SAP BW Roles for CPIC user to use in Univ Connection

Similar Messages

• Need SP_TN for specific user must use specific document series and warehouse in Marketing Documents

  Hi experts,
     I need SP_TN for specific user must use specific document series and warehouses in Marketing Documents SAP B1.
     Kindly give solution ASAP.
  Thanks in advance

  Hi Nagarajan,
     It show (1) Not allowed to add PO.
     I used the following SP
  IF  @object_type = '22' AND @transaction_type IN (N'A',N'U')
  BEGIN
  IF Exists
  (SELECT T0.DocEntry FROM POR1 T0 INNER JOIN OPOR T1 ON T0.DocEntry = T1.DocEntry
  WHERE  T1.DocType = 'I' AND T1.Series = '142' OR T1.Series = '145' AND T0.[WhsCode] = 'STEX-01'
  or T0.[WhsCode] = 'STNEX-01' and T1.[UserSign] ='1'
  and T1.docentry = @list_of_cols_val_tab_del)
  BEGIN
  SELECT @error = 1
  SELECT @error_message = 'Not allowed to add PO'
  END
  END
  warm regards,
  Guhan

• How to disable the validity of a particular Role for 100 users, in a single

  Hi
  How to disable the validity of a particular Role
  which is assigned to 100 users. (disabling the role of change the validity of the role )
  at present am doing manually, by entering into each user and changing the validity of the role
  Thanks.

  > How to disable the validity of a particular Role for 100 users, in a single ...
  ... shot?
  Assign a reference user to the 100+ users and create events in the factory calendar which assigns and removes the role from the reference user only.
  The downside is that it is not scalable for many of the same concepts at the same time, because a dialog user can at one logon time only have one reference user assigned to them.
  Cheers,
  Julius

• What privileges for the DB account used by client connect to server?

  Hello, After I installed the SBO server packages, I found that it must set DB account in the client side.
  I had tried 'sa' account, it works. but I thought we should not leave the super account in each client side.
  So I want to know what privileges should be assiged to the account in SQL Server?
  Or somewhere already have documents to say how to build up the client account.
  thanks.

  Hi,
  You may check: What privileges for the DB account used by client connect to server?
  Thanks,
  Gordon

• Not able to fetch Roles for an user using HWF Identity XPath

  Hi,
  I am not able to fetch list of roles for a specific user using Human Workflow, Identity XPath. Using Script Activity when I am trying to call the menthod, the method doesn't return Role details. Any help will be appreciated...

  That's the rules of how it works.  A request has 1 request form per resource for all users on the request.  Those fields must all be marked as available in bulk as well to be viewed if you have more than 1 user on the request.  If you need to provide different values based on the user, your best option is pre-populate adapters on the process form and use logic to populate the fields.  You will not be able to manually provide different values during the request.
  -Kevin

• How to assign the role for created user  thru dynpro App

  Hi All
  How to assign the role for currently created user from Webdynpro App.
  when i enter into the portal after creating the user
  i am getting the following messgae in the portal
  "No portal roles are assigned for this user.If this problem persists, contact your system administrator."
  how to assign the user defined role for the created user from dynpro App
  Regards
  Dhina  Kar J
  Edited by: Dhinakaran Jeyachandran on Feb 1, 2008 12:19 PM
  Edited by: Dhinakaran Jeyachandran on Feb 1, 2008 12:35 PM

  In the User Administration section of your portal find your newly created user and below select "Assigned Roles" tab then press <Modify> button and look through available roles on portal then just simply add and save. But if you want to do it programmatically see below:
  IUserAcountFactory userFactory = UMFactory.getUserAccountFactory();
  // IUser - read only but with IUserAccount is possible to set up user data
  IUserAccountSearchFilter userFilter = userFactory.getUserAccountSearchFilter();
  userFilter.setLogonUid("superuser", ISearchAttribute.LIKE_OPERATOR, false);
  ISearchResult sr = userFactory.search(userFilter);
  for (final Iterator i = new PrincipalIterator(sr); i.hasNext();) {
    IUserAccount user = (IUserAccount) i.next();
  Execute the same search for IRole (or IGroup if needed) get the unique id of them and use newRole(...) and addUserToRole(...) methods from IRoleFactory.
  Of course you don't need search for this principals if you know uniqueness of them. Use appropriate factories to get'em all by this unique id.
  All the features see in  [javadocs|http://help.sap.com/javadocs/NW04S/current/se/index.html]

• Hundreds of roles for a J2EE application using SSO/OID

  We are starting to develope a J2EE software that will have hundreds of logical roles. These logical roles must be assignable to users and groups on OID.
  When prototyping this scenario, we were not able to make this work well enough. Namely, in OIDDAS (which will be used by the end users to administrate users), all the "role groups" and user groups are always shown in one listing.
  Ideally, what we would want is to only have configurable user groups visible in OIDDAS and all the fine-grained roles would be assignable to users and groups separately. Tthe "Roles Assignment" section in user/group edit screen is quite close to the idea though having hundreds of low-level roles listed there will make administration a bit complex.
  We have also considered hiding the raw "role groups" from OID by moving the low-level administration to Enterprise Manager, where multiple logical roles would be mapped to composite OID groups. However, we currently don't see this as a viable option since we don't want to allow normal login administrators access to OEM where they can break too many things.
  How have you guys solved the problem of mapping hundreds of roles to user-configurable groups and users? What would you suggest? Is our planned approach (map logical roles to LDAP groups) the wrong way to try to solve the issue? What would be a better way?
  Thanks in advance,
  Keke

  Hi Peter,
  Thanks a lot for your post.
  My requirement is such that I have to fetch nodes from WLP content management system and all the associated data (content, security related info) with that node. Since security for a particular node is in the form of roles, I need to fetch the roles list for the node under processing.
  However my application requirement is such that any user can ask for retrieval of node(its contents). In that case I need to check whether user lies in the list of roles defined for the current node (node for which user asked).
  Thus my requirement becomes: Checking whether a user is in the given list of roles.
  A careful investigation if the API's helped me find out a method isUserInRole(role, rolemap), but this method provides information for the logged in user only.
  My application will login thru admin credentials(weblogic, weblogic) and will chekc other users say bryan, linda are in the roles list of the nodes under procesing.
  Please guide.
  Regards,
  Shakti

• Creation of auto approval process for assigning role for a user in oim11g

  currently i'm doing a scenario like a user must be automatically assigned to a role by using approval policy where the user is already there in oim and then we use csv file in that we take 2 columns like userlogin and role name so by running this scheduled task user must be automatically approved to that role.But i have to use the default auto approve policy in oim without creating any bpel process for that so can any one suggest me how to proceed with this scenario.
  Thanks in Advance for quick response.

  If I understand correctly, You have users and their respective roles in csv file. Users are present in OIM. You want to assign those roles in csv file to respective users?
  If this is the scenario, you need to write a custom code for schedule task which will read data from your csv file, create roles and assign them to respective users.
  to create custom schedule task in OIM 11g, you may refer to:
  http://docs.oracle.com/cd/E21764_01/doc.1111/e14308/scheduler.htm
  regards,
  GP

• Report or ways to find who removed portal roles for an user id ?

  Hi Experts,
  Scenario: if admin removes super admin role or any other portal role for my id. is there any possibility to see who exactly deleted the roles for my id?
  Many Thanks
  Sekhar

  HI,
  as Anja wrote, this is not possible with a default installation of the SAP Portal.
  What you can do is to provide role provisioning with IIDM, GRC or ABAP user store solution instead of giving the portal admin the permission to change role <-> user attribution.
  br,
  Tobias

• Business role for technical users

  Hi,
  Does SAP deliever a crm 7.0 business role for technical/consultant users? I need to get access to the configuration mode i the webclient where I can change and add new fields. Can anybody help me?
  Thanks,
  regards Camilla

  Hi Camilla
  Check Best Practice Guide C04.
  Create the Power User role as instructed in the document.
  This will enable to to complete configuration tasks.
  Regards
  Arden

• How to Automate to Add a Role for 250+ Users in One Shot ?

  Hi all,
    How can I add a Role 'X' for 250+ User in one shot. I could go to SU01 for each User and add a Role 'X' manually, but it will take at least more than two hours. Is there any automation to accomplish this task, PLEASE ?
  Thanks.

  Look at the How To paper on maintaining authorizations through flat file...
  <a href="https://www.sdn.sap.comhttp://www.sdn.sap.comhttp://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/1d8ea990-0201-0010-43b3-d13b83e2bf20">How to maintain authorizations through flat file</a>
  Hope this helps.

• SAP standard roles for Mii inside of objects?

  Hi,
  It is our practice to rename SAP standard roles we plan to use "as is" to our company's naming convention.  I am being told by an Mii implementer that Mii uses the standard role names in objects and that by changing these names to our convention, I will create "complications" in their implementation process.  I find this hard to believe, it would be a departure from what (little) I know about SAP and how they handle authorizations and roles.  It also seems to be very limiting when it comes to customization in the future.
  Is this true?  Does Mii name standard roles inside of objects? (These "objects" were not clearly defined to me and I plan on calling a meeting so they may show me examples.)
  Anyone else on Mii have this issue?

  As far as I know, in Mii a user typically needs at least one of these roles:
  SAP_XMII_User
  SAP_XMII_Developer
  SAP_XMII_Administrator
  You can of course add additional roles with the authorization the different users require using your own naming convention.
  I think this is what the Mii implementer is talking about.
  Good luck!

• Is it possible for one user to use Aperture and another iPhoto?

  I have a new imac 21.5", 3.33ghz, 4gb and I was wondering if it is possible for me as admin user to handle camera downloads automatically with Aperture, and my wife as second user to use iPhoto as automatic camera destination? Any comments would be appreciated.

  If you want to use the same account there are a number of possibilities:
  1. Set both Aperture and iPhoto to Do Nothing when a camera is connected. Then each one can launch their preferred app themselves. It's just one extra click.
  2. Use [Cameras|http://www.flexibits.com> to configure what happens when different cameras are connected.
  Regards
  TD

• Is it possible for multiple users to use a "generic" account simultaneously without screen sharing?

  Hey and thanks for checking out the thread.
  I am wondering if it is possible to have users use a generic account at the same time without any sort of screen sharing.
  I have set up a generic user account (for example useraccount, password 1234) for users to use in the time before I can set up a custom user name for them. However, I have run into some issues with this.
  When multiple users log on using this generic account, their applications seem to be shared on each screen. In the room with multiple Mac workstations, if someone starts working on Photoshop, Photoshop will open on every one elses screen who is logged on under that generic account.
  Is it possible for users to log on using a generic network account and have their own isolated work environment or is this sort of sharing a feature? I am new to Mac servers and am not sure.
  Thanks for reading the thread.

  That shared-account approach seems impractical for the various reasons you've identified, as well as the inevitable issue of cleaning up the detritus that'll inevitably build up in a shared account, and for the lack of accountability for activities occuring under the shared account for both auditing and security, and sharing directories would tend to introduce obscure conflicts around which-file-version-wins file updates when the same file is used in several places, and would probably be contrary to any per-user application software licensing agreements that might be involved.
  Put another way, get unique accounts created for folks, and work toward the ability to create accounts for arriving folks, and — if it's applicable here — talk to management about getting any per-user software licensing issues sorted out, whether that's having spare copies purchased and ahead or some advanced notice on accounts, or establishing group software licensing where that's available.
  AFAIK, there are tools around which can automate account creation, too.  Either generic, a tool such as Passenger, or it's certainly feasible to script the account creation sequence.
  Trying this shared-access generic-account approach just looks like it can create more work and more hassles and more effort to me...

• A workaround for Aperture users to use .Mac Web Gallery

  As a user who recently switched to Aperture - I was hugely disappointed seeing some amazing new photo-related features in iLife '08 not available for Aperture users. Let alone the cash for purchasing software suites, I can't convince myself switching back to iPhoto for a single feature. So I googled and searched around...
  Some pre-requisite for the workaround: You must have iLife '08, Aperture and .Mac installed.
  _*Solution 1*_
  Create an album in Aperture that contains the images you want to upload to your .Mac Web Gallery. In iPhoto '08, create an empty library, then File > Show Aperture Library, choose the album and import images from there.
  The downside of this is the images are your Versions in preview quality.
  _*Solution 2*_
  Export Versions from Aperture and import the images to iPhoto and perform the upload.
  _*Solution 3*_
  For users building websites in iWeb, I have seen threads that one could use the media browser in iLife suite to perform similar result but it also limits to the preview quality of Aperture.
  I would have to say even the workaround is hugely disappointed but I can't see any other solutions at the moment. I couldn't recall my last ocassion on having such disappointment for Apple's software development.

  Apple really needs to rev. Aperture so it sends photos directly to the new .Mac Web Galleries.
  Everyone needs to go here:
  http://www.apple.com/feedback/aperture.html
  And voice there opinion there to get this added to Aperture.
  Thanks, Scott K.