Seeburger Workbench access - restrict users to Message Monitor only
Hi All
Does anyone know if it's possible to restrict users to Message Monitor only access in the Seeburger Workbench?
Hi Andy,
if by "restrict" you mean if you can change the links available in the workbench, then sadly no - this is currently not possible. If you're ok with getting a HTTP Forbidden when clicking on other links than the Message Monitor, then yes - this can be configured within the SAP NetWeaver Administrator -> Identity Management. Check for example to documentation of the Message Monitor
Extracted from there:
Log on to the NetWeaver Administrator (NWA).
Open Operation Management | Users and Access | Identity Managemet (UME).
Create a role and assign the manage action for com.seeburger.xi.frontend.messageidmonitor to that role.
Now you can assign the newly created role to any user you want to grant access to the SEEBURGER Message ID Monitor.
This is for explicitly granting some user the access to the Message Monitor. The manage action is per default set to "Everyone". You need to remove Everyone on the corresponding frontends (search for actions with name com.seeburger.xi.frontend*)
Hope that helps
Greetings
-Sascha-
Similar Messages
-
DateField: Restrict user to select date only from the calender control ??
How can I restrict user to select date only by using the Calender control, not by typing.
AbhinavHi,
This is working perfectly but user can enter or delete date into the text_item >>>through keyboard i want to restrict that they can only select date from calendarSet Insert allowed to 'NO' in property pallete of item ENTRY_DATE.
In ON-ERROR Trigger::
BEGIN
DECLARE
err_code CONSTANT NUMBER := error_code;
err_type CONSTANT VARCHAR2(3) := error_type;
BEGIN
IF (err_type = 'FRM'
AND err_code IN (40200)) THEN
Message('Updates Not allowed, Please Select Your Date from Calendar');
Message(' ');
ELSE
NULL;
END IF;
END;
END;
Thanks,
Bhujendra -
Setting Access Limits in RWB Message Monitoring
Hi All,
In RWB Monitoring -> Message Monitoring -
normally we can monitor all the messages and systems.
Here is it possible to restict a particular 'user' in such a way
that he can monitor only a few messages which is only relevant to him.
Any help will be appreciated.
Thanks in Advance
Regards,
ChemmanzHi All,
Thanks for the quick reply.
This feature is available for SXMB_MONI.
So RuntimeWorkbenchMonitoring ->Message Monitoring is also likely to have this feature.
Does anybody have any idea / any docs available ??
Thx n Rgds,
Chemmanz -
How to restrict user to get values only from F4 in selection screen
Hi All,
We have given a Search hlep for a parameter in selection screen of a report,but now we are facing a issue, whlile executing the report user entering the data directly into field instead of selecting from F4 help.
Do anyone know how to restric the user from entering the data directly.
i have searched the fourm ,but not get any good tread.
Regards
CB
Moderator Message: Search harder, because there are many threads that have discussed the same issue before.
Edited by: kishan P on Dec 27, 2010 4:00 PMYou cna check my reply here To enter the value by selecting values from the F4 help only.
-
Hello,<o:p></o:p>
I am working on an Outlook add-in, where I have a requirement like - User will be
allowed to configure a permitted folder. Now, if "Save/SaveAs" is
used on any of the MailItem, the user should be allowed to save only within the
permitted folder or any of it's sub folder.<o:p></o:p>
Possible approach I could foresee - <o:p></o:p>
1. Filter the "Save/Save as" dialog so that only the permitted folder or it's
sub folder could be selected. Hence, no need to validate the selected path.<o:p></o:p>
2. Apply validation after the path id selected & check if it falls under the
permitted folder.<o:p></o:p>
Limitations/Issues I am facing<o:p></o:p>
1. In approach 1 above, I could not find a way to restrict the path selection to the
permitted folder.<o:p></o:p>
2. In approach 2 above, I could not find a way to capture the BeforeSave event >
apply the validation > cancel the save with a prompt. <o:p></o:p>
I also want to develop Word & Excel add-in on similar lines.<o:p></o:p>
Could someone please guide how to proceed on this?<o:p></o:p>
Thanks!<o:p></o:p>
Thanks, <b>Ankit Shah</b> <hr> Inkey Solutions, India. <hr> Microsoft Certified Business Management Solutions Professionals <hr> http://ankit.inkeysolutions.comYou should be aware that using your proposed Outlook addin will not necessarily prevent users from saving mail items to any folder that is accessible to them through the Windows file system.
I was easily able to use drag and drop to copy a mail item from Outlook 2007's inbox folder directly to a folder in the file system that was opened in Windows Explorer. This would completely bypass your desired restriction.
The same holds true for Outlook 2013. I had no difficulty using drag and drop to copy a mail item from the inbox to a file system folder.
You may want to investigate other data security alternatives. Good luck. -
Clean Seeburger Message Monitor
Hi all,
I have a lot of old message in Seeburger Message monitor. For instance many "Error on send, will be retried" that have been there since 2012. Can I clean this log?Hi,
Seeburger Workbench is an additional layer to monitor message transmission using AS2.
This can be accessed at:
http://server:port/seeburger/index.html
Scenario: From partner ->XI->R/3
In this case,message has to be checked at these levels:
Seeburger Monitor->RWB Message Monitor->SXI_MONITOR->R/3
Scenario: R/3 ->XI->To partner
In this case,message has to be checked at these levels:
R/3 -> SXI_MONITOR -> RWB Message Monitor -> Seeburger Monitor
Hence,in order to have a successful message transmission,a message has to be successful at all these levels.
Kindly let me know if this is fine.
Thanks.
Regards,
Shweta -
User XIRWBUSER does not have authorization for message monitoring
Hi All,
In the Runtime WorkBench, when I choose the Message Monitoring, display Messages from Component Adapter Engine from Database, when I click on the start button, it shows me a error "User XIRWBUSER does not have authorization for message monitoring", how can I configure my xi to get the authorization for message monitoring of Adapter Engine? Thanks!
Regards,
NickHi Nick,
Transaction PFCG. Enter the role you wish to check (SAP_XI_RWB_SERV_USER) and click on the display button.
Check that the Authorizations tab is green. If it is not, then you might need to generate the auth profile. Also check the User tab. If it is not green, then you should do a User Comparison as well (just click on the button inside the tab).
SAP Help URL:
http://help.sap.com/saphelp_nw04s/helpdata/en/52/67151e439b11d1896f0000e8322d00/frameset.htm
Cheers
Manish -
Message Monitoring Tool in RWB for Integration Engine Messages not working
Hi all
We currently work on a Pi 7.11 system. I f we start the runtime workbench and going to the message monitoring, we want to get in to a message in the integration engine. Normaly we should get the same sxi_monitor in the web browser, but we only get the soap envelope. The pipeline steps on the left side and also the payload cannot be seen.
We increased the rights of the user to sap_all but this did not changed anything. We also implemented the J2EE monitoring rule.
Seems to me as we forgot a setting after installation, but which??
Thanks in advance for your help.
OliverHi Oliver,
I work on PI 7.0 and I know it's very different from 7.1x releases, but your problem sounds like a similar "problem" on 7.0.
Is your message sycronous? At PI 7.0 the default configuration is defined to remove the payload of sync messages. You can change it on JAVA Visual Administrator.
Try to find this parameter in Java Visual Administrator and set it to "false", below you will find the PI 7.0 path to this:
Server >> Services >> SAP XI AF Messaging >> messaging.syncMessageRemover.removeBody
I hope it helps,
Marcelo Vieira -
Not able to restrict users from using SU01
Hi ALL,
We are working on roles related to SECURITY ADMINISTRATOR.
The role has been given a transaction SU01D and not SU01.
But the users are able to enter into SU01 through SUIM.
I will illustrate this situation more:
SUIM->USERS->BY LOGON DATE AND PASSWORD CHANGE
Then I entered the user id.Executed.
From the result, I was able to enter into su01 .i.e was able to use the change button of su01.
Please tell me how do I restrict this situation.?
Reagrds,
Ajit.Access to user administration is not only limited to SU01.
Most likely, the threads of this search term will explain why the users can access the transaction screens of user administration: https://forums.sdn.sap.com/search.jspa?objID=f208&dateRange=all&numResults=15&rankBy=10001&threadID=&q=SU01_NAV
Whether the user can complete the transaction is a different story... for that you need to use the application authorization objects (S_USER* objects are a good start - see transaction SU21 for more infos on the application security concept for these objects)
Cheers,
Julius
PS: A troublesom object is S_USER_GRP, because it is important. When the user ID does not have a user group assigned, then the effectivness of this authorization object is weak, which can impact your security (depending on the access of the user without an authorization group)... -
How to Restrict users to change password
Hi All,
I would like to restrict user to change password only defined number of times in a day, Is it possible to do it through group policies.
Please note i am already aware of "Minimum Password age" feature, however i do not want to use it as the minimum value that i can set here is 1 day. I would like to restrict users based on password reset threshold e.g. User can reset his password
in a day only twice or thrice.
Thanx & Regards,
Wasim ParkarIf you want to limit the user to have his/her password changed for a specific number of time every day, I have to say
NO thats not possible. PSO's as other mentioned,can be used to have different password policies. Maybe you can set the msDS-MinimumPasswordAge
to 00:04:00:00 which is equal to 4 hours. It means every 4 hours a user will be able to change his/her password. So in each day a user can change the password 6 times, since a day is 24 hours.
Do not forget a day start from 00:00 AM up to 11:59 PM. So in a 9 to 5 job, a user may change the password 2-3 times.
Hope it helps.
Mahdi Tehrani Loves Powershell
Please kindly click on Propose As Answer or to mark this post as
and helpfull to other poeple. -
Control Access in Message Monitoring
Can I control access to payload within PI-Message-Monitoring? The topic has been discussed already: How to Control Access To Payload
By using the "S_XMB_MONI-authorization-object" I can protect access to payload for certain messages, regardless of viewing it with Transcation "SXMB_MONI" or with "RuntimeWorkbench";
For me it is not clear, whether the "S_XMB_MONI-authorization-object" does only affect messages within the Integration-Server, or does it also work for messages in adapter-engine-message-monitoring? I mean, when using "Runtime-Workbench --> Message-Monitoring --> AdapterEngine..."?
Regards, JosefHi,
It works only for SXMB_MONI (ABAP stack), user on adapter engine can still see payload.
One hint I can give you to explore further, authorization on RWB are controlled by Visual Admin, you can explore something there to block user to view payload on RWB.
I am exploring it and will update you.
Regards,
Gourav
reward points if it helps you -
Message Monitor - Access rights
Hello,
we want to give some user access rights to look into Message Monitor to track the transfer of IDOCs.
Basically we have the role Role_SAPMEINT which lets us take look into the queue monitor but not the message monitor.
By which UME roles or UME actions is this part is accssible for the user.
I don't want to give the user SAP_XMII_Admin role.
Regards,
KaiIt looks like there are some Actions for the Message Listener Monitor listed in the MII help.
Actions for Permissions - SAP Manufacturing Integration and Intelligence - SAP Library -
Resend Message from Seeburger message monitoring
Hi friends,
I want to know that is there any possiblity of resending the message from Seeburger message monitoring tool.
One of the messages failed due to a problem in sender ID.
I want to resend this message. is it possible ?
Note: Message send out successfully from communcation channel to AS2 adapter.
Thanks
Sunil.Hi Sunil,
Please let me know what error you can see in Seeburger Workbench.
In My view you can see the below type of error with State u201CError on send, will be retriedu201D
If Any Message failed in AS2 Adapter may be due to any reason
1. Wrong Sender/ Receiver ID
2. Wrong URL
3. Firewall rules are not in place
4. Partner Production site is down and you are unable to connect to him
Messages with above errors will appear with Success Flag in SXMB_MONI. But they will be caught by Seeburger Adapter and will be in the Error Status in SEEBURGER WORK BENCH
The only way to find/restart those messages is go to Runtime Work Bench Messages Monitoring --> Messages form Component (Adapter Engine) ---> System Error Status.
Any Message which failed in Seeburger Level can be seen only in Runtime Workbench.
Regards,
Rama. -
Seeburger Workbench: Recovery Monitor and Archiving
Hi,
We need to have Recovery Monitor and Archiving enabled in our Seeburger Workbench.
It was there earlier when we were able to recover sent files if the message is failed in Seeburger Monitor.
But when we had Seeburger upgrade from 1.5 to 1.7,these (Recovery Monitor and Archiving ) are not working.
We need to fine out what is missing in this installation.
Can anyone please let me know if I can do something as a developer to enable this or if it has to be done by BASIS team,then can I get the details of steps involved in order to enable this ,as they are not very familiar with seeburger installation.
Thanks in advance for your help.
Regards,
ShwetaHi Prateek,
Thanks a lot for the information.
As I understood,there is nothing that I can do for this.
Also,we have clustered environment.
Recovery jobs from adapter version 1.5 do not comply with version 1.7. So remove or process all jobs that have been created by 1.5 versions before updating to v1.7.
But if this is not done,is there anything that can be done now to enable this again.
Also,the note says that these bugs are fixed,then why we still have these problems,do we need to install some SPs to fix this?
Thanks again.
Regards,
Shweta -
How can i restrict user to access database object (procedure) or JSP
Hi
I have 9ias infrastructure 902, on win2k box with 9i DB.
and I have one PL/SQL web application and another J2EE application both are hosted by 9ias 902.
Now we are looking forward to couple both with SSO.
I have deloyed samples of both and works fine.
Each application have different set of users, i mean there is no common user.
How can i restrict user not to view the web page which is not authorised to them.
as far as i understand from the Grocery demo is pick the role (which is a string only) from OID and programaticall apply security via if else endif construct.
can any one through light upto my concern.
regards
[email protected]Hey Mary
No i haven't try to do that via pl/sql....
as the our application is j2ee app... deployed in oc4j.. with sso and ldap....
still finding to do so....
what i have realized that LDAP is just to store user information in inverted tree... and one have to build separated access security mechnisum that will be applicable to j2ee system....
thanx...
samir....
Maybe you are looking for
-
Query for all hours in a month?
Hello, I was hoping someone might be able to assist. I need to query for all the hours in a user specified date range (generally a month). For example, a query such as: select all hr_end from dual where start_date between '01-feb-2010' and '28-feb-20
-
Experts:- In APP we can make the payment Business area wise, in this we can select in "Seperate payment per Business Area" Check box select in the 1st step:- but their requirement to Pay payment in the cost Center wise, how is it possible, what we ca
-
Hello Gurus, I have a question concerning Price Determination. I have two company codes: X (Main Company Code with warehouse) and Y. For an Intercompany process, I need the price of the Purchase Requirement or Purchase Order from company code Y, to b
-
Cant access lync control panel
i have troubles opening the lync server control panel, when i login using my administrator i get "navigation to the webpage was canceled". to get the obvious out of the way: - DNS record for admin already added, pointing at lync FE server - The user,
-
How to delete an application in Itunes
I want to remove an application from BOTH my iPhone and my iTunes library. I'm a mac user. I can easily remove the app from the iPhone but it stays forever in iTunes. I want also to get rid of it in iTunes. Can anyone help me? Thanks