User Management in XI implementation
Hi,
Could someone provide me the user management and authorization assignment in an XI implementation.
What are the authorizations that shall be given to an XI developer. In our case the XI developer is doing admuin work also like SLD config etc. But still as an administrator I do not want to give him all the authorizations. Is there any standard XI implementation methodology?
Regards,
Shobhit
Hi Shobit,
you have several roles:
SAP_XI_DISPLAY_USER
SAP_XI_DEVELOPER
SAP_XI_CONFIGURATOR
SAP_XI_CONTENT_ORGANIZER
SAP_XI_MONITOR
SAP_XI_ADMINISTRATOR
SAP_SLD_CONFIGURATOR
SAP_SLD_ADMINISTRATOR
Most of them are composed from other roles. Look to transaction PFCG to see the single roles and a description.
For Java stack authorisations have a look to Michals weblog
<a href="/people/michal.krawczyk2/blog/2005/05/25/xi-how-to-add-authorizations-to-repository-objects: How to... add authorizations to Repository objects</a>.
Regards,
Udo
Similar Messages
-
Central User Management Implementation
H
In one of our customer landscape, there are 10 prod instances and Virsa is checking the conflicts against each system.
Now the customer would like to adopt to Central User Management (where users and roles are maintained centrally from one instance).
We would like know if single/composite roles can be administered centrally and what changes are needed for Virsa to check conflicts from CUA central system?
Regards
MadhuYou're right, CUA would be perfect for you. I'm afraid you don't understand what CUA does. In your situation you'd have a CUA master client and 14 child clients. When you connect a child client to the master you run SCUG on the CUA (master) to synchronize the user and role INFORMATION (not the actual users and roles) So the users and roles do not exist on the parent CUA system.
And the roles do not have to be consolidated because they STILL exist only in the CHILD systems.
Now do you see why you cannot connect Virsa to the CUA system? There's NOTHING on the CUA system for Virsa to analyze -
Hi, i'd like to utilize the J2EE capabilities for user management in my web application. I had a look at the Tomcat security sample which provides automatic login whenever a user tries to access a protected resource. This looks promising but the only drawback here is how the list of users is kept: the list is hold in a xml file.
My question now: is there any way to utilize the J2EE capabilities but have a list of users maintained in a database? I've searched the BluePrints patterns, read 'Designing Enterprise Applications' and the J2EE tutorial but found nothing about user management.
Thanks in advance for your comments or pointers.
MarkusCheck out the Tomcat documentation. Tomcat uses Realms to handle the security mechanism. By default a Realm is selected that gets all user information from an XML file. There is, however, an implementation of a JDBCRealm that gets its info from a database. I can't give it you a link.. but if you check out www.apache.org you should be able to find it.
Good luck.
Rune Bj�rnstad -
User management and Access Control in HCM Cloud
Hello,
Information is scarce about User management and Access Control in Oracle Cloud generally. Today, I have two questions :
- How can I bridge HCM Cloud user store with my on-premise IDM or security repository in order to allow identty governance to flow to HCM Cloud service ?
The only information I got was that you can declare manually and by bulk import through files my users. This is not really interresting as I have an automatic IDM with workflows and identity control on provisioning and de-provisioning.
Is there a SPML or proprietary endpoint to do it automatically ? What are the prerequisites ? Do I have to implement OIM on my side ?
- Once my users are created, how can I do webSSO from my internal security repositories to the HCM Cloud service ?
I do not want to distribute new set of login / passwords to my users. Is it possible to do Identity Federation (SAML 2.0 or WS-Fed) with HCM Cloud service ? What are the prerequisites ? Do I have to implement OAM on my side ?
I accept all pieces of information you can give me on this topic to help me understand the funcitonalites, limits and options offered by Oracle Cloud and more precisely by HCM Cloud service.
Best regards,OIDDAS has limited capability of access control and information hiding. Presently, the permissions and privileges can be set at a realm level, and fine grained access control / information hiding cannot be done.
At present, the only way to restrict view and access control is by appplying ACLs (which is not the safest bet). -
User management in SAP web AS Java
My company currently has a user management concept in place for BASIS. These concepts follow the segregation of duties principle. So for example a system administrator can grant rights to end-users but he can't change content himself. This concept was put in place to comply with SOX.
Now my company would like the same principles to be implemented in SAP web AS Java. I have searched the forums, blogs and notes, but i can't seem to find some best practices regarding the matter.
As I have difficulties finding these I am wondering if it is perhaps not needed from a SOX point of view, as the web AS Java doesn't directly access content, does this make sense?
Regardless of the SOX point of view I still believe the problem exists because anyone can mess up your portal environment if the user management is not handled correctly. So does sap have some best practices regarding user management in the web AS Java?
Any feedback on these 2 questions would be great!Hi,
when I hear these types of requirements I always think of IdM. Any IdM (not only from SAP) allows you to easily satisfy all SOX requirements. I understand that implementing IdM solution is not an easy task but you might get additional benefits from it like reduction of service desk calls and so on, not only compliance.
Cheers -
I am implementing an IDM solution from another vendor. The consultant is telling me that all user group management must now be accomplished with the IDM solution. And if group membership is changed with another method (ADUC or PowerShell), it will be overwritten
by IDM upon the next change within IDM. the app wants to lead now that it is in place.
I find real issue with this. I am loath to give up powershell and ADUC. Is this true? Do all IDM solutions require you to use them for all ongoing user management? Note: I am talking about group management mostly, not every possible aspect of user management.
Is this how FIM works?
Thanks,
PaulThe basic concept in FIM is the same. If a group is managed by FIM it should only be managed by FIM.
But please note that this can be implemented on a per group basis. Meaning that one group can be managed by FIM and another can still be managed by other ways. It is typical that some groups are managed by HR system (organisational groups), others are managed
manually in AD and yet other groups are managed by FIM to take advantage of the dynamic groups and self-service aspects in FIM.
The problem is called precedence in FIM, for each attribute on each object there is only one "winner". If FIM has higher precedence than AD for the member attribute for a specific group then FIM will overwrite any changes made in AD on the member attribute. -
BPC Mass User Management Tool error in BPC 10
Hello,
I've downloaded tranport files from How to use BPC Mass User Management Tool in Netweaver. But Transport import fails with RC12 without any shortdump. ABAP program ZUJE_MASS_USER_MGMT is not created.
Version used - BPC 10 CPMBPC 801 on Netweaver 7.4 .
Thanks in advance for your inputs.Tried changing transport options but no luck. Transport failed with status RC12 without creating ABAP program. However, Old version transport files imported with error. But I could not find METHOD check_bpc_component_is_valid.
Can anyone please send the updated program.
*& Report ZUJE_MASS_USER_MGMT
*& Created By: Rich Heilman SAP Labs, LLC
*& Created On: 08/2/2010
REPORT zuje_mass_user_mgmt.
TYPE-POOLS: abap, vrm.
* CLASS lcl_application DEFINITION
CLASS lcl_application DEFINITION FINAL.
PUBLIC SECTION.
CONSTANTS: lc_comma TYPE char01 VALUE ',',
lc_pipe TYPE char01 VALUE '|',
lc_tab TYPE char10 VALUE 'TAB'.
TYPES: BEGIN OF t_appldim,
appl_id TYPE uj_appl_id,
dimension TYPE uj_dim_name,
END OF t_appldim.
TYPES: BEGIN OF t_appldimmembers,
appl_id TYPE uj_appl_id,
dimension TYPE uj_dim_name,
member TYPE uj_dim_member,
END OF t_appldimmembers.
CLASS-METHODS: file_f4 RETURNING value(r_file) TYPE string,
directory_f4 RETURNING value(r_path) TYPE string,
get_initial_directory RETURNING value(r_path) TYPE string,
set_delimiter_listbox,
set_delimiter,
export_users_to_file,
import_users_from_file,
export_teams_to_file,
import_teams_from_file,
export_team_assign_to_file,
import_team_assign_from_file,
export_task_profiles_to_file,
import_task_profiles_from_file,
export_mem_profiles_to_file,
import_mem_profiles_from_file,
export_tap_assign_to_file,
import_tap_assign_from_file,
export_map_assign_to_file,
import_map_assign_from_file,
get_appset_data IMPORTING i_appset_id TYPE uj_appset_id
EXCEPTIONS appset_not_found .
PRIVATE SECTION.
CLASS-DATA: lv_appset_id TYPE uja_s_appset_info-appset_id.
CLASS-DATA: lv_delimiter TYPE string.
CLASS-DATA: ls_appset_info TYPE uja_s_appset_info.
CLASS-DATA: lt_appl_info TYPE uja_t_appl_info.
CLASS-DATA: lt_appl_dim TYPE TABLE OF t_appldim.
CLASS-DATA: lt_members TYPE TABLE OF t_appldimmembers.
CLASS-DATA: lt_teams_list TYPE uje_t_team.
CLASS-DATA: lt_users_list TYPE uje_t_user.
CLASS-DATA: lt_tprofs TYPE uje_t_api_profile_id.
CLASS-DATA: lt_mprofs TYPE uje_t_api_profile_id.
CLASS-DATA: lt_tasks TYPE uje_t_role_tskasg.
CLASS-DATA: lt_roles TYPE uje_t_role.
CLASS-DATA: lo_context TYPE REF TO if_uj_context.
CLASS-DATA: lt_alv_messages TYPE uj0_t_message.
CLASS-METHODS: set_global_context,
render_alv,
upload IMPORTING i_filepath TYPE any
RETURNING value(rt_strtab) TYPE stringtab,
download IMPORTING i_filepath TYPE any
it_datatab TYPE STANDARD TABLE,
user_is_valid IMPORTING i_user_id TYPE any
RETURNING value(r_boolean) TYPE abap_bool,
team_is_valid IMPORTING i_team_id TYPE any
RETURNING value(r_boolean) TYPE abap_bool,
tprofile_is_valid IMPORTING i_profile_id TYPE any
RETURNING value(r_boolean) TYPE abap_bool,
mprofile_is_valid IMPORTING i_profile_id TYPE any
RETURNING value(r_boolean) TYPE abap_bool,
role_is_valid IMPORTING i_role_id TYPE any
RETURNING value(r_boolean) TYPE abap_bool,
task_is_valid IMPORTING i_task_id TYPE any
RETURNING value(r_boolean) TYPE abap_bool.
ENDCLASS. "lcl_application DEFINITION
SELECTION-SCREEN BEGIN OF BLOCK b1 WITH FRAME TITLE text-001.
PARAMETERS: p_export RADIOBUTTON GROUP grp1 DEFAULT 'X' USER-COMMAND chk.
PARAMETERS: p_import RADIOBUTTON GROUP grp1.
SELECTION-SCREEN END OF BLOCK b1.
SELECTION-SCREEN BEGIN OF BLOCK b2 WITH FRAME TITLE text-002.
PARAMETERS: p_appset TYPE uja_appset_info-appset_id.
PARAMETERS: p_file TYPE string LOWER CASE.
PARAMETERS: p_delmt TYPE char10 AS LISTBOX VISIBLE LENGTH 20
DEFAULT lcl_application=>lc_comma. "delimiter
SELECTION-SCREEN END OF BLOCK b2.
SELECTION-SCREEN BEGIN OF BLOCK b3 WITH FRAME TITLE text-003.
PARAMETERS: p_eusers RADIOBUTTON GROUP grp2 MODIF ID exp.
PARAMETERS: p_eteams RADIOBUTTON GROUP grp2 MODIF ID exp.
PARAMETERS: p_eteama RADIOBUTTON GROUP grp2 MODIF ID exp.
PARAMETERS: p_etprof RADIOBUTTON GROUP grp2 MODIF ID exp.
PARAMETERS: p_emprof RADIOBUTTON GROUP grp2 MODIF ID exp.
PARAMETERS: p_etprfa RADIOBUTTON GROUP grp2 MODIF ID exp.
PARAMETERS: p_emprfa RADIOBUTTON GROUP grp2 MODIF ID exp.
SELECTION-SCREEN END OF BLOCK b3.
SELECTION-SCREEN BEGIN OF BLOCK b4 WITH FRAME TITLE text-004.
PARAMETERS: p_iusers RADIOBUTTON GROUP grp3 MODIF ID imp.
PARAMETERS: p_iteams RADIOBUTTON GROUP grp3 MODIF ID imp.
PARAMETERS: p_iteama RADIOBUTTON GROUP grp3 MODIF ID imp.
PARAMETERS: p_itprof RADIOBUTTON GROUP grp3 MODIF ID imp.
PARAMETERS: p_improf RADIOBUTTON GROUP grp3 MODIF ID imp.
PARAMETERS: p_itprfa RADIOBUTTON GROUP grp3 MODIF ID imp.
PARAMETERS: p_imprfa RADIOBUTTON GROUP grp3 MODIF ID imp.
SELECTION-SCREEN END OF BLOCK b4.
INITIALIZATION.
p_file = lcl_application=>get_initial_directory( ).
lcl_application=>set_delimiter_listbox( ).
AT SELECTION-SCREEN OUTPUT.
LOOP AT SCREEN.
IF p_export = abap_true AND screen-group1 = 'IMP'.
screen-active = '0'.
ENDIF.
IF p_import = abap_true AND screen-group1 = 'EXP'.
screen-active = '0'.
ENDIF.
MODIFY SCREEN.
ENDLOOP.
AT SELECTION-SCREEN.
CASE abap_true.
WHEN p_export.
CLEAR: p_iusers, p_iteams, p_iteama, p_itprof,
p_improf, p_itprfa, p_imprfa.
WHEN p_import.
CLEAR: p_eusers, p_eteams, p_eteama, p_etprof,
p_emprof, p_etprfa, p_emprfa.
ENDCASE.
IF sy-ucomm <> 'CHK'.
IF p_appset IS INITIAL.
MESSAGE e001(00) WITH 'Please enter an AppSet Id'.
ENDIF.
IF p_file IS INITIAL.
MESSAGE e001(00) WITH 'Please enter a valid directory or file'.
ENDIF.
IF p_delmt IS INITIAL.
MESSAGE e001(00) WITH 'Please specify a delimiter'.
ENDIF.
ENDIF.
AT SELECTION-SCREEN ON VALUE-REQUEST FOR p_file.
CASE abap_true.
WHEN p_export. p_file = lcl_application=>directory_f4( ).
WHEN p_import. p_file = lcl_application=>file_f4( ).
ENDCASE.
START-OF-SELECTION.
lcl_application=>set_delimiter( ).
lcl_application=>get_appset_data(
EXPORTING
i_appset_id = p_appset
EXCEPTIONS
appset_not_found = 1 ).
IF sy-subrc <> 0.
RETURN.
ENDIF.
CASE abap_true.
WHEN p_eusers. lcl_application=>export_users_to_file( ).
WHEN p_iusers. lcl_application=>import_users_from_file( ).
WHEN p_eteams. lcl_application=>export_teams_to_file( ).
WHEN p_iteams. lcl_application=>import_teams_from_file( ).
WHEN p_eteama. lcl_application=>export_team_assign_to_file( ).
WHEN p_iteama. lcl_application=>import_team_assign_from_file( ).
WHEN p_etprof. lcl_application=>export_task_profiles_to_file( ).
WHEN p_itprof. lcl_application=>import_task_profiles_from_file( ).
WHEN p_emprof. lcl_application=>export_mem_profiles_to_file( ).
WHEN p_improf. lcl_application=>import_mem_profiles_from_file( ).
WHEN p_etprfa. lcl_application=>export_tap_assign_to_file( ).
WHEN p_itprfa. lcl_application=>import_tap_assign_from_file( ).
WHEN p_emprfa. lcl_application=>export_map_assign_to_file( ).
WHEN p_imprfa. lcl_application=>import_map_assign_from_file( ).
ENDCASE.
* CLASS lcl_application IMPLEMENTATION
CLASS lcl_application IMPLEMENTATION.
METHOD file_f4.
DATA: lt_file_table TYPE filetable.
DATA: ls_file_table LIKE LINE OF lt_file_table.
DATA: lv_rc TYPE sy-subrc.
cl_gui_frontend_services=>file_open_dialog(
CHANGING
file_table = lt_file_table
rc = lv_rc ).
CLEAR ls_file_table .
READ TABLE lt_file_table INTO ls_file_table INDEX 1.
IF sy-subrc = 0.
r_file = ls_file_table-filename.
ENDIF.
ENDMETHOD. "file_f4
METHOD directory_f4.
cl_gui_frontend_services=>directory_browse(
CHANGING
selected_folder = r_path
EXCEPTIONS
OTHERS = 4 ).
ENDMETHOD. "directory_f4
METHOD upload.
cl_gui_frontend_services=>gui_upload(
EXPORTING
filename = i_filepath
CHANGING
data_tab = rt_strtab
EXCEPTIONS
OTHERS = 19 ).
IF sy-subrc <> 0.
MESSAGE e001(00) WITH 'File not found, check file path and name'.
ENDIF.
DELETE rt_strtab WHERE table_line IS INITIAL.
ENDMETHOD. "upload
METHOD download.
DATA: lt_datatab TYPE stringtab.
DATA: ls_datatab LIKE LINE OF lt_datatab.
FIELD-SYMBOLS: <ls_data> TYPE ANY.
FIELD-SYMBOLS: <lv_field> TYPE ANY.
* Convert table to delimited string table
LOOP AT it_datatab ASSIGNING <ls_data>.
CLEAR ls_datatab.
DO.
ASSIGN COMPONENT sy-index
OF STRUCTURE <ls_data> TO <lv_field>.
IF sy-subrc <> 0.
EXIT.
ENDIF.
IF ls_datatab IS INITIAL.
ls_datatab = <lv_field>.
ELSE.
CONCATENATE ls_datatab <lv_field>
INTO ls_datatab SEPARATED BY lcl_application=>lv_delimiter.
ENDIF.
ENDDO.
APPEND ls_datatab TO lt_datatab.
ENDLOOP.
cl_gui_frontend_services=>gui_download(
EXPORTING
filename = i_filepath
CHANGING
data_tab = lt_datatab
EXCEPTIONS
OTHERS = 24 ).
IF sy-subrc <> 0.
MESSAGE e001(00)
WITH 'File not downloaded, check file path and name'.
ENDIF.
ENDMETHOD. "download
METHOD get_initial_directory.
cl_gui_frontend_services=>get_desktop_directory(
CHANGING
desktop_directory = r_path ).
cl_gui_cfw=>flush( ).
CONCATENATE r_path '\*.csv' INTO r_path.
ENDMETHOD. "get_initial_directory
METHOD export_users_to_file.
TYPES: BEGIN OF t_output,
user_id TYPE uje_user-user_id,
fullname TYPE uje_user-fullname,
email TYPE uje_user-email,
END OF t_output.
DATA: lt_user_id TYPE uje_t_api_user_id.
DATA: lt_users TYPE uje_t_user.
DATA: ls_users LIKE LINE OF lt_users.
DATA: lt_output TYPE TABLE OF t_output.
DATA: ls_output LIKE LINE OF lt_output.
lcl_application=>set_global_context( ).
CALL FUNCTION 'UJE_API_GET_LIST_USERS'
EXPORTING
i_appset_id = lcl_application=>lv_appset_id
is_user = lcl_application=>lo_context->ds_user
it_user_id = lt_user_id
IMPORTING
et_user = lt_users.
REFRESH lt_output.
LOOP AT lt_users INTO ls_users.
MOVE-CORRESPONDING ls_users TO ls_output.
APPEND ls_output TO lt_output.
ENDLOOP.
* Download table
lcl_application=>download( EXPORTING i_filepath = p_file
it_datatab = lt_output ).
ENDMETHOD. "export_users_to_file
METHOD import_users_from_file.
DATA: lv_action TYPE uj_action.
DATA: lv_success TYPE uj_bool.
DATA: ls_user_info TYPE uje_s_userinfo.
DATA: lt_messages TYPE uj0_t_message.
DATA: ls_alv_messages LIKE LINE OF lt_alv_messages.
DATA: lt_team_asin TYPE uje_t_user_team.
DATA: lt_tprofiles TYPE uje_t_profile_id_act.
DATA: lt_mprofiles TYPE uje_t_profile_id_act.
DATA: lt_strtab TYPE stringtab.
DATA: ls_strtab LIKE LINE OF lt_strtab.
lt_strtab = lcl_application=>upload( p_file ).
LOOP AT lt_strtab INTO ls_strtab.
SPLIT ls_strtab AT lcl_application=>lv_delimiter INTO ls_user_info-user_id
ls_user_info-fullname
ls_user_info-email.
* Check if user already exists, and set action accordingly.
IF lcl_application=>user_is_valid( ls_user_info-user_id ) = abap_false.
lv_action = 'I'.
ELSE.
lv_action = 'M'.
ENDIF.
CALL FUNCTION 'UJE_API_MANAGE_USER2'
EXPORTING
i_appset_id = lcl_application=>lv_appset_id
is_user = lcl_application=>lo_context->ds_user
is_user_info = ls_user_info
i_action = lv_action
it_team_asin = lt_team_asin
it_tprofile_id = lt_tprofiles
it_mprofile_id = lt_mprofiles
IMPORTING
e_success = lv_success
et_message_lines = lt_messages.
IF lv_success = 'Y'.
CLEAR ls_alv_messages.
ls_alv_messages-msgid = '00'.
ls_alv_messages-msgty = 'S'.
ls_alv_messages-msgno = '001'.
CONCATENATE 'User ID' ls_user_info-user_id
'has been created/updated successfully'
INTO ls_alv_messages-message SEPARATED BY space.
APPEND ls_alv_messages TO lt_alv_messages.
ELSE.
APPEND LINES OF lt_messages TO lt_alv_messages.
CLEAR ls_alv_messages.
ls_alv_messages-msgid = '00'.
ls_alv_messages-msgty = 'E'.
ls_alv_messages-msgno = '001'.
CONCATENATE 'User ID' ls_user_info-user_id
'not created/updated due to error'
INTO ls_alv_messages-message SEPARATED BY space.
APPEND ls_alv_messages TO lt_alv_messages.
ENDIF.
ENDLOOP.
lcl_application=>render_alv( ).
ENDMETHOD. "create_users_from_file
METHOD export_teams_to_file.
TYPES: BEGIN OF t_output,
team_id TYPE uje_s_team-team_id,
description TYPE uje_s_team-description,
END OF t_output.
DATA: lt_teams TYPE uje_t_team.
DATA: ls_teams LIKE LINE OF lt_teams.
DATA: lt_output TYPE TABLE OF t_output.
DATA: ls_output LIKE LINE OF lt_output.
CALL FUNCTION 'UJE_API_GET_TEAMS'
EXPORTING
i_appset_id = lcl_application=>lv_appset_id
is_user = lcl_application=>lo_context->ds_user
IMPORTING
et_team = lt_teams.
REFRESH lt_output.
LOOP AT lt_teams INTO ls_teams.
MOVE-CORRESPONDING ls_teams TO ls_output.
APPEND ls_output TO lt_output.
ENDLOOP.
* Download table
lcl_application=>download( EXPORTING i_filepath = p_file
it_datatab = lt_output ).
ENDMETHOD. "export_teams_to_file
METHOD import_teams_from_file.
DATA: lv_action TYPE uj_action.
DATA: lv_success TYPE uj_bool.
DATA: ls_team TYPE uje_s_team.
DATA: lt_messages TYPE uj0_t_message.
DATA: ls_alv_messages LIKE LINE OF lt_alv_messages.
DATA: lt_users TYPE uje_t_user_team.
DATA: lt_tprofiles TYPE uje_t_profile_id_act.
DATA: lt_mprofiles TYPE uje_t_profile_id_act.
DATA: lt_strtab TYPE stringtab.
DATA: ls_strtab LIKE LINE OF lt_strtab.
lt_strtab = lcl_application=>upload( p_file ).
LOOP AT lt_strtab INTO ls_strtab.
SPLIT ls_strtab AT lcl_application=>lv_delimiter INTO ls_team-team_id
ls_team-description.
* Check if team is already a valid team, set action appropriatly
IF lcl_application=>team_is_valid( ls_team-team_id ) = abap_false.
lv_action = 'I'.
ELSE.
lv_action = 'M'.
ENDIF.
CALL FUNCTION 'UJE_API_MANAGE_TEAM2'
EXPORTING
i_appset_id = lcl_application=>lv_appset_id
is_user = lcl_application=>lo_context->ds_user
is_team = ls_team
i_action = lv_action
it_users = lt_users
it_tprofile_id = lt_tprofiles
it_mprofile_id = lt_mprofiles
IMPORTING
e_success = lv_success
et_message_lines = lt_messages.
IF lv_success = 'Y'.
CLEAR ls_alv_messages.
ls_alv_messages-msgid = '00'.
ls_alv_messages-msgty = 'S'.
ls_alv_messages-msgno = '001'.
CONCATENATE 'Team' ls_team-team_id
'has been created/updated successfully'
INTO ls_alv_messages-message SEPARATED BY space.
APPEND ls_alv_messages TO lt_alv_messages.
ELSE.
APPEND LINES OF lt_messages TO lt_alv_messages.
CLEAR ls_alv_messages.
ls_alv_messages-msgid = '00'.
ls_alv_messages-msgty = 'E'.
ls_alv_messages-msgno = '001'.
CONCATENATE 'Team' ls_team-team_id
'not created/updated due to error'
INTO ls_alv_messages-message SEPARATED BY space.
APPEND ls_alv_messages TO lt_alv_messages.
ENDIF.
ENDLOOP.
lcl_application=>render_alv( ).
ENDMETHOD. "create_teams_from_file
METHOD export_team_assign_to_file.
TYPES: BEGIN OF t_user_assign,
user_id TYPE uje_s_user_team-user_id,
team_id TYPE uje_s_user_team-team_id,
teamleader TYPE uje_s_user_team-teamleader,
END OF t_user_assign.
DATA: lt_user_det TYPE uje_t_user_detail.
DATA: ls_user_det LIKE LINE OF lt_user_det.
DATA: ls_user_team TYPE uje_s_user_team.
DATA: lt_team_assign TYPE TABLE OF t_user_assign.
DATA: ls_team_assign LIKE LINE OF lt_team_assign.
CALL FUNCTION 'UJE_API_GET_USERDATA'
EXPORTING
i_appset_id = lcl_application=>lv_appset_id
is_user = lcl_application=>lo_context->ds_user
IMPORTING
et_user = lt_user_det.
LOOP AT lt_user_det INTO ls_user_det.
LOOP AT ls_user_det-t_team_id INTO ls_user_team.
MOVE-CORRESPONDING ls_user_team TO ls_team_assign.
APPEND ls_team_assign TO lt_team_assign.
ENDLOOP.
ENDLOOP.
* Download table
lcl_application=>download( EXPORTING i_filepath = p_file
it_datatab = lt_team_assign ).
ENDMETHOD. "export_team_assign_to_file
METHOD import_team_assign_from_file.
TYPES: BEGIN OF t_user_assign,
user_id TYPE uje_s_user_team-user_id,
team_id TYPE uje_s_user_team-team_id,
teamleader TYPE uje_s_user_team-teamleader,
END OF t_user_assign.
DATA: lv_success TYPE uj_bool.
DATA: lt_user_team_temp TYPE uje_t_user_team.
DATA: ls_user_team_temp TYPE uje_s_user_team.
DATA: lt_user_team TYPE uje_t_user_team.
DATA: ls_user_team TYPE uje_s_user_team.
DATA: ls_team_assign TYPE uje_s_user_team.
DATA: lt_messages TYPE uj0_t_message.
DATA: ls_alv_messages LIKE LINE OF lt_alv_messages.
DATA: lt_tprofiles TYPE uje_t_profile_id_act.
DATA: ls_tprofiles LIKE LINE OF lt_tprofiles.
DATA: lt_mprofiles TYPE uje_t_profile_id_act.
DATA: ls_mprofiles LIKE LINE OF lt_mprofiles.
DATA: lt_tprofile_ids TYPE uje_t_api_profile_id.
DATA: ls_tprofile_ids LIKE LINE OF lt_tprofile_ids.
DATA: lt_mprofile_ids TYPE uje_t_api_profile_id.
DATA: ls_mprofile_ids LIKE LINE OF lt_mprofile_ids.
DATA: lt_strtab TYPE stringtab.
DATA: ls_strtab LIKE LINE OF lt_strtab.
DATA: ls_teams_list LIKE LINE OF lt_teams_list.
lt_strtab = lcl_application=>upload( p_file ).
LOOP AT lt_strtab INTO ls_strtab.
SPLIT ls_strtab AT lcl_application=>lv_delimiter INTO ls_team_assign-user_id
ls_team_assign-team_id
ls_team_assign-teamleader.
CLEAR ls_user_team.
ls_user_team-user_id = ls_team_assign-user_id.
ls_user_team-team_id = ls_team_assign-team_id.
ls_user_team-teamleader = ls_team_assign-teamleader.
TRANSLATE ls_user_team-teamleader USING 'YXyX1XxXN n 0 '. "Translate to X or space
APPEND ls_user_team TO lt_user_team.
IF lcl_application=>team_is_valid( ls_team_assign-team_id ) = abap_false.
CLEAR ls_alv_messages.
ls_alv_messages-msgid = '00'.
ls_alv_messages-msgty = 'E'.
ls_alv_messages-msgno = '001'.
CONCATENATE 'Team' ls_team_assign-team_id 'does not yet exist.'
'No user assigments done.'
INTO ls_alv_messages-message SEPARATED BY space.
APPEND ls_alv_messages TO lt_alv_messages.
lcl_application=>render_alv( ).
RETURN.
ENDIF.
IF lcl_application=>user_is_valid( ls_team_assign-user_id ) = abap_false.
CLEAR ls_alv_messages.
ls_alv_messages-msgid = '00'.
ls_alv_messages-msgty = 'E'.
ls_alv_messages-msgno = '001'.
CONCATENATE 'User' ls_team_assign-user_id 'does not yet exist.'
'No user assigments done.'
INTO ls_alv_messages-message SEPARATED BY space.
APPEND ls_alv_messages TO lt_alv_messages.
lcl_application=>render_alv( ).
RETURN.
ENDIF.
ENDLOOP.
LOOP AT lcl_application=>lt_teams_list INTO ls_teams_list.
REFRESH lt_user_team_temp.
REFRESH lt_tprofile_ids.
REFRESH lt_mprofile_ids.
* Check that there is data for team assignment, otherwise skip
READ TABLE lt_user_team TRANSPORTING NO FIELDS
WITH KEY team_id = ls_teams_list-team_id.
IF sy-subrc <> 0.
CONTINUE.
ENDIF.
* Get existing team data for this team.
CALL FUNCTION 'UJE_API_GET_TEAMDATA'
EXPORTING
i_appset_id = lcl_application=>lv_appset_id
is_user = lcl_application=>lo_context->ds_user
i_team_id = ls_teams_list-team_id
IMPORTING
et_user_team = lt_user_team_temp
et_tprofile_id = lt_tprofile_ids
et_mprofile_id = lt_mprofile_ids.
* Update with new users.
LOOP AT lt_user_team INTO ls_user_team
WHERE team_id = ls_teams_list-team_id.
MOVE-CORRESPONDING ls_user_team TO ls_user_team_temp.
APPEND ls_user_team_temp TO lt_user_team_temp.
ENDLOOP.
* Keep existing profiles.
REFRESH lt_tprofiles.
LOOP AT lt_tprofile_ids INTO ls_tprofile_ids.
ls_tprofiles-profile_id = ls_tprofile_ids-profile_id.
APPEND ls_tprofiles TO lt_tprofiles.
ENDLOOP.
REFRESH lt_mprofiles.
LOOP AT lt_mprofile_ids INTO ls_mprofile_ids.
ls_mprofiles-profile_id = ls_mprofile_ids-profile_id.
APPEND ls_mprofiles TO lt_mprofiles.
ENDLOOP.
* now update the user/team assignments
CALL FUNCTION 'UJE_API_MANAGE_TEAM2'
EXPORTING
i_appset_id = lcl_application=>lv_appset_id
is_user = lcl_application=>lo_context->ds_user
is_team = ls_teams_list
i_action = 'M'
it_users = lt_user_team_temp
it_tprofile_id = lt_tprofiles
it_mprofile_id = lt_mprofiles
IMPORTING
e_success = lv_success
et_message_lines = lt_messages.
IF lv_success = 'Y'.
CLEAR ls_alv_messages.
ls_alv_messages-msgid = '00'.
ls_alv_messages-msgty = 'S'.
ls_alv_messages-msgno = '001'.
CONCATENATE 'Team' ls_teams_list-team_id 'user assignments'
'have been updated successfully'
INTO ls_alv_messages-message SEPARATED BY space.
APPEND ls_alv_messages TO lt_alv_messages.
ELSE.
APPEND LINES OF lt_messages TO lt_alv_messages.
CLEAR ls_alv_messages.
ls_alv_messages-msgid = '00'.
ls_alv_messages-msgty = 'E'.
ls_alv_messages-msgno = '001'.
CONCATENATE 'Team' ls_teams_list-team_id 'user assignments'
'not updated due to error'
INTO ls_alv_messages-message SEPARATED BY space.
APPEND ls_alv_messages TO lt_alv_messages.
ENDIF.
ENDLOOP.
lcl_application=>render_alv( ).
ENDMETHOD. "import_team_assign_from_file
METHOD export_task_profiles_to_file.
TYPES: BEGIN OF t_output,
identifier TYPE char01, " Row Identifer
profile TYPE uj_profile_id,
values TYPE string,
END OF t_output.
DATA: ls_tprofs LIKE LINE OF lt_tprofs.
DATA: lv_profile TYPE uj_profile_id.
DATA: ls_profile TYPE uje_s_profile.
DATA: lt_role_id TYPE uje_t_api_role_id.
DATA: ls_role_id LIKE LINE OF lt_role_id.
DATA: lt_task_info TYPE uje_t_task_info.
DATA: ls_task_info LIKE LINE OF lt_task_info.
DATA: lt_users_asin TYPE uje_t_api_user_id.
DATA: ls_users_asin LIKE LINE OF lt_users_asin.
DATA: lt_teams_asin TYPE uje_t_api_team_id.
DATA: ls_teams_asin LIKE LINE OF lt_teams_asin.
DATA: lt_output TYPE TABLE OF t_output.
DATA: ls_output LIKE LINE OF lt_output.
LOOP AT lcl_application=>lt_tprofs INTO ls_tprofs.
lv_profile = ls_tprofs-profile_id.
* Get relevant data for task profile
CLEAR ls_profile.
REFRESH: lt_role_id, lt_task_info, lt_users_asin, lt_teams_asin.
CALL FUNCTION 'UJE_API_GET_TPROFILEDATA2'
EXPORTING
i_appset_id = lcl_application=>lv_appset_id
is_user = lcl_application=>lo_context->ds_user
i_profile_id = lv_profile
IMPORTING
es_profile = ls_profile
et_role_id = lt_role_id
et_task_info = lt_task_info
et_user_id = lt_users_asin
et_team_id = lt_teams_asin.
* Write Header row
CLEAR ls_output.
ls_output-identifier = 'H'.
ls_output-profile = lv_profile.
ls_output-values = ls_profile-description.
APPEND ls_output TO lt_output.
* Write task assigments
CLEAR ls_output.
ls_output-identifier = 'K'.
ls_output-profile = lv_profile.
LOOP AT lt_task_info INTO ls_task_info.
ls_output-values = ls_task_info-task_id.
APPEND ls_output TO lt_output.
ENDLOOP.
* Write role assigments
CLEAR ls_output.
ls_output-identifier = 'R'.
ls_output-profile = lv_profile.
LOOP AT lt_role_id INTO ls_role_id.
ls_output-values = ls_role_id-role_id.
APPEND ls_output TO lt_output.
ENDLOOP.
* Write user assignments
CLEAR ls_output.
ls_output-identifier = 'U'.
ls_output-profile = lv_profile.
LOOP AT lt_users_asin INTO ls_users_asin.
ls_output-values = ls_users_asin-user_id.
APPEND ls_output TO lt_output.
ENDLOOP.
* Write team assignments
CLEAR ls_output.
ls_output-identifier = 'T'.
ls_output-profile = lv_profile.
LOOP AT lt_teams_asin INTO ls_teams_asin.
ls_output-values = ls_teams_asin-team_id.
APPEND ls_output TO lt_output.
ENDLOOP.
ENDLOOP.
* Download table
lcl_application=>download( EXPORTING i_filepath = p_file
it_datatab = lt_output ).
ENDMETHOD. "export_task_profiles_to_file
METHOD import_task_profiles_from_file.
TYPES: BEGIN OF t_input,
identifier TYPE char01, " Row Identifer
profile TYPE uj_profile_id,
values TYPE string,
END OF t_input.
TYPES: BEGIN OF t_task_profile,
profile TYPE uje_s_profile,
roles TYPE uje_t_api_role_id,
task_info TYPE uje_t_task_info,
users_asin TYPE uje_t_api_user_id,
teams_asin TYPE uje_t_api_team_id,
END OF t_task_profile.
DATA: lt_task_profile TYPE TABLE OF t_task_profile.
DATA: ls_task_profile LIKE LINE OF lt_task_profile.
DATA: ls_alv_messages LIKE LINE OF lt_alv_messages.
DATA: lt_messages TYPE uj0_t_message.
DATA: lv_action TYPE uj_action.
DATA: lv_success TYPE uj_bool.
DATA: lv_last_profile TYPE uj_profile_id.
DATA: lt_role_id TYPE uje_t_api_role_id.
DATA: ls_role_id LIKE LINE OF lt_role_id.
DATA: lt_task_info TYPE uje_t_task_info.
DATA: ls_task_info LIKE LINE OF lt_task_info.
DATA: lt_users_asin TYPE uje_t_api_user_id.
DATA: ls_users_asin LIKE LINE OF lt_users_asin.
DATA: lt_teams_asin TYPE uje_t_api_team_id.
DATA: ls_teams_asin LIKE LINE OF lt_teams_asin.
DATA: lt_strtab TYPE stringtab.
DATA: ls_strtab LIKE LINE OF lt_strtab.
DATA: lt_input TYPE TABLE OF t_input.
DATA: ls_input LIKE LINE OF lt_input.
DATA: lt_obj_asin TYPE uje_t_profile_asin.
DATA: ls_obj_asin LIKE LINE OF lt_obj_asin.
DATA: lt_task_asin TYPE uje_t_task_id_act.
DATA: ls_task_asin LIKE LINE OF lt_task_asin.
* Upload file
lt_strtab = lcl_application=>upload( p_file ).
* Rip import file into internal table
LOOP AT lt_strtab INTO ls_strtab.
CLEAR ls_input.
SPLIT ls_strtab AT lcl_application=>lv_delimiter INTO ls_input-identifier
ls_input-profile
ls_input-values.
APPEND ls_input TO lt_input.
ENDLOOP.
* Build profile table containing all associated data
SORT lt_input STABLE ASCENDING BY profile identifier values.
LOOP AT lt_input INTO ls_input.
IF ls_input-profile <> lv_last_profile
AND lv_last_profile IS NOT INITIAL.
APPEND ls_task_profile TO lt_task_profile.
CLEAR ls_task_profile.
ENDIF.
* Based on record identifier
CASE ls_input-identifier.
WHEN 'H'. " Header
ls_task_profile-profile-profile_id = ls_input-profile.
ls_task_profile-profile-description = ls_input-values.
WHEN 'K'. " Task info
SPLIT ls_input-values AT lcl_application=>lv_delimiter INTO ls_task_info-task_id
ls_task_info-description.
IF lcl_application=>task_is_valid( ls_task_info-task_id ) = abap_false.
CLEAR ls_alv_messages.
ls_alv_messages-msgid = '00'.
ls_alv_messages-msgty = 'E'.
ls_alv_messages-msgno = '001'.
CONCATENATE 'Task ID' ls_task_info-task_id 'is not valid.'
'No task profile updates done.'
INTO ls_alv_messages-message SEPARATED BY space.
APPEND ls_alv_messages TO lt_alv_messages.
lcl_application=>render_alv( ).
RETURN.
ENDIF.
APPEND ls_task_info TO ls_task_profile-task_info.
WHEN 'R'. " Roles
ls_role_id = ls_input-values.
IF lcl_application=>role_is_valid( ls_role_id ) = abap_false.
CLEAR ls_alv_messages.
ls_alv_messages-msgid = '00'.
ls_alv_messages-msgty = 'E'.
ls_alv_messages-msgno = '001'.
CONCATENATE 'Role ID' ls_role_id 'is not valid.'
-
I have been using an ASP based user management system with an
Access
database and it has worked very well, however, I need to
implement a similar
system on a Linux server. I know you can password protect
sections of the
site using htaccess but I want something similar to what I
get with the ASP
system, ie user reg page and redirection pages for those who
enter wrong
details, duplicate usernames, password recovery, etc. Nothing
fancy, just
the basic functions to allow people to access restricted
areas of the site.
No payment will be involved, my client just wants to limit
access to certain
parts of the site to registered users.
Can anyone recommend something simple and easy to setup and
use? Either a DW
extension or standalone, bearing in mind I don't know PHP but
I can edit
code with a little guidance...
Many thanks in advanceDW has User Authentication server behaviors built in, you
know?
Murray --- ICQ 71997575
Adobe Community Expert
(If you *MUST* email me, don't LAUGH when you do so!)
==================
http://www.projectseven.com/go
- DW FAQs, Tutorials & Resources
http://www.dwfaq.com - DW FAQs,
Tutorials & Resources
==================
"polarl light" <[email protected]> wrote in message
news:g166m7$gvt$[email protected]..
>I have been using an ASP based user management system
with an Access
>database and it has worked very well, however, I need to
implement a
>similar system on a Linux server. I know you can password
protect sections
>of the site using htaccess but I want something similar
to what I get with
>the ASP system, ie user reg page and redirection pages
for those who enter
>wrong details, duplicate usernames, password recovery,
etc. Nothing fancy,
>just the basic functions to allow people to access
restricted areas of the
>site. No payment will be involved, my client just wants
to limit access to
>certain parts of the site to registered users.
>
> Can anyone recommend something simple and easy to setup
and use? Either a
> DW extension or standalone, bearing in mind I don't know
PHP but I can
> edit code with a little guidance...
>
> Many thanks in advance
> -
User management infrastructure
Hi all,
Could anybody help with portal/SEM authorization concept?
We have created quite complicated user management infrastructure, and we are not aware about possibilities to simple it.
Currently administrator should assign roles in three systems for one user.
Following steps are performed:
1. User is created in CUA(ERP, BW, SEM)
2. If user is portal user then additional roles are assigned in Portal.
3. In addition access to particular data are assigned in SEM(transaction RSECADMIN)
Our objective is to change Portal user store from SEM to LDAP server(MS Active Directory) and to create user and assign roles only in one system. SAP systems are running HP-UX operating system.
I would appreciate any suggestions.
Best Regards,
MarisMaris,
As I mentioned in my previous post you can save some maintenance effort when you assing Portal Roles only to ABAP Backend roles.
You are right on the fact that you have to do actions on 2 places: 1. Adding content to a portal role, 2. adding authorizations on the Backend. This is inherent to implementing a portal, everyone has to do this...
When you say that you want to intergrate non-sap into your portal then I must admit that moving towards LDAP is a good decsision.
When you move towards this solution I can advise you to look here: [Using an LDAP Directory Attribute as the ABAP User ID |http://help.sap.com/saphelp_nw70/helpdata/en/0b/d82c4142aef623e10000000a155106/frameset.htm]
Take a look here for more info on how to virtualize an LDAP with NetWeaver Identity management [Virtual Directory Server White Paper|https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/6083008b-cf14-2a10-9a95-cef182441cce]
Cheers,
Benjamin Houttuin -
Hi everyone,
I would like to discuss with you about User Management Strategy for multi-site MII implementations. What is the best architecture for the UME instances when you have MII users both on the corporate level and the shop floor level?
Consider we don't have a central MII server.
Regards,
HenryUser management can cause some difficulties, mixing disconnected operation support with distributed MII servers, but wanting to use LDAP from corporate. We all have used the term 'when SAP is unavailable' but what about 'when LDAP in unavailable' - the application may be buffered but the user logins would cause the issue.
Aside from having some form of federated/replicated LDAP I think the only option would be some essential backup local users in UME. I would imagine this would have been encountered with Enterprise Portal, or any other NW java apps in the past, but the potential for a distributed NW server (plant or region based) may be a bit different. The configuration of a solution would be done inside UME, but the best practices in this regard are what you're probably after.
I hope that some customers with more clear strategies in this area can share their insight in this thread. -
Hi,
Just want to know if anyone has used the user management module or done any customization with this module.
Let me know.
cheersThis is related to specific product implementation and not about oaf. Please post it in appropriate forum or let us know more about the oaf requirement in it.
--Mukul -
User "manager" need licence?
hi all,
i have licensend a company with 21 Users. After licensing its not possile to open any form with the user "manager" (only choose company). I get the error "you are not licensed to open form 866 rate input". Login works.
installation is 2007A PL30
maybe s.o. can help me?
thanks,
sabineHi,
no he have no licence but i understand the manager Account as inegrated support account. issn't he? (its my first implementation ) So i must change the prof. licence from a active user to my Support user? or buy a new one...
thanks for you replay. -
User Managed Back-up : ORA-00600: internal error code
Hallo!I was trying to assess whether I can implement a user managed Oracle 10g database backup of an orcl instance (for testing purposes).I know how to use RMAN but I am just curious about a user-managed back-up and recovery solution
My idea was to copy the db files (controlfiles,datafiles,redo log files)in the oradata/orcl directory to a different disk partition,delete the orcl folder,return the copied orcl folder to the oradata folder and startup the instance.
After doing this,I tried to startup the instance but it could only reach the mount stage.When I typed the alter database open command,the error below resulted
ORA-00600: internal error code, arguments: [kcratr1_lastbwr], [], [], [], [],[], [], []
I am aware I can use the recover database command in RMAN but for curiosity purposes,I would like to know if an alternative option exists to recover the db assuming a user managed backup without RMAN.
Thanks.My idea was to copy the db files (controlfiles,datafiles,redo log files)Was the database
a. SHUTDOWN IMMEDIATE/NORMAL before you did the copy
OR
b. in Backup mode with ALTER DATABASE BEGIN BACKUP
You need either of a. or b. (Oracle cannot stop you from copying files when the database is open but needs to know that they are copied in a fuzzy state and that is one of the several things that the ALTER DATABASE BEGIN BACKUP does).
If you used method b. you also need an ALTER DATABASE END BACKUP, ALTER SYSTEM SWITCH LOGFILE and a backup of the ArchiveLogs generated between the BEGIN BACKUP and END BACKUP.
Hemant K Chitale -
Within TestStand's Sequence Editor, with the User Manager, I added a user and gave him the Operate::Grant All privilege. I also have an Admin that requires a password. When I run my OI, I'm wondering why (when I login as the Operator) in the Configure menu, the Adapters, Station Options, Search Directories are all shown as selectable items. However, when selected, all the drop downs and or edit fields are either greyed out of inactive. First of all, why would an operator be allowed to configure these types of items. Second, in my application, I really don't want an operator to muck with such things - how do I either grey them all out or not show them at all? As additional info, I'm working with the LabVIEW8 version of the TestStand Operator Interface - I'm trying to customize it in several areas.
mrbean -
The TestStand 3.5 and earlier sequence editors do not allow you to customize which menus are available or visible. The only options are the ones based on the user priviledges defined for each user. Typically for these types of customizations, customers create their own operator interface using the development environment of their choice and use the TestStand OI Controls to implement the bulk of how the OI displays sequence files and executions. We hope to allow for more customization of the sequence editor in a future release.
Scott Richardson
National Instruments -
Differences between OA 11i and R12 on User Management
Hi All,
Please give some details about differences between OA 11i and R12 on User Management (Role Responsibilities and Role Based Access Control,etc).
Please advise me on this regard.
Moreover,I don't have any Metalink username and Password.
ThanksNew features introduced for User Management (UMX) in R12
The following are the new features introduced in R12 for User Management (UMX):
1)Proxy User:
This new functionality:
· Provides the delegator the ability to grant/revoke the proxy privilege to individuals
· Provide a mechanism throughout the application’s framework where the user can access the proxy switcher feature
· Provide a mechanism throughout the application’s framework which indicates to the user that they are acting as a proxy
· Provide the ability to track the delegate’s actions within the system, while the delegate is acting on behalf of the delegator (Audit)
Benefits of Proxy User:
Ability to delegate proxy authority provides great security controls and Granular control of proxy authority is provided i.e delegate authority can be specified for date ranges
2) ICM (Separation of Duties – SoD) Integration
Oracle User Management is integrated with Oracle Internal Controls Manager (ICM) for the prevention, detection, enforcement, and resolution of separation-of-duties constraints during the assignment of roles by administrators to users.
For example, a constraint (created using a set of ICM UIs) can be defined such that no user is allowed to have "Role A" and "Role B" at the same time. In such a case, anadministrator attempting to assign Role B to a user who already has Role A will be presented with a dialog page displaying the constraint violation information.
At this point, the administrator can take one of two actions:
• Go back to the role assignment page and remove the assignment that is causing the
violation.
• Override the constraint violation, if he has the "AMW: Allow SOD Violation
Override" permission granted to him.
With this permission, the administrator will see Apply and Cancel buttons on the constraint violation dialog page. Clicking Apply will override the constraint, and assign Role B to the user despite the warning. Clicking Cancel will cancel the save operation without granting Role B to the user.
UMX integration with ICM is enabled according to the setting of site-level profile option "UMX: Enable ICM Validation". The default value is "Yes".
3) Enhanced Forget Username/Password Functionality
Forgot Username Functionality is Introduced in R12 along with Forgot Password. So now Users can query on either lost “username” or lost “password” Users should enter email address if lost username and enter username if lost password
Users can now aslo reset username as part of email address verification instead of a two step process.
4)New Registration Process Type for Administrator Role Assignment
New Registration Process Type is introduced for type “Administrator Assisted Additional Access”
Different policies (registration processes) can be used as administrative actions vs. self service requests for
· Approval Routing
· UI
· Notifications
· Business Logic
Simpler registration processes can be created for self-service and administrator flavors
Support for alternative approvals for administrator role assignment is also introduced.
5) Security Wizard Infrastructure
a)Security Wizard Infrastructure
· Infrastructure for product teams to create their own security wizards in context of a role.
· Product teams can create their wizards and seed relevant information
· These wizards appear in list of security wizards available to the administrator when creating/updating role information
b)New User Interface for Delegated Administration
· Existing functionality(11.5.10) of delegated administration setup implemented using wizard infrastructure
· Wizard guides the user through what options they can set for a delegated administration
6) Search Enhancement for List of Value’s (LOV)
Search Enhancements has been made in LOV’s in User management.
a) All LOVs in User Management (UMX) are now searchable by
· Role
· Responsibility
· Both
· Internal Code
b)A type included in the results – to differentiate roles and responsibilities
Maybe you are looking for
-
Hi everyone, I am in a serious situation. I have this HP Touchsmart IQ526t that I bought in year 2009, recently the hard disk found faulty by hardware diagnostic tool. I ave replace a new 2G hard disk with 7200rpm. When I tried to install recovery di
-
Hi Experts, Can we create Landed cost transactions with more than one foreign currency? Example: Local & System currency is in Peso Insurance- Euro Freight- US Dollars Other LC is in Peso If not, do we have a work around for this requirement? Many th
-
Middleware errors from transaction smw01 in worklist
Hi, for all users the MW errors (transaction smw01) can be seen in the worklist as workflow items (7.0 SP4). Does anybody know how and where to deactivate these settings? Thanks & Regards, Wolfhard
-
Error while loading throug sql loader
Hi All, Trying to use sql loader in order to laod csv format data. However, during load, I come across with errors. Please find below my log,control and datafile. ------------Ctl File---------------- load data discardfile 'c:\dis.log' infile 'c:
-
Trackpad not registering my clicks
When I turn the computer on, the cursor will move around when I use my trackpad, but it won't click on anything. Sometimes, it's 'stuck' mid-action; for example, I turn it on and the pull-down menu under Finder on the menu bar is pulled down. As I