- SAP Community
- Products and Technology
- Technology
- Technology Q&A
- User Roles in XI
- Subscribe to RSS Feed
- Mark Question as New
- Mark Question as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
User Roles in XI
- Subscribe to RSS Feed
- Mark Question as New
- Mark Question as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
on 05-22-2008 11:47 AM
Hi,
I would like to restricted my users to access some objects in IR so, i tryed with the follwoing blog but,
/people/michal.krawczyk2/blog/2005/05/25/xi-how-to-add-authorizations-to-repository-objects
when i click the change button in the repository objtct its not performing perticular role.
i was configured ExchangeProfile parametes and created new user and its roles.
Would you tell where i done mistake. according to This Blog.
Thanks
Mahesh
- SAP Managed Tags:
- SAP Process Integration
Accepted Solutions (0)
Answers (6)
Answers (6)
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
Hi Mahesh,
You need to give the points when you are issue is solved. Its the minimum responsibility
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
Hi All,
/people/michal.krawczyk2/blog/2005/05/25/xi-how-to-add-authorizations-to-repository-objects
By using this blog i got solved this.before when i select the object type it was automatically taking include option.so, manualy gain i was selected as Exclude in the Object Type.
Thanks
Mahesh
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
Hi,
Role: SAP_XI_Developer
u2022 SAP_XI_DEVELOPER (Composite)
u2022 SAP_SLD_DEVELOPER
u2022 SAP_XI_DEMOAPP
u2022 SAP_XI_DEVELOPER_ABAP
u2022 SAP_XI_DEVELOPER_J2EE
Notes:
No access to the Administration of the XI Tools URL,
ABAP
SXI_CACHE to view the cache but not refresh it
SXMB_MONI
SPROXY
SXMB_IFR
SXMB_ADM
SLDCHECK
SLDAPICUST
SLD
create/change Technical /Business System
create Software Catalog (Product/Software Component Version)
create/change Development (Name Reservation, Content Browser, Class Browser).
REPOSITORY
import SWCV (Software Component Version) from SLD
create new namespace under a SWCV
create/change new or existing Integration Scenarios and Integration Processes because the Software Component cannot be changed
create/change new or existing Interface Objects because the Software Component cannot be changed
create/change new or existing Mapping Objects because the Software Component cannot be changed
create/change new or existing Adapter Objects
DIRECTORY
transfer integration scenario from Repository
create/change Party
create/change Service Without Party
create/change Service Receiver Determination
create/change Service Interface Determination
create/change Service Sender Agreement
create/change Service Receiver Agreement
RWB
Component Monitoring
Message Monitoring
Performance Monitoring
Alert Configuration
Alert Inbox
Cache Monitoring Role: SAP_XI_Configurator
u2022 SAP_XI_CONFIGURATOR (Composite)
u2022 SAP_SLD_CONFIGURATOR
u2022 SAP_XI_BPE_CONFIGURATOR_ABAP
u2022 SAP_XI_CONFIGURATOR_ABAP
u2022 SAP_XI_CONFIGURATOR_J2EE
u2022 SAP_XI_DEMOAPP
Notes:
No access to the Administration of the XI Tools URL
ABAP
SXI_CACHE to view the cache but not refresh it
SXMB_MONI
SPROXY
SXMB_IFR
SXMB_ADM
SLDCHECK
SLDAPICUST
SLD
create/change Technical /Business System
create Software Catalog (Product/Software Component Version)
create/change Development (Name Reservation, Content Browser, Class Browser).
REPOSITORY
import SWCV (Software Component Version) from SLD
create new namespace under a SWCV
create/change new or existing Integration Scenarios and Integration Processes because the Software Component cannot be changed
create/change new or existing Interface Objects because the Software Component cannot be changed
create/change new or existing Mapping Objects because the Software Component cannot be changed
create/change new or existing Adapter Objects
DIRECTORY
transfer integration scenario from Repository
create/change Party
create/change Service Without Party
create/change Service Receiver Determination
create/change Service Interface Determination
create/change Service Sender Agreement
create/change Service Receiver Agreement
RWB
Component Monitoring
Message Monitoring
Performance Monitoring
Alert Configuration
Alert Inbox
Cache Monitoring
Role: SAP_XI_ADMINISTRATOR
u2022 SAP_XI_ADMINISTRATOR (Composite)
u2022 SAP_ALM_ADMINISTRATOR
u2022 SAP_ALM_CUSTOMIZER
u2022 SAP_SLD_ADMINISTRATOR
u2022 SAP_XI_ADMINISTRATOR_ABAP
u2022 SAP_XI_ADMINISTRATOR_J2EE
u2022 SAP_XI_BPE_ADMINISTRATOR_ABAP
u2022 SAP_XI_DEMOAPP
Notes: Has access to the Administration of the XI Tools URL (This should be Basis Only)
ABAP
u2022 Has access to SXI_CACHE to view the cache but not refresh it
u2022 Has access to SXMB_ADM
u2022 Has access to SXMB_MONI
u2022 Has access to SPROXY
u2022 Has access to SXMB_IFR
u2022 Has access to SLDCHECK
u2022 Has access to SLDAPICUST
SLD
u2022 Can create/change Technical /Business System
u2022 Can create/delete Software Catalog (Product/Software Component Version)
u2022 Can create/change Development (Name Reservation, Content Browser, Class Browser).
REPOSITORY
u2022 Can import SWCV (Software Component Version) from SLD and delete from Repository
u2022 Can create new namespace under a SWCV
u2022 Can create/change new or existing Integration Scenarios and Integration Processes
u2022 Can create/change new or existing Interface Objects
u2022 Can create/change new or existing Mapping Objects
u2022 Can create/change new or existing Adapter Objects
DIR
u2022 Can transfer integration scenario from Repository
u2022 Can create/change Party
u2022 Can create/change Service WithoutParty
u2022 Can create/change Service Receiver Determination
u2022 Can create/change Service Interface Determination
u2022 Can create/change Service Sender Agreement
u2022 Can create/change Service Receiver Agreement
RWB
u2022 Can access Component Monitoring
u2022 Can access Message Monitoring
u2022 Can access Performance Monitoring
u2022 Can access Alert Configuration
u2022 Can access Alert Inbox
u2022 Can access Cache Monitoring Role: SAP_XI_CONTENT_ORGANIZER
u2022 SAP_XI_CONTENT_ORGANIZER (Composite)
u2022 SAP_SLD_ORGANIZER
u2022 SAP_XI_CONTENT_ORGANIZER_ABAP
u2022 SAP_XI_CONTENT_ORGANIZER_J2EE
Notes: No access to the Administration of the XI Tools URL
ABAP
u2022 No access to SXI_CACHE
u2022 No access to SXMB_ADM
u2022 No access to SXMB_MONI
u2022 No access to SPROXY
u2022 Has access to SXMB_IFR
u2022 No access to SLDCHECK
u2022 No access to SLDAPICUST
SLD
u2022 Can create/change Technical /Business System
u2022 Can create/delete Software Catalog (Product/Software Component Version)
u2022 Can create/change Development (Name Reservation, Content Browser, Class Browser).
REPOSITORY
u2022 Can import SWCV (Software Component Version) from SLD and delete from Repository
u2022 Can create new namespace under a SWCV
u2022 Can create/change new or existing Integration Scenarios and Integration Processes
u2022 Can create/change new or existing Interface Objects
u2022 Can create/change new or existing Mapping Objects
u2022 Can create/change new or existing Adapter Objects
DIR
u2022 Can transfer integration scenario from Repository
u2022 Can create/change Party
u2022 Can create/change Service WithoutParty
u2022 Can create/change Service Receiver Determination
u2022 Can create/change Service Interface Determination
u2022 Can create/change Service Sender Agreement
u2022 Can create/change Service Receiver Agreement
RWB
u2022 Can access Component Monitoring
u2022 Can access Message Monitoring
u2022 Can access Performance Monitoring
u2022 Can access Alert Configuration
u2022 Can access Alert Inbox
u2022 Can access Cache Monitoring
Role: SAP_XI_DISPLAY_USER
u2022 SAP_XI_DISPLAY_USER (Composite)
u2022 SAP_SLD_GUEST
u2022 SAP_XI_DISPLAY_USER_ABAP
u2022 SAP_XI_DISPLAY_USER_J2EE
Notes: No access to the Administration of the XI Tools URL
ABAP
u2022 Has access to SXI_CACHE but cannot refresh cache
u2022 Has display access to SXMB_ADM
u2022 Has access to SXMB_MONI
u2022 Has access to SPROXY
u2022 Has access to SXMB_IFR
u2022 Has access to SLDCHECK
u2022 No access to SLDAPICUST
SLD
u2022 Cannot create/change Technical /Business System
u2022 Cannot create/delete Software Catalog (Product/Software Component Version)
u2022 Cannot create/change Development (Name Reservation, Content Browser, Class Browser).
REP
u2022 Cannot import SWCV (Software Component Version) from SLD and delete from Repository
u2022 Cannot create new namespace under a SWCV
u2022 Cannot create/change new or existing Integration Scenarios and Integration Processes
u2022 Cannot create/change new or existing Interface Objects
u2022 Cannot create/change new or existing Mapping Objects
u2022 Cannot create/change new or existing Adapter Objects
DIR
u2022 Cannot transfer integration scenario from Repository
u2022 Cannot create/change Party
u2022 Cannot create/change Service WithoutParty
u2022 Cannot create/change Service Receiver Determination
u2022 Cannot create/change Service Interface Determination
u2022 Cannot create/change Service Sender Agreement
u2022 Cannot create/change Service Receiver Agreement
RWB
u2022 Can access Component Monitoring
u2022 Can access Message Monitoring
u2022 Can access Performance Monitoring
u2022 Can access Alert Configuration
u2022 Can access Alert Inbox
u2022 Can access Cache Monitoring Role: SAP_XI_MONITOR
u2022 SAP_XI_MONITOR (Composite)
u2022 SAP_SLD_GUEST
u2022 SAP_XI_BPE_MONITOR_ABAP
u2022 SAP_XI_DEMOAPP
u2022 SAP_XI_MONITOR_ABAP
u2022 SAP_XI_MONITOR_J2EE
Notes: No access to the Administration of the XI Tools URL
ABAP
u2022 Has access to SXI_CACHE and refresh cache
u2022 No access to SXMB_ADM
u2022 Has access to SXMB_MONI
u2022 Has access to SPROXY
u2022 Has access to SXMB_IFR
u2022 No access to SLDCHECK
u2022 No access to SLDAPICUST
SLD
u2022 Cannot create/change Technical /Business System
u2022 Cannot create/delete Software Catalog (Product/Software Component Version)
u2022 Cannot create/change Development (Name Reservation, Content Browser, Class Browser).
REP
u2022 Cannot import SWCV (Software Component Version) from SLD and delete from Repository
u2022 Cannot create new namespace under a SWCV
u2022 Cannot create/change new or existing Integration Scenarios and Integration Processes
u2022 Cannot create/change new or existing Interface Objects
u2022 Cannot create/change new or existing Mapping Objects
u2022 Cannot create/change new or existing Adapter Objects
DIR
u2022 Cannot transfer integration scenario from Repository
u2022 Cannot create/change Party
u2022 Cannot create/change Service WithoutParty
u2022 Cannot create/change Service Receiver Determination
u2022 Cannot create/change Service Interface Determination
u2022 Cannot create/change Service Sender Agreement
u2022 Cannot create/change Service Receiver Agreement
RWB
u2022 Can access Component Monitoring
u2022 Can access Message Monitoring
u2022 Can access Performance Monitoring
u2022 Can access Alert Configuration
u2022 Can access Alert Inbox
u2022 Can access Cache Monitoring
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
Hi Mahesh,
There is a way to restrict the authorizations by S/W Components that you create. In the IR, you can restrict the same by adding the S/W components in the list by creating User Roles. In the IR Go to Tools --> User Roles. Create a new user role and attach and specify the S/W components for which you want to give access to that role.
These details have been explained in detail in this document.
in the current XI release you can restrict users from changing repository objects (i.e. you can specify which software component the user is allowed to change).
Unfortunately the user is still allowed to view all repository objects, independent of the software component they belong to.
Reward points if this helps
Regards
Pragathi.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
Hi,
For Exchange profile please check
http://help.sap.com/saphelp_nw04s/helpdata/en/89/6f1741b393f26fe10000000a1550b0/frameset.htm
1. Create user in "R3", with transaction SU01.
2. In "R3", create a role with transaction PFCG
3. UME Admin WebApp: assign role to user group
4. XI Exchange Profile WebApp: activate data-dependent authorization checks. Put: com.sap.aii.util.server.auth.activation" in section "IntegrationBuilder.Repository" to true
Please check the documentation on Netweaver security and Integration of UME Roles with SAP Roles
Refer below link. It will give all the details about the roles. then you can restrict user based on these roles
XI Roles
http://www.erpgenie.com/sap/netweaver/xi/xiauthorizations.htm
Thanks
Swarup
Edited by: Swarup Sawant on May 22, 2008 12:52 PM
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
- Setting Up Specific A/R Invoice Layouts for Users in User Defaults in Technology Q&A
- How can I change SAP schema user (e.g SAPABAP1 or SAPHANADB) password? in Technology Q&A
- SAC Security User Best Practice in Technology Q&A
- PI/PO7.5 Background Job Processing Monitor -User roles in Technology Q&A
- What’s New in SAP Analytics Cloud Q2 2024 in Technology Blogs by SAP
| User | Count |
|---|---|
| 77 | |
| 10 | |
| 9 | |
| 7 | |
| 6 | |
| 5 | |
| 5 | |
| 5 | |
| 5 | |
| 4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.