoview using any user and can access the report if he has priveleges to the report.
Hope this helps! -
Hi ,
I would like to know how can i restrict the access from java front in pi server
I would like to give only all access to the User managerment links and everything else either no display or view details
Rgds
AdityaHi,
I think the following link will be useful in resolving the your problem
http://help.sap.com/saphelp_nw70/helpdata/en/45/b90177cf2252f8e10000000a1553f7/content.htm
Thanks & Regards,
Vidyadhar K -
Help Required in Authorization Roles for Workbooks
Hi All,
In our project, we have a requirement of creating a role for users with below authorizations.
1. Can display and execute the workbooks in the role menu.
2. Can create copy workbooks ( Save as) in the role menu.
3. Can not delete the original and the copy workbooks from role menu.
We are using an authorization object S_RS_FOLD with u2018FALSEu2019 for restricting the user from deleting workbooks.
We also need to add one more object S_USER_AGR (without u2018Deleteu2019 property) to give the authorization of creating copy workbooks in the role menu.
Object S_RS_FOLD this is working fine without S_USER_AGR. But after adding S_USER_AGR (without delete property), user is again able to delete the workbooks.
So how can we achieve both the functionalities where user can not delete the workbook but can create copy workbooks in the role menu.
Thanks,
SachinRe: Adding report (query & workbook, templates) in roles
Go through this thread.
And in our Project we have created one role for accessing workbooks. in that end user can access the work book but saved one and user cannot resave or delete the work book.
we have added Auth objects S_TCODE and S_GUI.
in S_TCODE we have added RRMX and in S_GUI we have given 60(IMPORT) access to the users.
So that they can just share the workbook. nothing else can be done.
Try like this. Hope this would help you.
Maybe you are looking for
-
News from Telstra regarding ANNA
Dear Mr XXXXX Thank you for your enquiry about the Nokia N8 'Anna' software release. Unfortunately, we were not able to release any N8 updates due to an issue discovered with the first update (PR1.1) by Telstra. This update was found to introduce a s
-
Advice needed on CRM Standalone
Hi. We are going to use CRM for our presales transactions (activities, leads, opportunities) and IC help desk. We will not replicate any documents to R/3 hence the decision to implement CRM as a standalone component. Is this a good way of implementin
-
UNpatched Windows Privilege Escalation Vulnerability + Flash exploits
The following has been copied/pasted from http://secunia.com/advisories/64146/ (which, while free, requires registration to view): A [0-day] vulnerability has been reported in Microsoft Windows, which can be exploited by malicious, local users to gai
-
Encore DVD Trancoding fluttering
Hi, I am new to the Adobe products and have limited knowledge in their various products. I would really appreciate some help in regards with transcoding in Encore. So to give as much information as possible here is what i have done so far: Shot Foota
-
Hello , Please help in TOP 5 events we have : Top 5 Timed Events Event Waits Time (sec.) Avg. wait % Total Call Time Wait Class latch free 3,489 8,500 2,436 17.0 Other Latch Activity Latch Name Get Requests Pct Get Miss Avg Slps /Miss Wait Time (s) N