User Comparison - Roles contantly going to 'red' inactive

Hi,
Can someone shed some light on this issue i'm having here.
I noticed today while working with a user in SU01 that the role assigned to the user switch from green 'active' to 'red' inactive. There were updates made to the master role  and then passed to the child (derived) roles. I manually ran user comparison and then verified in SU01 that the roles were still green. Couple hours later I noticed the child role went to 'red' inactive. Why is this happening. This happened and I took at as one time incident but this happening more frequently. 
-Wes

Could be...
According to Wes's Business Card he (?) is from the US and for some reason (probably the training documentation in ADM940...!) I have more often than not noticed that US based systems tried to allign the profile names to the "activity group" names when building little single roles - sometimes one role per transaction - as "building blocks" for activities clubbed together into composites.
@ David: I also hate composites...
Unless Wes clarifies, I would however still place my bets on a profile name collision as a result of the DEV, QAS and PROD having the same first and third characters in the SID name, or a client disorder in DEV from which the roles are being transported (e.g. "golden security client" implemented later than the productive client transport routes, or a customizing client was used to make the changes).
AGR_NUM_2 has MANDT as a key field and with derived roles and small singles the limit can be reached with ease, particularly if these were download / uploaded in the past to avoid transport request sequence confusion - which is reasonable in my opinion.
Cheers,
Julius

Similar Messages

  • CUP Auto Provisioning Error 260: User Comparison

    I am in the process of configuring the CUP 5.3 module within our ECC and SRM environments.  I believe the path and associated stages are established properly.  I have tested the auto provisioning functionality within both SRM and ECC.  As it relates to SRM, the auto provisioning functionality works without a hitch.  However, when I attempt to auto provision a user into our ECC environment, I receive the following error:
    Auto provisioned for request on 04/07/2010 13:41 
       New User: T00522 created on 04/07/2010 13:42 in System(s): DR4-300.
       User attributes changed for User : T00522 in System(s) :DR4-300.
       Role Provisioning failed for System(s) : DR4-300. Error Message : 260:User master comparison incomplete; see long text
    Speaking with out security team, the only time they have seen this issue was when they attempted to map a user, using PFCG, to a role.  However, I informed them that CUP uses SU01.  They have not experienced such an issue using SU01 and clicking on the user comparison button. 
    Interesting point:  The user record is created and roles assigned to user but have a red light indicator by the role within SU01.  However, when the next day rolls around the role has been changed to a Green light, profile assigned and everything is looking good.  Unfortunately, CUP can't seem to register this and when the Role Owner attempts to approve the role / user request again.  The same error occurs and until I can get around this error, the workflow is not closed out nor is the requester notifiied.
    Questions:
    (1)  How can I fix this issue, I assume it will require a security change to be made within the ECC environment?
    (2)  If this issue can't be fixed, can I get around this issue with a detour or other CUP error processing step?

    Denoted below is the log that corresponds to the 260 comparison error.  Does anyone know what access I am missing within the UME.  I have tested this provisioning process, manually, and do not run into a Comparison error within the SU01 screens:
    2010-04-27 13:44:54,748 [SAPEngine_Application_Thread[impl:3]_31] ERROR com.virsa.ae.service.ServiceException: 260:User master comparison incomplete; see long text
    com.virsa.ae.service.ServiceException: 260:User master comparison incomplete; see long text
         at com.virsa.ae.service.sap.SAPProvisionDAO.executeRoleOperation(SAPProvisionDAO.java:1706)
         at com.virsa.ae.service.sap.SAPProvisionDAO.assignRoles(SAPProvisionDAO.java:1458)
         at com.virsa.ae.service.sap.ProvisionSAPUserDAO.provisionInNonCUA(ProvisionSAPUserDAO.java:1232)
         at com.virsa.ae.service.sap.ProvisionSAPUserDAO.provisionRole(ProvisionSAPUserDAO.java:932)
         at com.virsa.ae.service.sap.ProvisionSAPUserDAO.provisionUser(ProvisionSAPUserDAO.java:118)
         at com.virsa.ae.accessrequests.bo.ProvisioningBO.autoProvision(ProvisioningBO.java:216)
         at com.virsa.ae.accessrequests.bo.RequestBO.autoProvisioningForApprove(RequestBO.java:4572)
         at com.virsa.ae.accessrequests.bo.RequestBO.callAEExitService(RequestBO.java:5565)
         at com.virsa.ae.accessrequests.bo.RequestBO.callExitService(RequestBO.java:5339)
         at com.virsa.ae.accessrequests.bo.RequestBO.approveRequest(RequestBO.java:5191)
         at com.virsa.ae.accessrequests.bo.RequestBO.approveRequest(RequestBO.java:4984)
         at com.virsa.ae.accessrequests.actions.RequestViewAction.confirmRequestApproval(RequestViewAction.java:941)
         at com.virsa.ae.accessrequests.actions.RequestViewAction.execute(RequestViewAction.java:103)
         at com.virsa.ae.commons.utils.framework.NavigationEngine.execute(NavigationEngine.java:271)
         at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:431)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
         at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
         at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
         at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
         at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
         at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
         at java.security.AccessController.doPrivileged(AccessController.java:219)
         at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:102)
         at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:172)
    2010-04-27 13:44:54,927 [SAPEngine_Application_Thread[impl:3]_31] INFO  com.virsa.ae.accessrequests.bo.RequestAuditHelper : logMajorAction() :   : intHstId : 3068
    2010-04-27 13:44:54,972 [SAPEngine_Application_Thread[impl:3]_31] ERROR no dtos exist which are in the same state as the passing dto
    com.virsa.ae.core.ObjectNotFoundException: no dtos exist which are in the same state as the passing dto
         at com.virsa.ae.workflow.bo.WorkFlowBOHelper.getIfUnapprovedPathExists(WorkFlowBOHelper.java:2662)
         at com.virsa.ae.workflow.bo.WorkFlowBOHelper.handleWFForNewPathStage(WorkFlowBOHelper.java:2516)
         at com.virsa.ae.workflow.bo.WorkFlowRequestRerouteHelper.rerouteRequest(WorkFlowRequestRerouteHelper.java:68)
         at com.virsa.ae.workflow.bo.WorkFlowBO.rerouteRequest(WorkFlowBO.java:614)
         at com.virsa.ae.accessrequests.bo.RequestBO.rerouteRequestForAutoProvisioningFailure(RequestBO.java:6897)
         at com.virsa.ae.accessrequests.bo.RequestBO.approveRequest(RequestBO.java:5239)
         at com.virsa.ae.accessrequests.bo.RequestBO.approveRequest(RequestBO.java:4984)
         at com.virsa.ae.accessrequests.actions.RequestViewAction.confirmRequestApproval(RequestViewAction.java:941)
         at com.virsa.ae.accessrequests.actions.RequestViewAction.execute(RequestViewAction.java:103)
         at com.virsa.ae.commons.utils.framework.NavigationEngine.execute(NavigationEngine.java:271)
         at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:431)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
         at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
         at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
         at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
         at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
         at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
         at java.security.AccessController.doPrivileged(AccessController.java:219)
         at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:102)
         at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:172)
    2010-04-27 13:44:55,394 [SAPEngine_Application_Thread[impl:3]_31] INFO  com.virsa.ae.accessrequests.actions.RequestViewAction : confirmRequestApproval() :   : setting context to true, ending context
    2010-04-27 13:44:55,414 [SAPEngine_Application_Thread[impl:3]_31] INFO  com.virsa.ae.dao.sqlj.RequestDataForwardDAO : findTransactions() :   : sbQuery : SELECT REQNO, REQPATHID, STAGE_NAME, FWDED_BY, APRVRID, ITERATION, FORWARD_TYPE, STATUS FROM VIRSA_AE_RQD_WPFWD WHERE REQNO = ?
    2010-04-27 13:44:55,486 [SAPEngine_Application_Thread[impl:3]_31] INFO  com.virsa.ae.dao.sqlj.SAPConnectorDAO : findAllActiveSAPConnectors :   :  going to return no of records= 3
    2010-04-27 13:44:55,495 [SAPEngine_Application_Thread[impl:3]_31] INFO  com.virsa.ae.dao.sqlj.OracleAppsConnectorDAO : findAllActiveORACLEConnectors :   :  going to return ImmutableList(empty)
    2010-04-27 13:44:55,498 [SAPEngine_Application_Thread[impl:3]_31] INFO  com.virsa.ae.dao.sqlj.PACSConnectorDAO : findAllActivePACSConnectors :   :  going to return ImmutableList(empty)
    2010-04-27 13:44:55,502 [SAPEngine_Application_Thread[impl:3]_31] INFO  com.virsa.ae.dao.sqlj.WSConnectorDAO : findAllActive :   :  going to return ImmutableList(empty)
    2010-04-27 13:44:55,505 [SAPEngine_Application_Thread[impl:3]_31] INFO  com.virsa.ae.dao.sqlj.ApplicationDAO : findAllForContext :   :  going to return ImmutableList(empty)
    2010-04-27 13:44:55,532 [SAPEngine_Application_Thread[impl:3]_31] INFO  com.virsa.ae.dao.sqlj.RequestDataSODConflictDAO : findAllForContext(SqljContext ctx)  :   :  going to return ImmutableList(empty)
    2010-04-27 13:44:55,535 [SAPEngine_Application_Thread[impl:3]_31] INFO  com.virsa.ae.dao.sqlj.RequestDataSODConflictDAO : findAllForContext(SqljContext ctx)  :   :  going to return ImmutableList(empty)
    2010-04-27 13:44:55,540 [SAPEngine_Application_Thread[impl:3]_31] INFO  com.virsa.ae.dao.sqlj.RequestDataMitigationDAO : findAllForContext(SqljContext ctx)  :   :  going to return ImmutableList(empty)
    2010-04-27 13:44:55,579 [SAPEngine_Application_Thread[impl:3]_31] INFO  com.virsa.ae.accessrequests.actions.RequestViewAction : pageLoad() :   : INTO the method
    2010-04-27 13:44:55,580 [SAPEngine_Application_Thread[impl:3]_31] INFO  com.virsa.ae.accessrequests.actions.RequestViewAction : pageLoad() :   : request number : 154
    2010-04-27 13:45:14,055 [SAPEngine_Application_Thread[impl:3]_18] INFO  com.virsa.ae.dao.sqlj.RequestTypeDAO : findAll :   :  going to return no of records= 20

  • Deassignment of users from roles

    Hi,
    We have a couple of users in our system who are assigned to some standard SAP roles.
    These roles are themselves not composite roles , but form a part of some composite roles.
    Now when I try to deassign the "blue" users from these roles, it's not possible.
    How do I go about it?
    Please help.
    Thanks,
    Saba.

    Hi,
    Both ways its not possible.
    When I remove the user from the role, it comes back after user comparison:((
    & the role refuses to get deleted from the user.
    Also, both appear in blue.
    Plsss. help..
    Thanks,
    Saba.

  • APEX installation failed. ORA-01917: user or role 'FLOWS_FILES' does not...

    Hey All,
    The following environment:
    - RedHat Enterprise Linux AS Update 4
    - Oracle DB EE 10.2.0.1.0
    - OHS 10.1.2.0.0 (Standalone Companion CD)
    * No errors with any of the installs. All working order.
    Application Express 2.2 installation:
    When I ran apexins.sql and passed the following six arguments in the order shown:
    @apexins password adde addeData TEMP /i/ NONE
    I noticed the following set of errors in the error logs:
    grant connect, resource to flows_files
    ERROR at line 1:
    ORA-01917: user or role 'FLOWS_FILES' does not exist
    ... and it goes on and on about the user/role.
    After post installation tasks have been completed, visits to
    http://hostname.domain:port/pls/apex
    result in the following error being displayed:
    wwv_flow.app_not_found_footer_err
    wwv_flow.err      wwv_flow.app_not_found_err
    *Note: My URL shows
    http://hostname.domain:port/pls/apex/apex
    Any ideas or suggestions? I am afraid I have a necessary database account locked, the documentation is off, or I have misconfigured a necessary step.
    Thanks!
    Daniel Nguyen

    You should also double check that the tablespace named addeData actually exists in your database. If it does not, the FLOWS_FILES user will not be created, and that will result in a failed installation.

  • User comparison?

    Hi all!!!
    I am relatively new to SAP authorisation concept, ad i think i dont completely understand the idea of user comparison.
    Am i correct:
    - if i use SU01 to assign a role to a user there's no need to perform a user comparison
    - if i assign user to a role i have to run user comparison. Before comparison,if you look into user master record the role is already there, but it is uncompared, and user dont have authorisations yet, though he can log on and see role menu.
    What is the point of user comparison? what does it do apart from assigning profiles? if nothing, why is it so that user dont have roles authorisation immeadiately after assignin him to a role in pfcg?? What is the point? First i thought that it removes all profiles which are not connected to the assigned role..but i try to attach some profiles manually and did user comparison, wich didn't remove manually entered profiles...so..
    Can anybody describe it using simple language?
    Tanks!

    Hi Stanislaw,
    >
    Stanislaw Adamski wrote:
    > - if i use SU01 to assign a role to a user there's no need to perform a user comparison
    Yes, that is correct. When saved through SU01, SU10, a UMR reconcilation is done for the user(s).
    >
    Stanislaw Adamski wrote:
    > - if i assign user to a role i have to run user comparison. Before comparison,if you look into user master record the role is already there, but it is uncompared, and user dont have authorisations yet, though he can log on and see role menu.
    >
    Thats a very good observation. Even I didnt know that the role menu would be displayed. However, (technically) since its actually the profiles and not the assignment of roles that give authorization, a user or role compare is required. The assignment of profiles to users can be viewed in table UST04. SU01/SU10 updates the UMR to reflect the appropriate profile(s) of the role in UST04. PFCG does not do this, unless manually done. If not compared via PFCG, this compare is rectified on the next run of PFCG_TIME_DEPENDENCY.
    >
    Stanislaw Adamski wrote:
    > What is the point of user comparison? what does it do apart from assigning profiles? if nothing, why is it so that user dont have roles authorisation immeadiately after assignin him to a role in pfcg?? What is the point?
    User Comparison updates the profiles in the UMR, table UST04 ...and maybe many others! . I hope you are clear on assigning through PFCG now
    >
    Stanislaw Adamski wrote:
    First i thought that it removes all profiles which are not connected to the assigned role..but i try to attach some profiles manually and did user comparison, wich didn't remove manually entered profiles...so..
    Generated profiles should not be assigned via the profiles tab. It does not allow to do this, maybe on earlier versions, still does allow this. However, if you still do assign this, PFCG_TIME_DEPENDENCY will remove this assignment!
    A standard SAP profile, or a manually created profile(through SU02) will not get affected.
    Hope this clarifies
    Abhishek

  • Show or hide ADF custom tab based on user's role

    Hi everyone,
    I have created a custom tab on the self-service interface (OIM 11.1.1.5) which contains two sub-tabs.  I would like to show or hide one of the sub-tabs based on the role of the currently logged in user.   Does anyone know of way to achieve this?
    Thank you very much!
    Paul

    Figured it out.  Here's how to do it:
    Scenario:
    You are working in OIM 11.1.1.x.   You create a custom tab on the self-service page.  This tab should only be visible to users with a certain role, say XYZ.
    Step 1:  Create a Boolean variable in the managed bean that will be true if the user has the role, false otherwise.
    Step 2:  Create a class called CurrentUser or something along those lines that will grab the logged in user's roles and test to see if he/she has the required role.  It should set a variable within the class to true or false.  Or you can skip creating a class and put this code in your managed bean constructor so that it runs as soon as the user goes looking for the tab.  The whole point of this, regardless of how you do it, is to end up with a Boolean variable that is set to true or false depending on the role requirements.
    Step 3:  In your .jsff file (the one with the tab you want to show/hide in it), find the tab and look for an attribute named "rendered."  This will likely be located in your <af:showDetailItem> tag under your <af:panelTabbed> tag.  This controls whether or not the tab is displayed.  So set the rendered value to the value of the boolean you created earlier, like this:
    rendered=#{somebeanname.yourbooleanvariablename}"
    Hence, when your variable is false, this tab will not be shown.  If it's true, they will see the tab.  That's all there is to it. :-)

  • User Comparison made easy?

    Hello all --
    Sorry if this is an old and already answered question, I did some searching but nothing came up.
    Is it possible to do a "User Comparison" in bulk, or to schedule that as a background job? I find myself go through many roles and check the user comparison manually, but it seems like there should be a way to automate that. I am not that clear on what it actually does, although I believe it applies changes made somewhere.
    Thanks in advance...
    MMPP

    Thanks Raghu for your reply, and sorry for posting in the wrong forum.
    May I ask you for further details regarding your comment?
    Raghu wrote:
    This can play havoc with authorizations if you do not use it properly.
    How is this different from running the user master comparison from within the role? How would you avoid using it "improperly"?

  • PFCG, user comparison

    Hi,
    in PFCG trx there is a tab named user and a button "user comparison".
    I cannot understand what is the function of that button.
    After clicked it I can see that the warning icon on the abova tab becomes green.
    Thanks
    Best regards

    Hi,
    This tab does similier job as PFUD for reconcilation of profiles to users.
    Yello tab of User Comparison indicates , though role is assigned to user , it is not up to date and needs to reconsile.
    Green tab indicates , profiles assigned to user is up to date and have all required authorization granted.
    Read Help guidelines :
    Comparing user master records
    o   The user master record comparison that is run automatically by
         report PFCG_TIME_DEPENDENCY can also be executed manually for a
         single role. To do this, choose Compare users on the Users tab. The
         status display on this pushbutton indicates whether or not you need
         to execute the comparison again.
         -   If you make changes to the users assigned to the role or
             generate a corresponding authorization profile, then you need to
             compare the user master records again.
         -   This compares the authorization profiles with the user master
             records, that is, profiles that are no longer current are
             removed from the user master records, and the current profiles
             are entered.
    Regards,
    Edited by: Rupali B on Mar 6, 2012 2:36 PM

  • RBAC- user to role conversion

    Hi all,
    In solaris 10, i have an Application started by user called <test> and this application will start the many process.
    when all the process are up and running which were started by user <test>.
    - Now i am going convert this user <test> to role <test> ( using usermod -K type=role  test), will it have any impact on the system?
    -Are do i need to stop the all the process which are running by user <test> after that i have to convert the user to role?
    which one is good approach?
    can you please provide your views on these.
    thanks,
    Rajeshwar

    Hi Bernard,
    getRoles(boolean recursive)
    Gets the list of (all) assigned roles of this user including parent groups, grandparent groups,...
    should be what you are looking for?!
    See http://media.sdn.sap.com/html/submitted_docs/60_sp2_javadocs/ume/com/sap/security/api/IUser.html#getRoles(boolean) for details
    Hope it helps
    Detlev

  • ABAP Program: User comparison

    Hi all,
    I would like to know the name of ABAP report that can enable me to perform user comparison after I have created a new role and added to user.
    thanks

    Hi,
    You can use the program RHAUTUPD_NEW or goto the transaction PFCG->Utilities-> Mass Comparison.
    Hope it helps.
    Regards,
    Gaurav

  • Creation of user and roles in ldap using jldap api

    Please help me in creating user and roles in ldap through java api.
    I am able to manupulate the existing user and role in ldap. Please give
    me some steps or some sample code for creating user
    satyanandasahu
    satyanandasahu's Profile: http://forums.novell.com/member.php?userid=89095
    View this thread: http://forums.novell.com/showthread.php?t=414763

    Thanks Jim..
    this is doing the work. Here we have a custimised class with customised
    attributes I am looking how to do that.
    Can you give your mail id.
    thanks again
    Jim Willeke;1995096 Wrote:
    > Have you seen these samples:
    > 'Novell Documentation'
    > (http://developer.novell.com/document...mple/index.htm)
    >
    > See the AddEntry.java
    > -jim
    >
    > On 7/2/2010 9:36 AM, satyanandasahu wrote:
    > >
    > > Please help me in creating user and roles in ldap through java api.
    > > I am able to manupulate the existing user and role in ldap. Please
    > give
    > > me some steps or some sample code for creating user
    > >
    > >
    satyanandasahu
    satyanandasahu's Profile: http://forums.novell.com/member.php?userid=89095
    View this thread: http://forums.novell.com/showthread.php?t=414763

  • AppServer: problems trying to add users to roles in security dialog

    I'm trying to learn J2EE using AppServer. My current example has a client accessing
    an entity bean. I want two classes of user - Reader, and Updater. Most methods
    of Home and Remote are accessible to both classes, a few are restricted to users
    in Updater role. I'm currently having problems adding users to roles in deploytool.
    I have defined users using the Admin client.
    I have implemented and test run client and entity bean without security restrictions, it works.
    I have defined roles associated with the application.
    I have allocated roles to every method in Home and Remote interface of bean.
    I have extracted the generated XML file and checked the <assembly-descriptor> section and
    it appears that all roles and role descriptions are defined as required.
    deploytool lets me use the "Security Role Mapping" dialog, I can select either of my roles and
    try "Add user to role" - subsequent dialog shows my users and allows me to "Map user to role" -
    but selected user does NOT appear in the user names panel.
    What am I doing wrong or what am I omitting? Hints please!

    Thanks for suggestions. (I'm using Windows so file-protections pretty
    non-existent).
    I looked in the Sun file you mentioned and found the users were defined.
    When I restarted AppServer and deploytool, the users were shown in the appropriate
    panel.
    There is probably some minor bug in deploytool that causes the User Panel not
    to be updated as it should be after a user has been added to a role.

  • How to use the user and role API's and where to use it

    Hi All,
    I have configured SSO for my UCM11g. Now my application authenticates through the Oracle SSO login page. Currently it is working with SQL authenticator.
    Now, i have to use LDAP authenticator. when i will configure the LDAP authenticator, i have to use the user and role API's to fetch the user profile information from LDAP. i have got the API's which will be used to fetch the respected information, but i am not getting as where i will write those java programs and how this API will be used in my application. what settings i need to do on it so that application uses the API's. ?
    Please can anyone help me on this.
    thanks,
    Saurabh

    Hi, Mithu,
    Thanks a lot for your help in advance.
    I have carefully read the document: https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/6b66d7ea-0c01-0010-14af-b3ee523210b5.
    Now, I think I have to set the processor of every actions in every process if I use the GP for processing the workflow.
    I am better to hope that I can set the processor to the role for every actions in every process in the runtime through get the organizational structure in the WDA(webdynpro for java or webdynpro for java). Thus, the customer don't set the processor to the role for every action in every process when runing in the GP.   I don't know how to do this. 
    Whether the function is not supported in the GP? If so, I have to config two organizational structure: in the R/3 and in the Portal. I don't think our customer don't receipt this solution.
    Do you give me some hints? Thanks a lot.  My email: [email protected]
    Thanks again.
    Thanks & Regards,
    Tao

  • During import ora-01917 user or role does not exist "High Priority"

    Hi,
    When i import the data the following error occured.
    imp system/[email protected] fromuser=dmv_ace_ruh touser=dmv_ace_ruh file=F:\dmvaceruh.dmp log=F:\dmvaceruhimp.log ignore=y
    fromuser=dmv_ace_ruh (exported by another database i.e database name is ACE)
    OS = Sun solaris
    touser=dmv_ace_ruh (database name is SAI)
    OS = windows server 2003
    Database Common 10g
    Connected to: Oracle Database 10g Enterprise Edition Release 10.2.0.1.0 - 64bit Production
    With the Partitioning, OLAP and Data Mining options
    Export file created by EXPORT:V10.02.01 via direct path
    Warning: the objects were exported by DMV_ACE_RUH, not by you
    import done in AR8MSWIN1256 character set and AL16UTF16 NCHAR character set
    export client uses WE8MSWIN1252 character set (possible charset conversion)
    . importing DMV_ACE_RUH's objects into DMV_ACE_RUH
    . . importing table "DMV_COVER_RISK_SMI_DISC_LOAD" 0 rows imported
    IMP-00017: following statement failed with ORACLE error 1917:
    "GRANT ALTER ON "DMV_COVER_RISK_SMI_DISC_LOAD" TO "PREM_ACE_RUH""
    IMP-00003: ORACLE error 1917 encountered
    ORA-01917: user or role 'PREM_ACE_RUH' does not exist
    IMP-00017: following statement failed with ORACLE error 1917:
    "GRANT DELETE ON "DMV_COVER_RISK_SMI_DISC_LOAD" TO "PREM_ACE_RUH""
    IMP-00003: ORACLE error 1917 encountered
    ORA-01917: user or role 'PREM_ACE_RUH' does not exist
    IMP-00017: following statement failed with ORACLE error 1917:
    "GRANT INDEX ON "DMV_COVER_RISK_SMI_DISC_LOAD" TO "PREM_ACE_RUH""
    IMP-00003: ORACLE error 1917 encountered
    ORA-01917: user or role 'PREM_ACE_RUH' does not exist
    IMP-00017: following statement failed with ORACLE error 1917:
    "GRANT INSERT ON "DMV_COVER_RISK_SMI_DISC_LOAD" TO "PREM_ACE_RUH""
    IMP-00003: ORACLE error 1917 encountered
    ORA-01917: user or role 'PREM_ACE_RUH' does not exist
    IMP-00017: following statement failed with ORACLE error 1917:
    "GRANT SELECT ON "DMV_COVER_RISK_SMI_DISC_LOAD" TO "PREM_ACE_RUH""
    IMP-00003: ORACLE error 1917 encountered
    ORA-01917: user or role 'PREM_ACE_RUH' does not exist
    IMP-00017: following statement failed with ORACLE error 1917:
    "GRANT UPDATE ON "DMV_COVER_RISK_SMI_DISC_LOAD" TO "PREM_ACE_RUH""
    IMP-00003: ORACLE error 1917 encountered
    ORA-01917: user or role 'PREM_ACE_RUH' does not exist
    IMP-00017: following statement failed with ORACLE error 1917:
    "GRANT REFERENCES ON "DMV_COVER_RISK_SMI_DISC_LOAD" TO "PREM_ACE_RUH""
    IMP-00003: ORACLE error 1917 encountered
    ORA-01917: user or role 'PREM_ACE_RUH' does not exist
    IMP-00017: following statement failed with ORACLE error 1917:
    "GRANT ON COMMIT REFRESH ON "DMV_COVER_RISK_SMI_DISC_LOAD" TO "PREM_ACE_RUH""
    IMP-00003: ORACLE error 1917 encountered
    ORA-01917: user or role 'PREM_ACE_RUH' does not exist
    IMP-00017: following statement failed with ORACLE error 1917:
    "GRANT QUERY REWRITE ON "DMV_COVER_RISK_SMI_DISC_LOAD" TO "PREM_ACE_RUH""
    IMP-00003: ORACLE error 1917 encountered
    Regards
    S.Azar
    DBA
    Edited by: azarmohds on Oct 5, 2009 5:11 AM

    oradba wrote:
    What's not clear with this error message? The mentioned role ''PREM_ACE_RUH' does not exist in the target database. So granting privileges to this role cannot work.
    Werner''PREM_ACE_RUH' this is one of the user of ACE database. but i exported DMV_ACE_RUH user data only...
    but i cannot import the dmv_ace_ruh data to same user name of SAI database..
    regards
    S.azar

  • How to config the user and role in the runtime for executing in the GP?....

    Hi Experts,
    I am learning GP(Guided processor)according the document
    http://help.sap.com/saphelp_nw70/helpdata/en/44/0d5b8f250d5cfae10000000a155369/frameset.htmneed.
    I meet two question when I learn the GP.
    The first:
    This document don't tell me how to config the member framework of the company.  After I design the GP, I have to config the user and role in the runtime for executing. I hope I can use the WDA(webdynpro for java or webdynpro for java) to implement to config the user for executing in the runtime. Thus, the customer don't config the user when runing the GP. But I don't know how to do this.
    I need a document guide step by step to tell me how to do this.
    The second:
    If I use the workflow in the GP, I have to install and config the NWDI(Netweaver Development Infrastructure). Now I have installed the NWDI, but I don't know config it so that I can download it to my machine for develop the workfolw in the GP.
    Do you give me some hints? Thanks a lot.
    Thank a lot.
    Best regards,
    tao

    Hi, Mithu,
    Thanks a lot for your help in advance.
    I have carefully read the document: https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/6b66d7ea-0c01-0010-14af-b3ee523210b5.
    Now, I think I have to set the processor of every actions in every process if I use the GP for processing the workflow.
    I am better to hope that I can set the processor to the role for every actions in every process in the runtime through get the organizational structure in the WDA(webdynpro for java or webdynpro for java). Thus, the customer don't set the processor to the role for every action in every process when runing in the GP.   I don't know how to do this. 
    Whether the function is not supported in the GP? If so, I have to config two organizational structure: in the R/3 and in the Portal. I don't think our customer don't receipt this solution.
    Do you give me some hints? Thanks a lot.  My email: [email protected]
    Thanks again.
    Thanks & Regards,
    Tao

Maybe you are looking for

  • Help: related to selection screen

    hi all,                Fields on selection screen (input screen) : Company Code, Document Number, Fiscal Year , Date , Tax Code , LST Condition, CST Condition.        Field in the output List : Total Amount comes as Basic Amount and ( BED +  CESS ) a

  • Rather significant BUG in Lightroom 3.0-3.2

    Ok, I have found a really annoying bug in Lightroom. It was not there in 2.0, but is in 3.0 and 3.2.  (I use the MAC version) When in the library module,  if you select a number of images and switch to the survey view.   You cannot mark individual im

  • SBO 2005 SP1

    I have SBO 2005 A on my computer. I have just downloaded SBO 2005 SP1. What are the differences between SBO 2005 and SBO 2005 SP1?

  • Force refresh a report

    Hello, Is there a way where we can refresh the report when the user opens it. Without having the user to click on refresh ? We are having some JS code in the report and without refresh it doesn't seem to fetch the latest values. Thanks in Advance.

  • How to display group data only when the particular group is clicked

    Hi frnds, I want to design my report as follows: Data is grouped by country, and for each country it is showing details for that country. I need to find out a way to display all group names first.  E.g. Argentina Aruba Australia And on click of parti