on 12-04-2012 8:12 AM
Hello,
We are working in implementation process of Solution Manager 7.1 SP06 (VAR) and we are looking for a solution to restrict search results of "installed base component" that the end user is authorized to select when he is creating an incident through WebUi, transaction code SM_CRM, business rol SOLMANREQU.
We were looking about the possibility of using the authorization object "B_NOTIF_IB” but it don’t works under WebUi.
Any idea?
Thank's for your time
Hello Jose,
Have a look on the note 1926788 - VAR Key User able to see IBase of all the customers using SOLMANREQU Business role - Solut...
BR,
K.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello José,
Did you find a solution for this issue?
Kind regards,
Miguel
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello Miguel Ruijsenaars,
The note 1744238 has to be implemented and it tells us: Reporters PFCG Role requires authorization: SMIBASDISP = USERS_OWN
All SAP System have to be maintained in BP identification tab:
All CMDB objects are maintained within Web UI > CMDB Objects > assignment block “Involved Parties”
Hope this helps
Hi Bakhtiyar Jaikbayev,
Thank you for your reply.
I have seen the note, but it doesn't work. A key user can still see all ibase objects despite the authorization SMIBASDISP = USERS_OWN. The corresponding bp is maintained and the sold-to is assigned as involved party to the ibase (and to be sure the key user is assigned as reported-by to the ibase as involved party).
Any other suggestions?
Kind regards,
Miguel
Hello Bakhtiyar,
Yes, the key user has a relationship with the customer.
In the meantime I am also in discussion with SAP regarding this issue. Our Ibase has been set up manually and is not converted to IObjects and also instead of using the field component we should use the field configuration item.
Thanks for your replies.
Kind regards,
Miguel
Hi Wences, Yes, I am now able to restrict the Ibase for key users. To restrict the values for key user they should be linked to the specific system via the identification tab and should not get value ALL for object authorization SM_SDK_IBA (per note 1744238). This also requires Ibase configuration items (instead of components) and the implementation of several notes: Note 1714842 - Short dump when deleting a component in ibase Note 1827161 - Duplicate client component Note 1818117 - Not authorized for product (configuration item) Good luck! Regards, Miguel
Hello Miguel,
we are facing the same Problem you had. We had set up IBase as textcomponents manually in SolMan Service Desk 4.0. Now we did the upgrade to 7.1. But now the object model changed for IBase compnents from text to IObjects. We raised the question to SAP, how already existing and in process used IBase can be converted? No answer so far except we have to generate new one by IB_GEN or Report AI_CRM_IBASE_GENERATE_71. But what about the already existing and used set up IBase objects?
How did you manage to convert the existing and already used IBase to the new IObjects logic?
The notes you mentioned are all pointing to the Generation of new IBase we do not see as necessary and also wortless from a process Point of view.
Any details an hints are welcome.
Thank you in advance.
Best regards
Marco
Hello Marco, I had the same discussion with SAP and have concluded that an automatic conversion of Ibase (text) component to Ibase Configuration Items is not possible. In our situation I could not use the existing reports for SMSY or LMDB systems because not all customers are connected to our solution manager and not all systems are relevant for us. Therefore I manually created the Ibase Configuration Items. I used tocde IB52 (not via WebUI) because you are allowed to copy and paste information (from Excel for example) and thus create multiple configuration items at once. Use following format: Item - .. Sort String - NL Object Fam - 7001 Object ID - 7100000001 Description - Customer ECC Production Description (non editable) - .. Log System - SIDCLNT100 Identification - SID INSTALNO CLNT SAP recommends this strategy which is actually just following the ITSM SolMan setup wizard: 1. Activity "Technically Upgrade Products" (step 2.1): Report COM_PRODUCT_UPGRADE 2. Activity "Maintain Product ID Length" (step 2.3) 3. Report AI_CRM_PRODUCT_SETUP (SOLMAN_SETUP activity “Create Hierarchy for Material Products”) 4.Activity "Maintain Number Range for Material" (step 2.4) 5.Activity "Create IBase Components for SMSY Systems" (BASIC step 5) - Execute report RDSWP_IBASE_GENERATE. 6.Activity "Create IBase Components for LMDB Systems" (BASIC step 5) - Execute report AI_CRM_IBASE_GENERATE_71 Hope this helps. Kind regards, Miguel
You can control user authorization for displaying, changing, and creating installed bases. Authorization control for installed bases uses the authorization concept for Application Server ABAP (see User Administration and Identity Management in ABAP Systems).
For each user, you can determine authorization depending on the following:
Authorization is controlled by the authorization object CRM_IBASE (Authorization Object for Installed Base). For more technical information about the authorization object, see the documentation for the object in the SAP CRM system. NoteThe authorization object IB_IBASE is not used in SAP CRM.The authorization check does not influence whether or not certain options in the CRM WebClient UI (such as theCreate button or hyperlinks to assigned installed bases) are displayed on the user interface. If a user clicks aCreate button, an Edit button, or a hyperlink to an assigned installed base but does not have sufficient authorization for the respective action, a message is displayed informing the user of this.The search results list for installed bases only contains installed bases for which the user has at minimum a display authorization. When users create or change an installed base, they can only assign an installed base category or authorization group for which they have at minimum a display authorization.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
93 | |
10 | |
10 | |
9 | |
9 | |
7 | |
6 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.