XI and SLD Admin Roles

Similar Messages

• How to copy and remove admin Role from SAP_ALL profile

  Hi SDN Experts,
  I need to copy SAP_ALL profile to another in CRM 5.0 system, thereafter i need to remove admin Role from SAP_ALL profile. Can any help regarding this point..
  regds
  gcp

  Chandra,
  I saw ur post in this forum regarding configuring sap intergration with genesys gplus adapter. We are in need of the same configuration. Can you please help me in configuring sap phone for gplus adapter. Reply me on [email protected]
  Thanks in Advance

• ESS - LWE html documents visble only to content and GP admin roles

  Hi,
  Some of the content(the html documents) in LWE is only visible for the administrator but not to all the other employees. Like New hire check list for 'My first days' is not visible to all the users, but is only visible to the user with roles content adminstrator and GP roles.
  Is ther eanything that needs to be done to rectify this.
  Appreciate any inputs.
  regadrs
  sam

  BP - My SAP ERP 2005
  regards
  Sam

• Are roles in SXMS_CONF_ITEMS and SLD consistent?

  hello!
  i installed and configured my new XI system.
  when i go in Runtime Workbench (via browser) i see an error in result of  Integration Engine monitor .
  "Are roles in SXMS_CONF_ITEMS and SLD consistent?"
  i check all in SLD and i think is ok.
  have you any suggestion?
  thanks
  Alex

  The role of a business system is defined centrally in the SLD.
  However, you can overwrite this setting locally in the table SXMS_CONF_ITEMS.
  This test checks whether the role descriptions are consistent. If not, the locally defined role is used at runtime.
  if helpful reward points are appreciated

• After installing contribute 6.5, I establish FTP connection, set admin role and the system crashes

  I've been using Contribute for over 9 years now.
  I am currently using Contribute 6.5 version.
  After installing, creating a connection with the FTP, setting up Admin roles, an error message appears and then the system crashes.
  Why is this happening?
  It has never happened before!

  Hi There,
  Can you confirm your Operating System ?
  What error message are you getting?
  Regards,
  Ajit

• Difference between roles Administrator and Super admin

  Dear Portal Gurus,
  Pls let me know the difference between
  roles Administrator and Super admin
  Thanks.
  Jack

  Hi Jack,
  The Administrator is the role that has all the rights that includes J2ee engine rights too but an superadmin is the one that has the role to the three admin roles that are
  Content Admin
  User Admin
  System Admin
  THIS IS THE BASIC DIFFERENCE BETWEEN SUPERADMIN AND ADMINISTRATOR.
  PS:Reward Point Please
  Regards,
  Naveen Gupta

• Question: Oracle Modules and the corresponding Admin Roles

  Hi,
  I would like to know what Admin module the following Oracle apps come under. For example, I know WSH (Shipping) comes under the Fulfillment Approver Admin. I would like similar information on the following modules.
  Here are the admin roles that we have:
  Planning Approver Admin
  Manufacturing Approver
  Fulfilment Approver Admin
  Configurator Approver Admin
  Inventory Management Approver Admin
  Here are the Oracle modules:
  BOM - Oracle Bills of Material
  ENG - Oracle Engineering
  INV - Oracle Inventory
  MRP - Oracle Master Scheduling/MRP
  WSH - Oracle Shipping
  WMS - Oracle Warehouse Management System
  WIP - Oracle Work in Process
  ISC - Supply Chain Intelligence
  CST
  MSC - Oracle Advanced Supply Chain Planning
  JA
  MSD - Oracle Demand Planning
  GMO
  GMF - Oracle Process Manufacturing Financials
  GMP - Oracle Process Manufacturing Process Planning
  WSM - Shop Floor Management
  Could you please match the apps with the respective admins?
  Greatly appreciate your help.
  Best Regards,
  William H. Andurss Jr.

  Here is my guess
  Planning Approver Admin => MRP,MSC, MSD
  Manufacturing Approver => WIP
  Fulfilment Approver Admin => WSH
  Configurator Approver Admin => BOM, ENG
  Inventory Management Approver Admin => INV
  Sandeep Gandhi

• In Portal Content admin Role "Portal content" folder is not displaying

  Hi,
        I created a user in EP and assign Only Content admin Role. But in portal content area "Portal content "folder is not displaying.
  Can someone help me the process steps to achieve it?
  Thanks,
  kundan

  It is because the user has no proper permissions  to the porta content folder.
  you should give atleast read permission to the portal content folder to the content_admin role or to the users who have content admin role.
  also make sure the end user check box is checked at the time of giving permissions.
  Otherwise give eevryone group as read permisisons to the portal content folder. then you can see the portal content folder with read permissiosn only.
  Raghu
  Edited by: Raghavendranath Garlapati on Sep 1, 2009 9:32 AM

• Is there any way to create admin role only for one resource.

  Hi all,
  I am trying to create an admin role with 'update user' capability. But I want to restrict the user(with the admin role) to be able to update a user's attribute only for one resource, The user(with the admin role) should not be able to update the attributes of the other resources which a user have.
  Is there any way to create admin role only for one resource?
  I customized the tabbed user form to show only one resource attribute (deleting the missing fields and adding my tab for the resource) and then assigned this new User Form to the user(with the admin role) in security tab.
  It works fine. But the problem is that if any user(with the admin role) is also admin of some other resource then he/she will not be able to view the other resource attributes.
  Please suggest,
  thanks

  The loop function always repeats the same region so of course the fade is also copied. So option+drag the original region to make a (non clone) copy, fade the first region and loop the second one (which you just copied).

• Pictures not loaded in a Web Page Composer site without admin role

  Hello!
  I have got an new problem concerning SAP Web Page Composer.
  I have created an new site with some paragraphs and some pictures. The problem is when I, with admin role, access this site I am able to see everything. When another user, without admin role, is trying to access this site he is able to see everything but the pictures. All paragraphs or linklists are displayed but the pictures are not available. When giving the user the admin role he also become able to see the pictures.
  I know it is a permisson problem but not know where I forgot to set the permissions to "every user". But I do not understand why this is only concerning the pictures and every other Web Page Composer element is displayed properly, although the pictures permissions set to the same as the other elements. When trying to access the pictures by the user without admin role NetWeaver is throwing following exception:
  "com.sapportals.portal.pcd.gl.PermissionControlException: Access denied (Object(s): portal_content/every_user/general/eu_role/com.sap.km.home_ws/com.sap.km.hidden/com.sap.km.urlaccess/com.sap.km.docs)"
  Thanks for your help in advance!
  Regards
  Georg

  The whole exception:
  [EXCEPTION]
  com.sapportals.portal.prt.runtime.PortalRuntimeException: Access is denied: pcd:portal_content/every_user/general/eu_role/com.sap.km.home_ws/com.sap.km.hidden/com.sap.km.urlaccess/com.sap.km.docs - user: Manager,
  at com.sapportals.portal.prt.deployment.DeploymentManager.getPropertyContentProvider(DeploymentManager.java:1932)
  at com.sapportals.portal.prt.core.broker.PortalComponentContextItem.refresh(PortalComponentContextItem.java:234)
  at com.sapportals.portal.prt.core.broker.PortalComponentContextItem.getContext(PortalComponentContextItem.java:316)
  at com.sapportals.portal.prt.component.PortalComponentRequest.getComponentContext(PortalComponentRequest.java:387)
  at com.sapportals.portal.prt.connection.PortalRequest.getRootContext(PortalRequest.java:488)
  at com.sapportals.portal.prt.core.PortalRequestManager.runRequestCycle(PortalRequestManager.java:607)
  at com.sapportals.portal.prt.connection.ServletConnection.handleRequest(ServletConnection.java:240)
  at com.sapportals.wcm.portal.connection.KmConnection.handleRequest(KmConnection.java:52)
  at com.sapportals.portal.prt.dispatcher.Dispatcher$doService.run(Dispatcher.java:524)
  at java.security.AccessController.doPrivileged(Native Method)
  at com.sapportals.portal.prt.dispatcher.Dispatcher.service(Dispatcher.java:407)
  at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
  at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
  at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
  at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
  at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
  at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
  at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
  at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
  at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
  at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
  at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
  at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
  at java.security.AccessController.doPrivileged(Native Method)
  at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:104)
  at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:176)
  Caused by: com.sapportals.portal.pcd.gl.PermissionControlException: Access denied (Object(s): portal_content/every_user/general/eu_role/com.sap.km.home_ws/com.sap.km.hidden/com.sap.km.urlaccess/com.sap.km.docs)
  at com.sapportals.portal.pcd.gl.PcdFilterContext.filterLookup(PcdFilterContext.java:422)
  at com.sapportals.portal.pcd.gl.PcdProxyContext.basicContextLookup(PcdProxyContext.java:1248)
  at com.sapportals.portal.pcd.gl.PcdProxyContext.basicContextLookup(PcdProxyContext.java:1254)
  at com.sapportals.portal.pcd.gl.PcdProxyContext.basicContextLookup(PcdProxyContext.java:1254)
  at com.sapportals.portal.pcd.gl.PcdProxyContext.basicContextLookup(PcdProxyContext.java:1254)
  at com.sapportals.portal.pcd.gl.PcdProxyContext.basicContextLookup(PcdProxyContext.java:1254)
  at com.sapportals.portal.pcd.gl.PcdProxyContext.basicContextLookup(PcdProxyContext.java:1254)
  at com.sapportals.portal.pcd.gl.PcdProxyContext.basicContextLookup(PcdProxyContext.java:1254)
  at com.sapportals.portal.pcd.gl.PcdProxyContext.basicContextLookup(PcdProxyContext.java:1254)
  at com.sapportals.portal.pcd.gl.PcdProxyContext.proxyLookupLink(PcdProxyContext.java:1353)
  at com.sapportals.portal.pcd.gl.PcdProxyContext.proxyLookup(PcdProxyContext.java:1300)
  at com.sapportals.portal.pcd.gl.PcdProxyContext.lookup(PcdProxyContext.java:1067)
  at com.sapportals.portal.pcd.gl.PcdGlContext.lookup(PcdGlContext.java:68)
  at com.sapportals.portal.pcd.gl.PcdURLContext.lookup(PcdURLContext.java:238)
  at javax.naming.InitialContext.lookup(InitialContext.java:347)
  at com.sapportals.portal.prt.deployment.DeploymentManager.getPropertyContentProvider(DeploymentManager.java:1919

• Creation of new admin role in Exchange Online Protecion

  HI,
  I am brand new with the Exchange Online Protection solution.
  I want to create a new admin role since the default one do not offer teh specific rights that we need for a group.
  I went in Exchange admin Center > Permissions > Admin role and we can only edit the actual default groups.
  I need to be able to create new one.
  I did read somewere some powershell command but, since this is cloud base solution, i have hard time to believe that there is no option to create a custom role on the actual web interface of EOP.
  Anybody have a solution for that ?
  Thx

  Hi,
  as far as I can see you can't create roles in EOP because there is access necessary to Exchange Online. EOP has only limited access to Exchange Online or no access. It seems to me that managing roles is not part of EOP.
  To be sure you should open a support case in the admin center.
  Greetings
  Christian
  Christian Groebner MVP Forefront

• IView and system admin objects appear changed or not registered when transported

  Hi,
  Recently we moved a few objects - iViews, pages and roles as epa and system admin objects as config archive and imported them manually to Test system. But when checked in the next landscape, the iView properties appear different. Eg. In Development system, the iView was unchecked for visibility option i.e. iView should not be visible. But when transported to test system, the property was checked and gave error. On reimporting, the same thing happened and we had to manually correct the property. This is not an expected behaviour and manual changes are not to happen after development changes.
  Similarly, though config archive import showed the 2 new system objects in the respective location of Test system, the expected functionality was not working. I checked this by deleting one of them and manually creating the same entry and it worked fine. So I also had to delete the 2nd one and create a manual entry. The system admin objects we used pertained to System Configuration  --> Content Mgmt--> Form Based Publishing --> Forms Availablity --> Folder Settings
  We also moved kmcs and they are reflecting properly with correct folder permissions.
  We don't understand why this is so occurring (iView and system admin entry appearing different or not getting registered )and never experienced such a case in previous projects. We don't want to face the issue going forward when transporting changes to staging and Prod systems.
  Please assist as to what went wrong or any probable cause and solution for same.
  Thanks,
  Janani

  Hi,
  Has anyone faced such a situation before and know the reason for same ?
  Regards,
  Janani

• XPRESS code to find all users with a specific Admin Role

  I've been playing around for a while with a way to get a list of all users that have been assigned a particular Admin Role. I have a role for which I want a specific subset of users to be approvers on it, and I want to greate a Rule that will check for people with a particular Admin Role and then return that list as people to be approvers on the role.
  I haven't been able to find an easy way to write this code. Anyone run across this before or have another suggestion???
  Thanks.

  Below is the code to find user based on condition.
  <set name='adminList'>
  <invoke name='getObjectNames' class='com.waveset.ui.FormUtil'>
  <ref>:display.session</ref>
  <s>User</s>
  <map>
  <s>conditions</s>
  <list>
  <new class='com.waveset.object.AttributeCondition'>
  <s>AdminRoles</s>
  <s>contains</s>
  <s>adminRoleName</s>
  </new>
  </list>
  </map>
  </invoke>
  </set>
  Edited by: Jay on Mar 7, 2012 4:03 AM

• OBIEE 11g  - Not able to see existing reports which are created by specific owner but I could able to see Admin role user reports.

  OBIEE 11g  - Not able to see existing reports which are created by specific owner but I could able to see Admin role user reports.
  Appreciated if you could able to help as soon as possible as I don' have back up for these disappeared reports.
  Pleas let me know if any additional information needed.

  Hi
  Thank you for the reply.
  Here one thing I would need to mention that those are created by me on last week, but when I check those today, I could not able to see or even admin also not able to see those. For sure no migration and updations happend over the week end, really not able to debug whats the issue around. Unfortunately I haven't taken back up as well.
  Please could you help and let me know whats the root cause and how I could able to restore.
  Best regards,
  Kumar

• Dynamic Admin Role Problems - IDM7.1

  Hi Everyone. I'm having problems getting a dynamic admin role to work correctly. No matter what I do I always get the error at logon that the user controls no organizations and has no capabilities. Here is how the admin role is configured.
  General:
  Type = Identity Objects
  Assigners = blank (I have also tried configurator)
  Organizations = Top
  Scope of Control:
  Controlled Organizations = Top
  None for everything else.
  Capabilities:
  All caps assigned, no cap rule.
  Assign to users:
  Has the rule below assigned to it. If I check a user that is in the AD group mentioned in the rule, it gives me a '1', if I check one that doesn't have the group, a '0'
  Rule:
  <?xml version='1.0' encoding='UTF-8'?>
  <!DOCTYPE Rule PUBLIC 'waveset.dtd' 'waveset.dtd'>
  <!--  MemberObjectGroups="#ID#Top" authType="UserIsAssignedAdminRoleRule" id="#ID#Rule:IAM Admin Admin Role Rule" lastMod="26" lastModifier="Configurator" name="IAM Admin Admin Role Rule"-->
  <Rule authType='UserIsAssignedAdminRoleRule' id='#ID#Rule:IAM Admin Admin Role Rule' name='IAM Admin Admin Role Rule' createDate='1239044336520' lastModifier='Configurator' lastModDate='1248287397906' lastMod='26'>
    <RuleArgument name='context'/>
    <RuleArgument name='runAsUser'/>
    <isTrue>
      <contains>
        <rule name='my_rulelibrary:get_DownCaseList'>
          <argument name='dnlist' value='$(runAsUser.accounts[AD].groups)'/>
        </rule>
        <downcase>
          <rule name='my_Configuration:IAM Admin Group Name'/>
        </downcase>
      </contains>
    </isTrue>
    <MemberObjectGroups>
      <ObjectRef type='ObjectGroup' id='#ID#Top' name='Top'/>
    </MemberObjectGroups>
  </Rule>I have also added the item below to the system configuration and reset the app server
  <Attribute name='authz'>
              <Object>
                <Attribute name='checkDynamicallyAssignedAdminRolesAtLoginTo'>
                  <Object>
                    <Attribute name='Administrator Interface'>
                      <Boolean>true</Boolean>
                    </Attribute>
                    <Attribute name='Service Provider User Interface'>
                      <Boolean>false</Boolean>
                    </Attribute>
                    <Attribute name='User Interface'>
                      <Boolean>true</Boolean>
                    </Attribute>
                  </Object>
                </Attribute>
              </Object>
            </Attribute>Any ideas?

  Hi,
  the view handed to these kind of rules is created with the noFetch option set to true. As a result the AD groups of the user are not available during rule evaluation.
  You could solve your task by doing a search using the FormUtil class.
  I would however advise you to only do this in a small or demo environment as the usage of usermember rules does not scale at all. This is a pure sales feature that will quickly bring down a production environment with high CPU utilization and horrible response times. Unlike what one might guess these rules are not only evaluated during login but almost all the time, often multiple times for each click. Even if the rule as such only performs cheap operations the AuthCache class hogs more and more CPU time with each rule of this kind you add to the system.
  Regards,
  Patrick