Roles : They are used to administer security features for various users in SAP.
Composite Roles : They are roles which have individual roles with in. Parent role is a composite roles and there are individual roles inside each composite role.Standard Programs
IAM_API_TESTFRAME’ for dealing with user and corresponding roles
RSUSR002 : Gives details of users and roles
T-Code
SU01 : User Information
SUIM - User Information System
Tables
USH02 - Change history for logon data
AGR_AGRS - Roles in Composite Roles
AGR_USERS - Assignment of roles to users
BAPIs
BAPI_USER_CREATE1
BAPI_USER_ACTGROUPS_ASSIGN
Reference Notes
http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/668e6629-0701-0010-7ca0-994cb7dec5a3?overridelayout=true
Creating Users in SAP
BAPI_USER_CREATE1
The BAPI needs the following mandatory parameters.
*& Passing the mandatory parameters
*& LogON Data
CLEAR: lw_logondata.
lw_logondata-gltgv = sy-datum. " User Valid From
lw_logondata-gltgb = '99991231'. " User Valid To
*& Password
CLEAR: lw_password.
lw_password-bapipwd = 'Welcome123'.
*& Address Table
CLEAR: lw_address.
lw_address-lastname = <user lastname>.
REFRESH : lt_param[], lt_return[].
CALL FUNCTION 'BAPI_USER_CREATE1'
EXPORTING
USERNAME = <userid>
LOGONDATA = lw_logondata
PASSWORD = lw_password
ADDRESS = lw_address
TABLES
PARAMETER = lt_param
RETURN = lt_return
Assign Roles
BAPI_USER_ACTGROUPS_ASSIGN
CALL FUNCTION 'BAPI_USER_ACTGROUPS_ASSIGN'
EXPORTING
USERNAME = <userid>
TABLES
ACTIVITYGROUPS = lt_roles
RETURN = lt_return
.
Delete Users
CALL FUNCTION 'BAPI_USER_DELETE'
EXPORTING
USERNAME = <userid>
TABLES
RETURN = lt_return
.
.
No comments:
Post a Comment