Transactions in Specific Role

Similar Messages

• Check if a user has a specific role

  Hello,
  Is it possible to check if a user has a specific role in MII 12.0?
  For example if the user has the role "xmii Developers" I would do something more in a transaction than if the user doesn't have this role.
  Thank you for your help.
  Regards,
  Matthias

  Hi Matthias Pröller ,
  Are u finding difficulty to trace which role user is assigned to? If so, then u can refer Abesh's Blog.
  OR
  If you are writing Transaction to get user list based on Role , then u can do following
  Create XML query.
  Configure above XML Query in Transaction, in links map (XML Query) URL like given below
  "https://Server:Port/XMII/Illuminator?service=admin&Mode=UserList&Content-Type=text/xml&group=XMII Administrators&IllumLoginName=loginId&IllumLoginPassword=pwd"
  Regards,
  Padma
  Edited by: Rao on Mar 31, 2009 11:52 AM

• Transfer customer specific Roles assigned to a customer from R/3 to CRM

  Hello dear all,
  on R/3 side there are customer specific roles defined and assigned to customers. These roles are sales area depending.
  On CRM side we plant to uses the Employee Responsible relationship to build up these customer specific roles. To differentiate these roles we want to use the partner function which is assigned to the sales area.
  Can anybody show me how to do the initial load of the CRM system and map the role to the Employee Responsible relationship?
  I assume that I have to create a own mapping function module to realize this. Where do  I register this function module so it will be used during the initial load? How do I debug these functionality?
  A similar functionality we have to build up in case of the upload to the R/3 system. There we have map the Employee Responsible relationship to the specific role and assign it to the customer. Where do I register this function module?
  Thanks for your help!
  Best regards
  Michael

  hi
  In order to replicate the ECC customer to CRM customer the following steps (tips) might be helpful to you:
  First a Mapping structure should exist between business partners in SAP CRM and ERP ECC Customers in both the directions. In the ERP ECC system you can see this mapping using transaction /nPIDE
  You should create your own account group for the data transfer from SAP CRM to ERP ECC
  In SAP CRM, the roles sold-to party, ship-to party, bill-to party and payer are assigned to the classification Customer and the customer is assigned to exactly one account group in ERP ECC
  For consistent distribution of Business Partners with identical numbers in both the systems, the internal number range (ex. 1-5999) should correspond to an external number assignment in the ERP ECC system or vice versa. Thus a business partner is given the same number in both systems.
  For data exchange to be successful, you must ensure that the field control (mandatory fields) between the CRM system and the ERP system matches.
  Besides Both SAP CRM and SAP ECC can talk to each other only when there is some settings done in the middleware. And for the CRM only a small plugin is needed for the ERP/ECC Connectivity.
  Now whenever you have both the system mapped then if you create a BP in CRM it will automatically flow in the ERP System. And also the vice versa. As for the roles are concerned, the roles like ship-to-party and some few specific roles are mapped in ECC system. For a complete look at roles matching have a look at the following link.
  http://help.sap.com/saphelp_crm50/helpdata/en/52/cff837a9aae651e10000009b38f8cf/frameset.htm
  Once you have created a BP in CRM it will be created in some Account group in ECC. And in that AC GRP you will be not be able to create the Customer with identical ID. So if your systems are connected then even manually you also cannot create same BPs.
  And for all of these the PIDE settings in ECC needs to be maintained properly.
  Hope it serves your purpose
  best regards
  ashish

• How to create business partner in a specific role

  Hi experts,
  We are implementing CRM 4.0 Business package in EP 7.0.
  When we checked the business partner creation screen, we couldnt find an option to create the business partner in a specific role (eg, prospect, sold to party, ship to party etc).
  When we create a business partner, it is automatically added to the "business partner - general" role.
  Can anyone suggest us how to enable the option of adding to different roles from the BP creation screen itself?
  Thanks alot in advance
  Shobin

  Hi Shobin
  For Creating a BP with only one specific role.
  You can enhance the BP by creating a transaction code that allows you to create BP only with specific roles.
  Tx code: to create a transaction code is SE93
  To assign the Tx code to a specific role related activity: BUSF
  Hope this would help.
  Regards,
  Rekha Dadwal
  <b>You gain a point for every point that you reward. So reward helpful answers generously</b>

• T codes in a specific role

  Hello gurus,
  I have several roles assigned to me. I need to know what t codes a specific role is composed of !! Specifically, I need to know what t codes that my role "XXXX_DEVELOPER" is letting me access ?
  Thanks in advance.

  Table AGR_TCODES gives you only transaction codes from menu. You can still have access to additional transactions if somebody manually adds S_TCODE.
  Another way how to check it is to display authorization buffer in SU56 and look for S_TCODE.
  Cheers

• Restriction of Time-dependent data (Cost Center) according to a specific role

  Dear experts,
  Has some one of you implemented a functionality to restrict Time-dependent data (for example, Cost Center) edition, according to a specific role assigned to an End user?
  I imagine it is possible, but we should develop an User-exit in order to get this goal.
  Let your comments here if possible, so that I can argue with my End user. I will try to give you points if you help me with this query.
  Thanks & Kind Regards,
  Daniel.

  Hello All!
  We have talked to Authorizations specialist and he indicated a customizing transaction in FI-AA module called ANSICHT (IMG -> Financial Accounting -> Asset Accounting -> Preparing for Production Startup -> Authorization Management -> Process Asset Views). In this customizing, it is possible to edit an existing asset view and turn on/off fields according to the company needs.
  Afterwards, you should request some adjustment in the roles that contain the A_A_VIEW authorization object.
  I am considering this question as "assumed answered'.
  Regards,
  Daniel

• Lock Transaction for Specifi Users

  Dear All,
  Good Day,
  We are planning to lock the transaction for specific user who doesnot use the transaction more than 3 months.
  Please suggest me what will be the procedure.
  Thanks in advance,.
  Best Regards,
  Suresh Kumar K

  Hi Suresh,
  Your idea of restricting users in using t-code is good practice. But as of now there is nothing like you can restrict user by locking t-code only for tht user/users alone.
  1. You can lock the T-code but this will affect entire system.
  2, You can remove t-code from the role, but this affect other user and if you wanted to make another role for only this user it will start getting to be tedious job, since you have to delete some roles create some other and alos user may use some t-code once every quarter for some of quarter end results and you have to seperate these t-code from others which was not possible, this will not workout so easily.
  The only option could be probably if user doesnot login for more than 3months just lock him.
  Regards...

• How to get the assignees for a specific role in process in BPM 11g

  Hi, Gurus,
  I am using BPM 11g. I am trying to retrieve all the assignees for a a specific role in process. It will be a parameter for a business rule to do further routing rule. But it seems there is no way to get the information. I found that there are Identity Service Functions in Human Task Assignment. But Identity Service Functions are not listed in Business Rule Activity, neither listed in other activities except Human Task Assignment. I cannot get the assignees in my process.
  Is there any way to get all the assignees for a role? I also tried to retrieve the assignees out engine with Worklist API, but it cannot get either. Actually we can get all the assignees information in automatic activity in OBPM 10g. Maybe I am still not familiar with 11g. Any advice is appreciated.
  FYI:
  My scenario:
  Suppose we have a role named ApprovalTeam. In this role, there will be several different department manager (BPM User) added in the role through Workspace. At run time, a request (With department info) with go through the approval by ApprovalTeam. A Business Rule Activity with decide which department manager will approve this request. Different department request will be dispatched dedicate managers, not all the managers in the role. I have an external JavaBean to get the department information from LDAP. To do the routing, I also need know all the department managers (BPM User) in the ApprovalTeam role. Then I can compare which department manager is matched with the request and assign the task to him.
  Thanks a lot,
  James
  Edited by: James Piao on May 31, 2010 6:25 PM

  or this?
  SQL> select text from ALL_VIEWS
    2  where VIEW_NAME
    3  ='EMP_VIEW';
  TEXT
  SELECT empno,ename FROM EMP
  WHERE empno=10

• Hiding Options in Context Menu for Specific Roles

  Hi SDN,
  We have navigation iview assigned to some of the users. There appears context menu and the items in it. We need to remove some of the options like copy, move for the specific users.
  How to achieve this specific requirement of hiding few of the items in context menu of KM Folders and files for specific users or roles?
  Thanks in advance
  Regards,
  Ganesh N

  Hello!
  In Portal KM, set Permissions on folders for this users (Group of users) - Read.
  Other way - you can edit Ui Commands of Layoutset - which is used in iView,then create copy of iView (not delta link) and delete commands you don't want to show, then assigne iView to your specific role
  Best regards, Ivan
  Edited by: Ivan Kalahryu on Dec 16, 2008 10:05 AM

• Reloading JSP for a specific role's users

  Hi all,
  We have a web application using JSPs.
  Our application has users and roles. A user is associated to a role. These are defined in 2 tables:
  create table role
  ( id int not null primary key,
    name varchar(50) not null )
  create table user
  ( user_name varchar(50) not null primary key,
    user_password varchar(50) not null,
    role_id int not null foreign key references role(id) )
  For example:
  insert into role values (1, 'HR')
  insert into user values ('michaelK', 'password', 1)
  insert into role values (2, 'Payroll')
  insert into user values ('babarA', 'honest', 2)We have 2 tables where we store all our application's web pages and buttons on each page:
  create table web_page
  ( id int not null primary key,
    name varchar(50) not null )
  create table web_page_button
  ( id int not null primary key,
    name varchar(50) not null,
    web_page_id int not null foreign key references web_page(id) )
  For example:
  insert into web_page values (1, 'Personal_Info') // "Personal Info" Screen has 2 buttons: update and cancel
  insert into web_page_button (25, 'update', 1)
  insert into web_page_button (26, 'cancel', 1)We have a requirement that the administrator want the facility to enable/disable buttons on each web page for a specific role. So we have created a table where we define enable flag for each button of a web page w.r.t a Role:
  create table role_web_page_button
  ( id int not null primary key,
    role_id int not null foreign key references role(id),
    web_page_button_id int not null foreign key references web_page_button(id),
    enable_flag int not null )So if the administrator say that for users belonging to "Payroll" role the "Update" button on "Personal Info" Screen will be disabled.
  insert into role_web_page_button values (100, 2, 25, 0)The user first go to login.jsp and provide login information. If successful we store his user_name and role_id in the session as an attribute. We then redirect the user to index.jsp. In this jsp we have a header.jsp on top. This JSP remains there on all web pages user visit.
  In that JSP we generate one Javascript function getButtonEnableFlags(). This function defines each button's enable flag of each screen for the user's role_id. So when a user of "Payroll" role logins then this is generated:
  function getButtonEnableFlags()
    var buttonEnableFlags = new Object();
    buttonEnableFlags["Personal_Info::update"] = "0";
    return buttonEnableFlags;
  }We also have a javascript function which tells us the enable flag's value for a button of a screen.
  function getButtonEnableFlag(webpageName, buttonName)
    var buttonEnableFlags = getButtonEnableFlags();
    var keyName = webpageName + "::" + buttonName;
    return buttonEnableFlags[keyName];
  }Each Web Page after loading calls a common javascript function setupButtons(webpageName). This function receives a webpage name, picks all buttons on the form of that web page, then call getButtonEnableFlag(webpageName, buttonName) to get enable flag for each button and then set it.
  This solution is working fast and perfect. The javascript function getButtonEnableFlags() is generated once when user logins so each web page does not have to call the server to figure out enable flag for their buttons.
  I have created a maintenance screen for the Administrator which provides the facility to enable/disable buttons on each web page for a specific role. This screen updates the role_web_page_button table.
  Problem is if the Administrator makes any changes for a Role how can I reflect that change on the user's of that role which are already login in the system? For example suppose 2 users of "Payroll" role are login in the system and for "Peson_Info" web page the "update" button is disabled. Now administrator changes the "update" button of "Personal_Info" web page to enable for "Payroll" role through the maintenance screen. How can I reload the header.jsp on only those 2 user's computer?
  Thanks

  I suppose you can use AJAX to change the end-users JSP page that is displayed on his browser as he is vieiwing it.
  However, I suggest against changing permissions on a JSP page while the user is using it (I believe most programmers do not do that). If I was an end-user with a JSP page displayed and I suddenly see the 'update' button disapear, I would be very upset.I suggest waiting for the user to close his session (and not simpily navigate to another page within the session, but actually ending the session by either calling up another web site or closing the browser) and when he next logs into the applcation again, the button is gone. If the administrator does take away a permission such as an 'update' button, do you really need to deny permission to everyone right then? I think you can wait for users to log off.
  An alternative is to create a batch job that when the admin removes permission, the batch job runs at midnight to actually change the permission in the database. Since few people are logged on at midnight, few people will see the change while they are working.
  Another possiblity is when they click the update button, don't do an actual update to the database. Instead, redraw the page with the update button disabled (not removed) and add a note on the JSP page that the administrator has just removed permission for all users to update at this time.

• Add 1 transaction to multiple roles

  Hi There,
  I am responsible for the authorization of the sap customers for my company.
  We have multiple roles for multiple company's within our own company.
  Butt when i must add one transaction to the role admin, i must ad the transaction for al the roles of the different company's. admin company 1, admin company 2, and so on.
  Is there an transaction i can do mass change's for multiple role's.

  Hi,
  There is a another way also, it could be done.
  Create One common Role - <b>zrole_common</b>
  This should be added to all admins of all companies
  Create seperate Role for each company ( excluding auth in common role).
  <b>zrole_company1</b>
  <b>zrole_company2</b> etc.
  Now assign <b>zrole_common</b> and <b>zrole_company1</b> to <b>company-1 admin</b>.
  Now whenever, you wanted to add any common auth obj, add it to zrole_common and regenerate it, This will be effected to all admins.
  I am not sure, how your Roles are maintained now. But if possible, go for this proven way.
  Thanks,
  Raj Sam

• NEED TO DETERMINE USERS THAT HAVE LOGGED IN WITH A SPECIFIC ROLE

  I have a requirement to determine which users have logged in with a specific
  role or accessing a specific application. I know I can use the
  ORASSO.WWSSO_AUDIT_LOG_TABLE_T table to see the users that have logged in, but
  need to know which table to join with in order to determine which group that a
  user belongs to. It would also be nice to figure out which users are accessing
  a given application.
  We are running AS 9.0.4.2 with ORASSO database 9.0.1.5.
  Can you identify which tables I will need to use to satisfy my requirement?
  Thanks, Mike

  Thanks! I modified this slightly to get what I needed but I didn't think that I could get this from dba_tab_privs. You were a huge help!
  select table_name, grantee
  from dba_tab_privs
  where
  table_name in ('UTL_FILE', 'UTL_TCP', 'UTL_HTTP', 'UTL_SMTP', 'DBMS_LOB', 'DBMS_SYS_SQL', 'DBMS_JOB', 'DBMS_BACKUP_RESTORE')
  and privilege='EXECUTE'
  order by table_name;

• Enhancement to delete particular entry of a specific role.

  I am novice to role maintenance (PFCG).
  I have a requirement to delete a partcular entry of a specific role. Currently this is done manually and i need to automate this.
  Is there any FM/BAPI for this purpose.
  Help in this regard will be appreciated.
  Regards,
  YOGESH KHEMANI

  Iam using this code for deleting instances in bulk,
  WhereCondition wc = WhereConditionHelper.whereInstancesClosed();
  IBPELDomainHandle domainHandle = locator.lookupDomain();
  BPELProcessId processId1 = new BPELProcessId("default","DBTest","1.0");
  domainHandle.deleteInstancesByProcessId(processId1);
  but iam getting Eceptions like
  Exception in thread "main" java.lang.Exception: Error deserializing return-value: java.io.InvalidClassException: com.oracle.bpel.client.BPELDomainHandle; local class incompatible: stream classdesc serialVersionUID = -6384534326625967840, local class serialVersionUID = -8310067783665200608
  Iam able to delete instances one by one using this code,
  ------------------- basic code-----------
  IInstanceHandle instance_handle[];
  instance_handle= locator.listInstances(wc);
  for(int x = 0; x< instance_handle.length; x++){
  System.out.println("Deleting instance "+instance_handle[x]);
  instance_handle[x].delete();
  But i want to delete instances in bulk,not one by one.Can you help me out in this.

• BDT - Assign a new Tab to a specific Role

  Hi,
  how can i assign a new Tab to a specific Role for example BUP001.
  BR
  TomSd

  I believe normally this is configured by Basis during installation. And in most of the scenarios, it is same as you described. i.e. its asks Package/Transport in R/3 but in BW it stores default in $TMP. Well you can always do this - create object in R/3 - assign package and transport and then later delete object from transport and transport, if you dont want to send that object to further systems.
  Abhijit

• Add a transaction to a role

  Hi,
  can someone send me the procedure to add a transaction to a role for a user?
  much appreciate ur help
  help would be rewarded.
  swaroop.

  Hi,
  There is a SAP delivered report that you can copy, remove the system type check and run. To do a landscape with delete, enter the roles to be deleted in a transport, run the delete program or manually delete and then relase the transport and import them into all clients and systems. 
  It is called: AGR_DELETE_ALL_ACTIVITY_GROUPS. 
  Regards,
  Sowmya