Ansicht
Dokumentation
FMCA_PS_EXT_USER_SET - Maintain Settings for External User Management
TXBHW - Original Tax Base Amount in Local Currency PERFORM Short ReferenceThis documentation is copyright by SAP AG.
Configure the privileges that can be assigned to external users.
- Maintain a number range interval for users:
- SAP NetWeaver -> Gateway Service Enablement -> Backend OData Channel -> User Self Service Setup -> Maintain Number Range Interval for User Self Service
- Maintain an RFC destination to replicate user:
- SAP NetWeaver -> Gateway Service Enablement -> Backend OData Channel -> User Self Service Setup -> Maintain RFC Destination for User Replication
- Create a reference role including an authorizations/security policy on the Gateway server using following transactions:
- PFCG
- SECPOL
- Create a reference user on the Gateway server using transaction SU01 and assign a reference role and security policy.
- Create user groups in the ERP backend system using transaction SUGR.
- Create roles and assign authorizations in the ERP backend system using transaction PFCG.
- Create a security policy in the backend using transaction SECPOL.
- Define User Categories
- User categories define a common group of users that share the same characteristics and similar authorizations in the backend, as well as the frontend. For example, individual taxpayers, corporate taxpayers, and tax advisors.
- The following BAdI determines to which user category a business partner belongs:
- FMCA_MC_SETTING_IMPL (Method: Get_USER_CATEGORY)
- Note: The default implementation reads the first user category ID entry from the customizing table.
- To define a user category:
- Click New Entries
- Under User Category ID, enter the name of the category.
- Under User Creation Limit, enter how many users are permitted for the business partner.
- Example: You can define that an individual tax payer cannot create more than three users (one for themselves and the other one for their tax accountants), while a corporation can create up to 10 users.
- Click the Back icon - the category you created should now be visible in the list.
- Now assign the category to a user group:
- Select the category you created and then, from the Dialog Structure, double-click User Group Settings.
- Click New Entries.
- In the User Group ID field, use the F4 Help to select the user group to which your category should be assigned.
- Under User Group Settings, enter the following information:
- Gateway Reference User: Enter the reference user (see Prerequisites, number 4).
- Defining a gateway reference user is how you determine which role/authorizations are assigned to users on the gateway server. Please note that the process for creating users in Multichannel Foundation does not assign any roles/authorizations to the frontend.
- Login Group: Use the F4 Help to select the user group you require.
- This lets you define the login user group that is assigned in the ERP backend system.
- Ideally, all externalMultichannel Foundation users should have a different login user group to the internalusers. This simplifies the identification of external users and allows granular authorization settings.
- If external users are allowed to create other users, then they must have the authorization to create a user in the backend as well.
- It is therefore highly recommend that you restrict this authorization to a particular login group.
- Security Policy: Depending on the availability of the NetWeaver release, you can define a value for a security policy for a user in the ERP backend system.
- Standard Role: Use the F4 Help to select the role you require.
- Define a user role in the ERP backend system that is assigned to the user (see Prerequisites, number 6), regardless of the privileges defined in Customizing.
- It is recommended that you use this role to define the minimum authorizations that a user should have (for example, login to the portal/ change password, and so on), and that an external user with administrator authorization is not permitted to remove.
- Note: You can assign multiple user groups per user category. For example, you may want to define user groups that can create users, and non-administrators that cannot create users. In this case, the gateway reference user should be different, as the creation of users also requires user creation authorizations on the gateway server.
- Save your entries
- Define User Privileges:
- In the Dialog Structure, double-click User Group Privileges.
- Click New Entries.
- In the field User Privilege ID, enter the name your require.
- In the User Group Privileges section, in the field Role, select a role that you already defined (see Prerequisites, number 6).
- In User Privilege Description, give the user group privilege a meaningful name.
- Save your entries
- Assign User Privileges to Group
- In the Dialog Structure, double-click Assign User Group and Privileges.
- Click New Entries.
- From the fields User Group ID and User Privilege ID, select the user group and user privilege that you wish to assign.
- Save your entries.
Note that you must create the users using either the function module FMCA_MC_USER_CREATE1 or the OData service call that is included in ERP_FMCA_MC.
The function module FMCA_MC_USER_CREATE1 has an optional parameter called IV_USER_ROLE_ASSIGN. If this parameter is set to X, all roles that are linked to the selected user group will automatically be assigned.
Maintain the backend user privileges using the function module FMCA_MC_USER_ROLE_MAINTAIN or the OData service call that is included in ERP_FMCA_MC.
General Data in Customer Master RFUMSV00 - Advance Return for Tax on Sales/Purchases
This documentation is copyright by SAP AG.
Length: 8287 Date: 20240523 Time: 185458 sap01-206 ( 103 ms )