Saturday, July 2

User Administration

User administrator does the tasks that are relevant to role assignments and user management. SAP User Management Engine (UME) provides user management functions in SAP Enterprise Portal. This runs as an integrated service in the SAP EP framework.
Portal Content Directory (PCD) manages the Roles.

In this post we will discuss about the tasks that a user administrator performs. These tasks are mostly routine tasks such as:
Unlocking users, searching for users, creating users etc. User Management Administration Console is used to perform these tasks.
Assigning roles to users and groups
Mapping users
Replication of user data into external systems.
Importing user data

Assigning roles to users and groups
SAP enterprise portal provides a user interface for each user according to the roles allocated to him or her. Things in the top-level navigation and in the portal pages are determined from his or her roles. So based on their function in the company, it is very important to assign users and groups to specific roles.

Prerequisites
To do this, administrator must have following roles: pcd:portal_content/administrator/super_admin/super_admin_role pcd:portal_content/administrator/content_admin/content_admin_role pcd:portal_content/administrator/system_admin/system_admin_role pcd:portal_content/administrator/user_admin/user_admin_role

Procedure
Select user or group to which you wnat to assign a role.
Select Edit in the right column.
Select one or more roles if you want to assign one or more roles to the user or group. select Add. Similarly you can remove one or more roles chosen by you.
Choose Save.

the same procedure is followed to assign users and groups to roles as is followed for assigning roles to users and groups except that Edit needed to chosen for a role in the first screen. And in the second screen, users and groups are chosen.

The user's portal user ID is stored in the user repository for the enterprise portal. To enable Single Sign-On, a user's portal user ID and password must be mapped to the corresponding user ID for each system in which the user ID is different.

Mapping Users
There are two methods of Single Sign-On for which User mapping is required:

SSO using user ID and password:
here, it is necessary to map the portal user ID and password to the user ID and password in component system.

Using SAP logon tickets for Single Sign-On:
If the SAP user IDs are the same as the portal user IDs, user mapping is not needed. If not, we must define a SAP reference system. This system is used for user mapping. In the user's SAP logon ticket, a user's portal user ID and the SAP user ID is stored. When a logon attempt to the component system is made, the system extracts the user ID from the logon ticket.

It is possible to map a user, a group, or a role to a user ID in a system which is connected to the SAP Enterprise portal. But in case of the SAP Systems connected to SAP EP, we cannot map roles or groups to a user in a SAP System. Only a user can be mapped to a user. When a iView that needs data from a connected system is accessed, SAP logon tickets are not supported, the procedure is that SAP Enterprise portal checks whether the user is mapped to a user in the corresponding system and if yes then SAP EP logs on using the mapped user data. If not, it checks for the group to which the user belongs whether the group is mapped in the component system or not. If yes, SAP EP logs on using the mapping. If not, it checks for roles. If not, the iView will prompt the user to enter mapping data but foe this, iView needs to be Programmed.

Related Posts:
Delegated Administration
Super Administration
Content Administration
System Administration

No comments:

Post a Comment

You are welcome to express your views here...