cancel
Showing results for 
Search instead for 
Did you mean: 

Solman Managed Systems - 7 Create Users

hasanajsh
Active Contributor
0 Kudos

Dear experts,

I am trying to configure Solution manager 7.1.

I am at Managed Systems>>7. Create Users

(The managed system is Solman itself)

There are 4 steps at this point.

I get the following error:

User ... is not allowed to perform this request. Check SAP Note 1647157.


Note 1647157 - How to Set up Access to the SPML Service on AS Java

In this note it is stated that I need to create some role, but I do not have such option.

Could you please shortly give some hint? Am I missing something?

Regards,

Shkelzen

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
0 Kudos

hi,

Just follow the steps form solution:

Follow these steps to create a technical user that can be used to access the SPML service:

    1. Navigate to the user administration UI of the AS Java at http(s)://<server>:<port>/useradmin
    2. Create a role (for example MY_SPML_FULL_ACCESS_ROLE) and assign the following actions (depending on your use case):
  • Read-Only access to the SPML service: Spml_Read_Action
  • Read/Write access to the SPML service: Spml_Read_Action and Spml_Write_Action
      a) Select search criteria "Role" in the upper part of the UI.
      b) Choose "Create Role".
      c) Enter the name of the new role in the "Unique Name" field on the tab "General Information".
      d) Navigate to the tab "Assigned Actions".
      e) Enter the search criteria "*spml*" in the "Get" field in the area "Available Actions" and choose the "Go" button.
      f) Add the UME action with the name "Spml_Read_Action" to the role. If write access is required, additionally add the UME action "Spml_Write_Action".
      g) Save the new role by choosing the "Save" button.

    3. Create a communication user and assign it to the role created in step 2.
      a) Select search criteria "User" in the upper part of the UI.
      b) Choose "Create User".
      c) Enter name of the user in the field "Logon ID". Enter a password, the last name, and choose the security policy "Technical User".
      d) Navigate to the "Assigned Roles" tab. Search for the role created in step 2. Add it to the list of assigned roles.
      e) Choose the "Save" button.

  1. 4. Test whether the user can log on to the SPML service and has the desired permissions.
    1. a) Navigate to the SPML service at http(s)://<server>:<port>/spml/provisioning
  2. b) Enter the user name and password of the user created in step 3.

BR,

K.

hasanajsh
Active Contributor
0 Kudos

Thanks for the reply.

i am trying to follow the note but I do not see any option to create role after I access the URL.

Former Member
0 Kudos

HI,

Logon to java stack search for UME and create role:

BR,

K.

hasanajsh
Active Contributor
0 Kudos

Thanks.

Now I am trying to create a user (according to the note) but getting the following error:

Current user has user creation permissions in the UME, but cannot create users in the back-end system (data source). The original and possibly untranslated message was: "No active writeable datasource found for user creation, check your Persistence Configuration.".
Former Member
0 Kudos
hasanajsh
Active Contributor
0 Kudos

Hi Kamil,

Thanks for the suggestion. I read the posts.

Former Member
0 Kudos

Hi, Shkёlzen!

>3. Create a communication user and assign it to the role created in step 2.

  1. Create SPML-user of type communication manually via SU01 (set different temporary initial password).
  2. Assign previously created role in the UME and do this again for your configuration user (e.g. SOLMAN_ADMIN).
  3. Perform other checks of the note and try again with the solman_setup step after relogin.

For SAPSUPPORT steps check the user in your configuration client and 000.

Regards,

Alex

Matt_Fraser
Active Contributor
0 Kudos

Shkelzen,

Did you ever resolve this?  If not, this error about the UME persistence configuration looks suspiciously like the error I was getting when I tried to create users in the ABAP store via the Java UME, and/or when the Create Users step in the Managed System Configuration for the Java stack of a dual-stack system would try to do the same.  The cause turned out to be that the SAPJSF user did not have write authorization in the ABAP system, i.e. only had SAP_BC_JSF_COMMUNICATION_RO (Read Only) assigned.  Assigning the ABAP role SAP_BC_JSF_COMMUNICATION to this user and restarting the Java stack resolved the problem for me.

Regards,

Matt

Answers (2)

Answers (2)

hasanajsh
Active Contributor
0 Kudos

,

Former Member
0 Kudos

Hi,

Which your you are using to login to do the configurations?

You have to use the SOLMAN_ADMIN using alone to perform the post steps.

Regards,

Raja. G

hasanajsh
Active Contributor
0 Kudos

Thanks for the reply.

I was using an admin user I have created.

I tried using the SOLMAN_ADMIN and I get the same error.

Former Member
0 Kudos

Sorry about that.

Is the necessary roles has been assigned for SOLMAN_ADMIN user?

Regards,

Raja. G

hasanajsh
Active Contributor
0 Kudos

Yes, the roles are assigned.