cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Restrict installed base component SLM 7.1 SP06 VAR WebUi Solmanrequ

former_member375580
Explorer

on ‎12-04-2012 8:12 AM

0 Kudos

Hello,

We are working in implementation process of Solution Manager 7.1 SP06 (VAR) and we are looking for a solution to restrict search results of "installed base component" that the end user is authorized to select when he is creating an incident through WebUi, transaction code SM_CRM, business rol SOLMANREQU.

We were looking about the possibility of using the authorization object "B_NOTIF_IB” but it don’t works under WebUi.

Any idea?

Thank's for your time

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (3)

Answers (3)

Former Member
‎10-31-2013 7:46 PM
0 Kudos

Hello Jose,

Have a look on the note 1926788 - VAR Key User able to see IBase of all the customers using SOLMANREQU Business role - Solut...

BR,

K.

Show replies
Show replies
Former Member
‎05-30-2013 1:33 PM
0 Kudos

Hello José,

Did you find a solution for this issue?

Kind regards,

Miguel

Show replies
Show replies
Former Member
‎05-31-2013 9:49 AM
0 Kudos

Hello Miguel Ruijsenaars,

The note 1744238 has to be implemented and it tells us: Reporters PFCG Role requires authorization: SMIBASDISP = USERS_OWN

All SAP System have to be maintained in BP identification tab:

All CMDB objects are maintained within Web UI > CMDB Objects > assignment block “Involved Parties”

Hope this helps

Former Member
‎06-04-2013 8:37 AM
0 Kudos

Hi Bakhtiyar Jaikbayev,

Thank you for your reply.

I have seen the note, but it doesn't work. A key user can still see all ibase objects despite the authorization SMIBASDISP = USERS_OWN. The corresponding bp is maintained and the sold-to is assigned as involved party to the ibase (and to be sure the key user is assigned as reported-by to the ibase as involved party).

Any other suggestions?

Kind regards,

Miguel

Former Member
‎06-05-2013 8:01 AM
0 Kudos

Hello Miguel,

Did you key user have relationships for customer ? Please check it.

For Examle, if you have customer with key user - key user will be in relationships - Is contact person for

What SP you installed in SAP Solution Manager ?

Hope this helps.

Former Member
‎06-10-2013 8:40 AM
0 Kudos

Hello Bakhtiyar,

Yes, the key user has a relationship with the customer.

In the meantime I am also in discussion with SAP regarding this issue. Our Ibase has been set up manually and is not converted to IObjects and also instead of using the field component we should use the field configuration item.

Thanks for your replies.

Kind regards,

Miguel

Former Member
‎06-12-2013 11:43 AM
0 Kudos

Hello Miguel, really i create ibase component manually,

1. new ibase component had new object id and new identification.

2. identification =  BP identification tab

Hope this helps, i can provide solution for you by skype or teamviewer if you want.

skype: jaikbayev

wlacaze
Active Participant
‎10-15-2013 2:04 AM
0 Kudos

Hi Miguel,

Any lucky on this?.

I'm making the same configuration.

thxs

@WenSolman

Former Member
‎10-15-2013 7:18 AM
0 Kudos

Hi Wences,  Yes, I am now able to restrict the Ibase for key users. To restrict the values for key user they should be linked to the specific system via the identification tab and should not get value ALL for object authorization SM_SDK_IBA (per note 1744238).   This also requires Ibase configuration items (instead of components) and the implementation of several notes:  Note 1714842 - Short dump when deleting a component in ibase Note 1827161 - Duplicate client component Note 1818117 - Not authorized for product (configuration item)  Good luck!  Regards, Miguel

wlacaze
Active Participant
‎10-15-2013 1:46 PM
0 Kudos

hi Miguel,

Thanks for the info, the system was already working in the right way, the issue was that I use Ibase to search, and not the object field :-(.

Now I will lock the Ibase field and will work

thanks again

@Wensolman

Former Member
‎10-31-2013 3:11 PM
0 Kudos

Hello Miguel,

we are facing the same Problem you had. We had set up IBase as textcomponents manually in SolMan Service Desk 4.0. Now we did the upgrade to 7.1. But now the object model changed for IBase compnents from text to IObjects. We raised the question to SAP, how already existing and in process used IBase can be converted? No answer so far except we have to generate new one by IB_GEN or Report AI_CRM_IBASE_GENERATE_71.  But what about the already existing and used set up IBase objects?

How did you manage to convert the existing and already used IBase to the new IObjects logic?

The notes you mentioned are all pointing to the Generation of new IBase we do not see as necessary and also wortless from a process Point of view.

Any details an hints are welcome.

Thank you in advance.

Best regards

Marco

Former Member
‎11-04-2013 7:52 AM
0 Kudos

Hello Marco,  I had the same discussion with SAP and have concluded that an automatic conversion of Ibase (text) component to Ibase Configuration Items is not possible.   In our situation I could not use the existing reports for SMSY or LMDB systems because not all customers are connected to our solution manager and not all systems are relevant for us. Therefore I manually created the Ibase Configuration Items.   I used tocde IB52 (not via WebUI) because you are allowed to copy and paste information (from Excel for example) and thus create multiple configuration items at once. Use following format:  Item                        - .. Sort String                 - NL   Object Fam                  - 7001 Object ID                   - 7100000001 Description                 - Customer ECC Production Description (non editable)  - .. Log System                  - SIDCLNT100 Identification              - SID INSTALNO CLNT  SAP recommends this strategy which is actually just following the ITSM SolMan setup wizard:  1. Activity "Technically Upgrade Products" (step 2.1): Report  COM_PRODUCT_UPGRADE  2. Activity "Maintain Product ID Length" (step 2.3)   3. Report AI_CRM_PRODUCT_SETUP (SOLMAN_SETUP activity “Create Hierarchy for Material Products”)   4.Activity "Maintain Number Range for Material" (step 2.4)  5.Activity "Create IBase Components for SMSY Systems" (BASIC step 5) - Execute report RDSWP_IBASE_GENERATE.   6.Activity "Create IBase Components for LMDB Systems" (BASIC step 5) - Execute report AI_CRM_IBASE_GENERATE_71  Hope this helps.  Kind regards, Miguel

Former Member
‎11-04-2013 7:52 AM
0 Kudos

Sorry, I used HTML insert and that messed up my layout..

Former Member
‎02-12-2013 4:56 AM
0 Kudos

Authorization for Installed Bases

You can control user authorization for displaying, changing, and creating installed bases. Authorization control for installed bases uses the authorization concept for Application Server ABAP (see User Administration and Identity Management in ABAP Systems).

Features

For each user, you can determine authorization depending on the following:

  • The authorization group assigned to an installed base
  • The installed base category

Authorization is controlled by the authorization object CRM_IBASE (Authorization Object for Installed Base). For more technical information about the authorization object, see the documentation for the object in the SAP CRM system.Note NoteThe authorization object IB_IBASE is not used in SAP CRM.The authorization check does not influence whether or not certain options in the CRM WebClient UI (such as theCreate button or hyperlinks to assigned installed bases) are displayed on the user interface. If a user clicks aCreate button, an Edit button, or a hyperlink to an assigned installed base but does not have sufficient authorization for the respective action, a message is displayed informing the user of this.The search results list for installed bases only contains installed bases for which the user has at minimum a display authorization. When users create or change an installed base, they can only assign an installed base category or authorization group for which they have at minimum a display authorization.

Activities

  • You define authorization groups in Customizing for Customer Relationship Management under Master Data Installed Base Define Authorization Groups .Once you have defined authorization groups, you can assign them to installed bases in the CRM WebClient UI, on the Installed Base page, in the General Data block.
  • For the relevant role, you define values for the above fields in an authorization profile, thereby determining which actions users with that role can perform, and which installed bases they can display, change, and create.
  • If you restrict display authorization to installed bases, you also have the option of configuring the relevant business role for the CRM WebClient UI so that users cannot navigate to the Installed Base page.
Show replies
Show replies
Ask a Question