User Administration: DISP Only

Similar Messages

• Role for User Administrator(Read only)

  Hi All,
  I want to create a role just like the role ofUser Administrator.But I want to make it read only.I want that the end user can perform search operation,can see the locked user,can see the roles but can't delete the user.Basically ,they shouldn't able to do the modification.
  Any suggestions will be appreciated.
  Paritosh

  I have only managed to do this by creating a role and assigning the relevant User Admin iViews to the role and then changing the End User Permissions on the role.
  I assigned the ReadAll Premission. That did the trick for me.
  Groups unfortunately require the manage_groups Permission, so we do not allow the viewing of groups.

• Purchased MacBook Air...I am administrator and only user.  Forgot the admin ID and password.  Would like to start over and reboot

  JJust purchased a MacBook Air.
  i Am the administrator and only user.    It somehow lost the Admin ID and password... Hint does not work. 
  would ould like to to reset everything or just reboot and start the registration and setup from the beginning.  No saved items so nothing would be lost in a total reboot
  what is the best option please.  Migrating from a PC so everything is a bit confusing

  i know how to reset it....
  check this... http://www.tomsguide.com/faq/id-2330386/restore-macbook-air-factory-settings.htm l
  i have done it two time well it will ask you to download OS X again..
  Aayush

• Max number of items in detail of an object of User Administration

  Hello.
  When I go into "User Administration"->"Identity Management", I search an object (for example a Group XY
  After I select it to see the details.
  I choose the "Assigned Users" tab and Search.
  I see many items but I can display only 5 items for page.
  Is there a way to customize it to display, for example 20 items for page?
  Thanks for your help.
  Mario

  In new version of portal you have this option.
  right click on table -> User Settings -> More. Select desired no. of Rows. I am using CE 7.1 SP 11 and its available in this version.

• Export and Import of Portal Users (UME database only)

  Hi
  What is the most efficient way to export all Portal user that are stored in Portal UME database so that it can be imported to another Portal installation and be used..
  Thanks in Advance
  Ananda

  Hi,
  SAP User Administration is the standard way to export and import users in the portal. Using the export functionality, all the user information will get exported, including the roles and groups assigned:
  [User]
  uid=userid
  last_name=Lastname
  first_name=Tobias
  language=en
  accessibility=0
  role=pcd:portal_content/com.sap.portal.xxx;
  group=Administrators;
  If you only want to export the user data without the roles and groups, you'll have to delete these lines.
  SAP Help: http://help.sap.com/saphelp_nw04/helpdata/en/70/9be23d44d48e5be10000000a114084/frameset.htm
  Export Format: http://help.sap.com/saphelp_nw04/helpdata/en/ae/7cdf3dffadd95ee10000000a114084/frameset.htm
  SDN Article: https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/f02e3e37-5ee3-2910-129d-967aef3fa386
  br,
  Tobias

• BI Dashboard - access denied for user to path /users/administrator/_portal/

  Hi,
  While I am within OBI EE, I try to access My Dashboards and I get this error message:
  " access denied for user to path /users/administrator/_portal/dashboard layout.
  Error Details
  Error Codes: O9XNZMXB "
  I have looked in other forums and found a solutions which was to delete cookies and then restart the system whole. It didn´t work at first. After a while, the system would allow me to access My Dashboards but then....
  ....I wasn´t able to access the shared filters that are on the network, thus impeding my others dashboards to work.
  Does anybody know what the correct procedure for having this work is?
  Thanks in advance,
  Javier Rincon

  Hi...
  go to Catalog Manager.
  Open and navigate to particular folder (_portal in shared)
  right click that and go to permissions.
  In left pane are you able to see the presentation Administrator ??
  If then, check what kind of permission Administrator has (full control or not), if not.. add Administrator into this pane from right pane (In the right pane, You can see the user by Unchecking the check box present below show groups only check box.)
  you didn't tell with whom you logged in?
  If administrator then follow the steps i mentioned,
  else... same steps but instead of administrator check it for particular user.
  Thanks & Regards
  Kishore Guggilla

• How to enable create user option in portal under user administration?

  Hi,
  In Portal, in user administration tab, always the create user and Copy to  New user option is disabled, how can i enable those?
  -Siva

  If the AS ABAP is your datasource for your users there is NO WAY you can create users in the portal UME.
  ●     If the UME has read-only access, you cannot modify user attributes stored in the ABAP system, like first name and last name. You can modify attributes stored in the UME database, like street. Even if read-only access is assigned, users can still change their own passwords.
  ●     If the UME has read-write access, you can create users using the tools of the J2EE Engine. Users created in this way are stored as users in the ABAP system. Extended user data that cannot be stored in the standard ABAP user record is stored in the database of the UME.
  in the read/write access the users are created only in the ABAP side and not the java. If you have the read access you cannot create users in the abap side. hence you need the SAP_BC_JSF_COMMUNICATION role to create users in the AS ABAP.....
  Trust me .......bottomline ....you cannot create users in the JAVA UME if you have AS ABAP as your datasource !!!!
  hope this helps..
  \m/

• Process Administrator - Enable User Administration using LDAP

  I'm using Oracle BPM 10gR3 connected to an LDAP. I would like to have business participants to be able to manage the Absence Periods (PTO) for participants, but I don't want them to have general admin privileges. I think the "Enable User Administration" checkbox on the participant screen will allow someone to do just that. But, the box is disabled due to the LDAP connection (I think). So, does anyone know:
  1. If a user has Enable User Administration checked will they be able to manage the Absence Periods for participants?
  2. How to check the box while using an LDAP to manage participants?
  I read in the the Adminstration Guide how to: Assigning Administrative Privileges to LDAP Groups. But that's not my intent, it's only to enable the "Enable User Administration" checkbox.
  Thanks in advance.

  I solved the problem and I posted the solution into my blog, visit http://rodrigozuchetto.blogspot.com/

• Restrict the role of User Administrator

  Hello all,
  I need to know that if it is possible to restrict the Role of an User Administrator to assign only a specific set of Roles to the end user.
  For example : The user administrator should be able to assign only say Managers, Employees Roles to the Users and not any other roles like Super Administrators etc.
  If so, how can we achieve that?
  Regards
  Avik

  There is a authorization object (combined with a parameter) that does this restriction:
  S_SPO_PAGE
  Definition
  Using authorization object S_SPO_PAGE, you can restrict the maximum number of pages of a request that can be printed on a particular printer.
  This authorization check is only active if profile parameter rspo/auth/pagelimit is set to 1.
  Defined fields
  SPODEVICE       Device name for which the restriction is to apply.
  SPOPAGES        Maximum number of pages allowed; enter a range (0 to n) here

• SUS Supplier - Delegated User Administration

  Hello,
  We are trying to implement SUS Supplier Self registration in SRM 7.0 and we want to give supplier administrators access to perform delegated user administration for their users. When we implement this scenario, the SUS system requires access to SU01 in the backend security role for the supplier to be able to find users and unlock, delete etc. However there is no control in terms on what users they can manage once SU01 is given to them. Have you seen this in the past and is there any control that can be built into it?
  Thanks,
  Varun

  Trilchan,
  Companies are not activated by default that is the reason you are able to see only ume.tpd.companies=0 which means their is no company available in portal. You can add the company codes in a comma seperated list like ume.tpd.companies=A,C,B in this example you have three companies named A,B and C. Its upto your convenient to add no. of companies and name of the company groups based on your business requirement.
  Additional info:
  When you add a company in portal a group shall be created automatically with the name STPD_<CompanyName> example STPD_A where A is company name.
  Refer:
  http://help.sap.com/saphelp_nw04/helpdata/en/3e/9bd6e9a11fd847a1ca1a5f9ac6ad23/content.htm
  Ram

• Central User Administration using EP

  Hi,
  Can any body tell me how we can do central user Administration using EP. My landscape has multiple SAP systems, BW system and EP system. How should we go about it?
  Any help?
  regards,
  Sujesh

  HI Sujesh,
  EP is not able to serve as a hub for central user administration in my opinion.
  You can connect EP to several user stores like LDAP servers (including Microsoft ActiveDirectory) and SAP Systems.
  So
  a) you store all your users in an LDAP and connect all your SAP systems to that LDAP
  b) you declare one of your SAP systems as central user administration (CUA) "master", connect all other as "slaves" and connect the EP UME to the master
  But in any way - there is no GUI inside the EP where you can administer all user related things like roles from all systems, etc. This can only be done in an ABAP system.
  Hth,
  Michael

• Portal Installation : User Administration -- Role workset error

  Dear All,
  We have installed EP NW04 SR1 . Every thing is working fine, All the menus are coming up properly except when i click on the User Administration --> Role --> Role menu, its starts for some time and then gives "Page cannot be displayed, Operation aborted" . This error only comes for the Role workset. Every thing else is working fine.
  It would be nice if i can get guidance as to how to debug this error
  Regard
  PN

  Hi,
  I am still unable to solve the problem. The same problem persists with the ROLE and User Mapping.
  I try to open it and it gives the "page cannot be displayed, operation aborted " error
  Help is appreciated
  Regards
  PN

• NWA 7.1 - User Administration with regards to Roles/Groups

  Hello,
  Environment = NWA 7.1 , Java Stack Only , No Central User Administration
  Situation      = One group of individuals responsible for developing and maintaining Java Roles & Groups
                        (Permissions). Another group of individuals responsible for maintaining Users and
                        allocating the above Roles & Groups to the Users.
  In accordance with various documentation (ie. http://help.sap.com/saphelp_nwpi711/helpdata/en/4a/e06f429c789041e10000000a1550b0/frameset.htm) I have set up a Role which includes the actions: UME.Manage_Roles, UME.Manage_Groups, UME.Manage_Users, UME.Manage_All_User_Passwords & UME.Read_All. This Role is intended for the second group of individual mentioned above.
  The problem is however that with the mentioned actions they can not only allocate an user to a Role or Group but also delete the Role/Group from the system. Without the above actions in the Role it is not possible to assign Users to a Role/Group.
  This leads me to the question if it is possible to split these two various areas of responibility or does NWA 7.1 view both activities as residing in only group (documentation to this effect would be helpful). If not, which actions will ensure that only Users can be administered but the rights to the system (Roles/Groups) can not be tampered with.
  Many thanks in advance,
  Jay

  Hi Jay,
  UME.Manage_All Provides permissions required by an overall user administrator.
  These include:
  u2022 Administration of users belonging to any company and
  possibility of assigning users to companies
  (In a multitenant portal, even if a tenant user is assigned this
  action, he or she will still only have access to users, groups,
  and roles in his or her tenant.)
  u2022 Group management
  u2022 Role assignment
  u2022 User mapping
  u2022 Import and export of user data
  u2022 Manual replication of user data
  To set up delegated user administration, overall user administrators
  must belong to a role to which the UME.Manage_All action is
  assigned.
  In portal installations, any role that includes the UME.Manage_All
  action automatically has Role Assigner permissions on all portal roles in the portal installation.
  Try this.
  Regards,
  Gowrinadh

• CUCM End User Administration

  Our Helpdesk staff performs the basic functions of add/remove phones and add/remove users from CUCM.  We've just upgraded from CM 4.2 to CUCM 8.5(1).  We are using the integrated CUCM LDAP and not AD integration.  My Helpdesk users are able to use the User/Phone Add option to create a new phone and a new CUCM End User.  They are able to edit all the necessary properties of the phone and line settings.  But with their current group/role memberships they are unable to change attributes of users or to be able to delete them.  The only Role I can see to add them to that allows changes to End Users is Standard CCMADMIN Administration and the only User Group is Standard CCM Super Users.  Both of those give far more rights than I would like Helpdesk staff to have.  Am I missing something obvious to allow them to perform End User management?  Has anyone else encountered this?  Below are the groups/roles my Helpdesk staff are currently part of.  Any help would be apprecitated.
  Bryan
  I've added the users on our Helpdesk to the following Groups:
  Standard CCM Admin Users
  Standard CCM End Users
  Standard CCM Phone Administration
  Standard CTI Enabled
  Standard RealtimeAndTraceCollection
  Which automatically adds them to the following Roles:
  Standard CCM Admin Users
  Stadard CCM End Users
  Standard CCM Phone Management
  Standard CCMADMIN Read Only
  Standard CCMUSER Administration
  Standard CTI Enabled
  Standard CUReporting
  Standard RealtimeAndTraceCollection

  Bryan,
  If I remember correctly, there isn't a pre-canned role that will allow for End User administration. I don't know why.
  Your best bet is to create a custom Role and User Group. This way, you can give your Helpdesk exactly the access they need. The descriptions for the Role permissions are pretty self-explanatory, so it should be pretty easy to accomplish.
  Steps:
  1) create new role
  2) assign permissions to the new role
  3) create a new User Group
  4) assign the new Role to the new User Group
  5) assign the new User Group to the End/Application User accounts for the helpdesk.
  This maybe helpful: http://www.cisco.com/en/US/partner/docs/voice_ip_comm/cucm/admin/8_5_1/ccmsys/a02mla.html#wp1062944
  HTH
  Adam

• Unlock the user Administrator.

  Hi,
  The user Administrator for my J2EE Engine had been locked.
  Is there a way by which this user can be unlocked.
  Please guide me.
  Thanks,
  Prasita.

  Hi,
  Is there a way to unlock the user at the database layer?
  I mean in case of an ABAP stack, I can go to the usr02 table and unlock a user by setting the uflag value.
  In case of the JAVA only stack,what is the coressponding table at the database level?