on 10-03-2017 4:47 PM
Hello Experts,
I need to assign Only Alias Mapping Authorization to an User in BOBJ. Could you please suggest how I can achieve the same.
I am new to SAP BOBJ so could you please also suggest some links and pdf to getting started with it.
Regards,
C Kumar
Thanks Joe for Answer!
Yes I tried the same way you suggested -
"The simplest way to do this is to give the group Full Control over both Users and User Groups. However, this may be more than what you want, as it would grant the ability to delete users, change passwords, and add/delete groups."
But as per the business requirement, user mustn't have delete users, change passwords, and add/delete groups authorization. How to limit this.
Another query - how we can limit the access to only user creation.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
If you grant the explicit rights as I listed in my answer, then they won't be able to delete users, or add/delete groups.
By default, users only have access to what you give them. So if your delegated admin isn't granted any other access, then they won't be able to do anything else.
What you're after is commonly referred to as a delegated admin. You can use a Custom Access Level for this, or assign rights directly. Directly-assigned rights might be sufficient if your requirements aren't too complex.
I would suggest creating a Delegated Admin group, add your user to the group, and then grant the group the appropriate rights.
You'll need to grant the rights at the top level of both Users and User Groups (CMC -> Users and Groups -> Manage -> Top level security -> All Users, then All Groups).
The simplest way to do this is to give the group Full Control over both Users and User Groups. However, this may be more than what you want, as it would grant the ability to delete users, change passwords, and add/delete groups.
At a minimum, in All Users, the group would need to the following rights granted:
For User Groups, it needs:
You could also do limited deleted admins -- instead of granting the above User Group rights at the top level, just assign it to a particular group. This would allow the deleted admin group the ability to add/remove users from this group only.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
84 | |
23 | |
11 | |
9 | |
8 | |
5 | |
5 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.