Roles for User

Similar Messages

• Changing role for users

  Hi,
  in forms 10g , it's possible to change the role for user
  REVOKE role_name FROM :USERNAME;

  This should work, but the user revoking a role from a different user needs to have the admin option of this role.
  When creating a role, by default the "Admin option" for that role should be enabled for the user creating the role.
  Normally, this would be the schema-owner of the application objects ...
  A user holding the "admin option" may grant a role to a different user and grant the other user "admin option" on this role...

• HI,how to find roles for user based on userid?

  hi,
  i need to find roles for each user based on user id.
  can i know any one knows this how to get roles for user?
  thanks,
  jpullareddy

  hi,
  i solve my self.
  i am getting values
  jpullareddy

• DEFAULT ROLE FOR USER

  I swich to Oracle11g express and create user
  CREATE USER LEO
  IDENTIFIED BY xy
  DEFAULT TABLESPACE USERS
  TEMPORARY TABLESPACE TEMP
  PROFILE DEFAULT
  ACCOUNT UNLOCK;
  -- 3 Roles for LEO
  GRANT AUTHENTICATEDUSER TO LEO;
  GRANT CONNECT TO LEO;
  GRANT FER_ADMIN TO LEO WITH ADMIN OPTION;
  ALTER USER LEO DEFAULT ROLE FER_ADMIN;
  -- 1 System Privilege for LEO
  GRANT CREATE SESSION TO LEO;
  -- 1 Tablespace Quota for LEO
  ALTER USER LEO QUOTA UNLIMITED ON USERS;
  and after login i check
  select * from SESSION_ROLES
  and i have none role
  if I set role all works fine.
  Why I doesn't have DEFAULT ROLE after login.
  Pleas for help .

  here is the solution
  default roles and grants
  Edited by: Leo Lakota on 4.10.2012 5:52

• Roles for user in supplier self-registration

  Hello everyone,
  I was checking the configuration guide for Strategic Sourcing and for Servece Procurement and I have a doubt.
  For supplier self-registration is needed an anonymous user, but in the guide for Strategic Sourcing says that the roles for this user are SAP_EC_BBP_CREATEUSER and SAP_EC_BBP_CREATEVENDOR, however, in the guide for Service Procurement says that the roles are SAP_BC_BASIS_MONITORING and SAP_EC_SUS_ADMIN_VENDOR
  What are the right ones?
  Thanks,
  Ivá

  Hi,
  The user should  have the  roles: SAP_EC_BBP_CREATEUSER & SAP_EC_BBP_CREATEVENDOR.
  This user is maintainted in ROS client BSP service ROS_SELF_REG in Log on Data
  with ROS client, user ID and password.
  BR,
  Disha.
  Do reward points for useful answers.

• Oracle Role for User Administration

  Hello,
  I am a DBA. We have a separate group that maintains oracle user accounts within an oracle database. We would like that group to maintain users (add/remove users from database, add/remove roles, etc.) but we do not want to give them the 'DBA' role for security reasons. Ideally, we want to grant them a role that gives them the ability to administer users but not do anything else.
  Does a role like this exist within Oracle? If not is there a workaround to obtain this type of functionality?
  Thank you!

  Do you have this actually working? I have it complaining about permissions on the line that tries to create the user. I thought oracle restricted doing this for security reasons. I am creating this as a user with the 'DBA' role and then when I try to execute it as the same user (which can create users normally) I get this error:
  SQL> exec system.create_user('troy1','troy1');
  BEGIN system.create_user('troy1','troy1'); END;
  ERROR at line 1:
  ORA-01031: insufficient privileges
  ORA-06512: at "SYSTEM.CREATE_USER", line 4
  ORA-06512: at line 1
  And here is the code (based off of the example)...
  CREATE OR REPLACE PROCEDURE create_user( p_username IN VARCHAR2, p_password IN VARCHAR2 )
  AS
  BEGIN
  EXECUTE IMMEDIATE 'CREATE USER ' || p_username || ' IDENTIFIED BY ' || p_password || ' DEFAULT TABLESPACE users ';
  END;
  Any ideas?

• I can not find sap_bc _jsf_communication role for user sapjsf user

  hi Masters,
              when i am trying  to create user in portal, it showing error message. " an error occured in  persistence .Please contact system administrator"..
           i found there are no roles assigned to sapjsf user. we need sap_bc_jsf_communication role  for sapjsf  user.. But there are no roles assigned to sapjsf user.
  how can i assing the sap_bc_jsf_communicaiton role to sap jsf user. Pease give reply.
  POrtal and r3 are installed in one system only on db2 database.
  Edited by: sujana mullapudi on Dec 7, 2009 4:34 PM

  hi ,
  I have checked the sapjsf user roles  in su01 t-code- r3 side. for sap jsf user the two roles sap_bc_jsf_communication and another role sap_bc_jsf_communication_role(something Like). these two roles already exist for sapjsf user in r3 system.
  but in portal side the roles are not exist . can you tell me whats the reason, and please reply me.

• Remove T Code for each ROLE for user

  Hi Experts
  Can anyone tell me how to remove the T code for each role which was define individually for users Eg
  CR01 has been assign to 50 users, the difficulty is I have to go to each role then search for CR01 t code then delete and again generate the Authorization
  In this way there are so many t codes which I have to go one by one to delete it.
  Any help to remove the t-code for each role through any way.
  regards
  Piroz

  try the Security forum at Security
  they might have trick (such as CATT scripts).
  doing this via SQL commands is dangerous. avoid this solution if you are not 100% sure of its impact.

• Read-Only Role For User Admin

  Hi, I am trying to implement a role that would enable a user to have the same functionality as the out-of-the-box User Admin role, but that this user would not be able to actually create or modify users, roles assignments, etc.
  The idea is to have a 'Display' role - with read-only access.
  The solution we are comtemplating right now involves getting the source code from SAP, copying it, and modifying it - disabling any interaction. We would then create new iviews, pages, etc from there only for this role. This is a tedious task.
  Any ideas on how else this can be done?
  Thanks

  I have only managed to do this by creating a role and assigning the relevant User Admin iViews to the role and then changing the End User Permissions on the role.
  I assigned the ReadAll Premission. That did the trick for me.
  Groups unfortunately require the manage_groups Permission, so we do not allow the viewing of groups.

• User role for user authentication in a SOAP receiver channel

  Hi,
  What is the role required for a user in a SOAP receiver channel. This user is specified in the User Authentication while configuring the channel.

  Hi,
  User Authentication is not mandatory but If your Web service requires logon data, select the Configure User Authentication checkbox and fill in the corresponding fields.
  If the Web service is outside your system landscape and you need to address a proxy
  server, select the Configure Proxy checkbox.
  The sender SOAP adapter does not require a SOAP action, but you always have
  to apply logon data when using the SOAP adapter. In the central adapter engine
  you can use a service user such as xiappluser; in a non-central adapter
  engine or a PCK you must use one of the user names assigned to security role
  xi_adapter_soap_message for component XISOAPAdapter.
  Regards,
  Divya

• Role for User Administrator(Read only)

  Hi All,
  I want to create a role just like the role ofUser Administrator.But I want to make it read only.I want that the end user can perform search operation,can see the locked user,can see the roles but can't delete the user.Basically ,they shouldn't able to do the modification.
  Any suggestions will be appreciated.
  Paritosh

  I have only managed to do this by creating a role and assigning the relevant User Admin iViews to the role and then changing the End User Permissions on the role.
  I assigned the ReadAll Premission. That did the trick for me.
  Groups unfortunately require the manage_groups Permission, so we do not allow the viewing of groups.

• What authorization-roles for user login (java stack)

  Hello SAP-Fans ,
  which authorization role needs to be assigned to the users for logging into a java-stack on port 50.000?
  We always get the error-message: "Error 403 forbidden, You are not authorized to view the requested resource."
  I know this is a beginner's question. Java is completely new to us.
  Thanks in advance
  Danny Winn

  Hi Danny,
  Welcome to SDN,
  Logon to the portal with the user Administrator, go to User Administartion and create a user for yourself by assigning Super Admin Role.
  portal Url must be http://<host.fqdn>:50XX0/irj/portal where XX is the system number in this case 00.
  You will able to see at the user admin tab all the SAP standard roles.
  regards
  Juan
  Please reward with points if helpful

• Backend BW roles for users needed when running reports in infoview?

  Hello all,
  We are using SAP BI Queries as the sources of our universes, the user is going to logon to infoview to run report in webi. We have created some access levels in CMC to restrict users, the question is - the user will still need some kind of backend BW roles to have access to the BI query that is developed in BW system right? That way the user can fetch data?
  Let me know
  Thanks in advance.

  Hi,
  If you are using SAP Authentication and Single sign on option in universe connection, the users must have sufficient roles to access SAP BW database.
  if not, the only user login which you create during connection creation having roles to access to BW database is enough. In this case, the user can login to Infoview using any user and can access the report if he has priveleges to the report.
  Hope this helps!

• Java role for User Management

  Hi ,
  I would like to know how can i restrict the access from java front in pi server
  I would like to give only all access to the User managerment links and everything else either no display or view details
  Rgds
  Aditya

  Hi,
  I think the following link will be useful in resolving the your problem
  http://help.sap.com/saphelp_nw70/helpdata/en/45/b90177cf2252f8e10000000a1553f7/content.htm
  Thanks & Regards,
  Vidyadhar K

• Help Required in Authorization Roles for Workbooks

  Hi All,
  In our project, we have a requirement of creating a role for users with below authorizations.
  1.     Can display and execute the workbooks in the role menu.
  2.     Can create copy workbooks ( Save as) in the role menu.
  3.     Can not delete the original and the copy workbooks from role menu.
  We are using an authorization object S_RS_FOLD with u2018FALSEu2019 for restricting the user from deleting workbooks.
  We also need to add one more object S_USER_AGR (without u2018Deleteu2019 property) to give the authorization of creating copy workbooks in the role menu.
  Object S_RS_FOLD this is working fine without S_USER_AGR. But after adding S_USER_AGR (without delete property), user is again able to delete the workbooks.
  So how can we achieve both the functionalities where user can not delete the workbook but can create copy workbooks in the role menu.
  Thanks,
  Sachin

  Re: Adding report (query & workbook, templates) in roles
  Go through this thread.
  And in our Project we have created one role for accessing workbooks. in that end user can access the work book but saved one and user cannot resave or delete the work book.
  we have added Auth objects S_TCODE and S_GUI.
  in S_TCODE we have added RRMX and in S_GUI we have given 60(IMPORT) access to the users.
  So that they can just share the workbook. nothing else can be done.
  Try like this. Hope this would help you.