Identity ManagementIdentity Management for System LandscapesSAP NetWeaver Identity ManagementIntegration of User Management in Your System LandscapeAdding an ABAP System to Your System LandscapeAdding an AS Java System to Your System LandscapeAdministration of User DataIntegrated Role and User AdministrationUsing ABAP-Centered Role AdministrationUsing Portal-Centered Role AdministrationUsing ABAP-Centered Role AssignmentUsing the Portal-Centered Role AssignmentUser and Role Administration of AS ABAPAS ABAP Authorization ConceptOrganizing Authorization AdministrationAssigning AuthorizationsFrom the Programmed Authorization Check to a RoleEditing Authorization Default Data (Development System)Editing Authorization Default Data (Customer System)Maintaining Authorizations in SAP Example RolesMaintaining Authorizations in Roles for Productive UseTrace for Authorization ChecksMaintaining Authorization Default Values Using Trace EvaluationMaintaining Authorization Fields Using Trace Evaluation in TransMaintaining Role Menus Using Trace Evaluation in Transaction PFCUsing the System Trace to Record Authorization Checks (TransactiGlossaryConfiguration of User and Role AdministrationFirst Installation ProcedureSetting Up User and Authorization AdministratorsConfiguring User Group as Required for User Master RecordsInteraction of Required User Groups and Central User AdministratEnabling Movement Activity for S_USER_GRPSetting Up the Role Administration ToolDefining the Scope of Authorization ChecksPreparatory StepsGlobally Deactivating Authorization ChecksReducing Authorization Checks in ApplicationsSearching for Deactivated Authority ChecksEditing Templates for General AuthorizationsCheck IndicatorsLogon and Password Security in the ABAP-SystemPassword RulesProfile Parameters for Logon and Password (Login Parameters)Customizing Switches for Generated PasswordsRules for User NamesProtecting Special UsersSecuring User SAP* Against MisuseSecuring User DDIC Against MisuseSecurity in System GroupsRole AdministrationRole Administration FunctionsChanging Standard RolesCreating Single RolesRole MenuMerge Function for the Authorization Data of PFCG RolesEditing Predefined AuthorizationsSymbols and Status Text in Authorization AdministrationCopying Authorizations From TemplatesAssigning UsersAssign MiniAppsPersonalization Tab PageCreating Derived Roles and Copying AuthorizationsAuthorization Checks when Adjusting Derived RolesComparing and Adjusting Role MenusCreating Composite RolesGenerating Authorization ProfilesRegenerate the Authorization Profile Following ChangesPerforming a Mass Generation of ProfilesTransporting Authorization ComponentsTransporting and Distributing RolesTransporting Manually-Created ProfilesTransporting Manually-Created AuthorizationsTransporting Check Indicators and Field ValuesLoading or Storing Check Indicators and Authorization Default VaTransporting TemplatesAnalyzing Authorization ChecksAnalyzing Authorizations using the System TraceAuthorization Error Analysis FunctionsIndirect Role Assignment Using Organizational Management (OM)Assigning a Role IndirectlyIndirect Role Assignment in a System LandscapeDistribution of the Organizational Management ModelCreating an Organizational Management Distribution Model in theGenerating Partner Profiles of the OM Distribution ModelCreating an Outbound Filter with Customer ExitActivating Change PointersWriting Change Pointers for Infotype 0105Distributing the Organizational Management Model (Initial DistriDistributing Changes to the Organizational Management ModelCentral User AdministrationSetting Up Central User AdministrationCreating an Administration UserSetting Up Logical SystemsDefining/Setting Up a Logical SystemAssigning a Logical System to a ClientSystem Users and RFC DestinationsDefining Authorizations for System UsersDetermining Existing RFC Destinations and System UsersCreating System UsersCreating an RFC Destination for the Target SystemSystem Users and RFC Destinations with Trusted SystemsCreating RFC Destinations for the Target System with a Trusted SAdvantages and Disadvantages of Trusted RFC DestinationsCreating the Central User AdministrationSetting Up Field Distribution ParametersSynchronizing and Distributing Company AddressesSynchronizing User GroupsTransferring Users from New SystemsDisplaying and Processing Distribution LogsError AnalysisChecking the Setup of Central User AdministrationAvoiding Termination when Saving the System LandscapeCreating an ALE Model Including Partner Profiles ManuallyCreating the ALE Distribution ModelGenerating Partner ProfilesChecking Partner ProfilesCorrecting Errors in Partner ProfilesDistributing the Model ViewOther Error SourcesActivated Background ProcessingChanging Partner Profiles with Active Background ProcessingCreating a Background UserRemoving Central User AdministrationRemoving a Child System from Central User AdministrationRemoving Central User Administration CompletelyGlossaryApplication Link Enabling (ALE)ALE LandscapeALE Integrated SystemUser Master RecordAuthorizationAuthorization ProfileBackground ProcessingIDocSystem UserLogical SystemPartner ProfileProfileProfile GeneratorRemote Function Call (RFC)RoleChild SystemDistribution ModelCentral User Administration (CUA)Central SystemCentral Repository for Personalization DataUse of the Generic RepositoryImplementing a DialogIntegrating External TablesRegistering Personalization ObjectsDirectory ServicesLDAP ConnectorMaintaining the Directory ServerConfiguring the LDAP ConnectorConfiguring Connection Data for the Directory ServiceDefining the System User of the Directory ServiceLDAP Connector InterfaceLogging On to the Directory ServiceCalling LDAP Protocol FunctionsSynchronization of SAP User Administration with an LDAP-CompatibMapping SAP Data Fields to Directory AttributesMapping and Synchronization ProcessSchema ExtensionGenerating a Schema ExtensionMapping SAP Data Fields to Directory AttributesMapping with a Function Module (Linking Type)Mapping Indicator Versus Synchronization IndicatorSetting Mapping IndicatorsSetting Synchronization IndicatorsPreparing and Starting SynchronizationSynchronization Report RSLDAPSYNC_USER: ExamplesAdministering the Synchronization LogUpgrade ProcedureSource Release with the Profile Generator (> SAP R/3 3.0F)Migrate Report TreesComparing Check Indicators/Field Values After UpgradeGenerated Role SAP_NEWAdministration of Users and RolesUser AdministrationUser Administration FunctionsCreating and Editing User Master RecordsLogon Data Tab PagePassword StatusSNC Tab PageRoles Tab PageProfiles TabGroups Tab PagePersonalization Tab PageLicence Data Tab PageCopying UsersPersonalizing User or RoleChanging the Standard Company AddressAssigning RolesAssign a Standard Role to a UserMass ChangesLogging Off Inactive UsersEditing User Defaults and OptionsComparing User Master RecordsCreating and Editing Internet UsersOperating Central User AdministrationUser Administration with Active Central User AdministrationAssigning Passwords with Active Central User AdministrationSending User Master Data to a Child SystemPerforming a Text Comparison with Target System SpecificationUser Information SystemDetermining Users with the Users NodeDetermining Cross-System InformationUsers by Complex Selection Criteria (RSUSR002)By Critical Combinations of Authorizations at Transaction StartBy Logon Date and Password Change (RSUSR200)With Critical Authorizations (RSUSR009)With Critical Authorizations (New Version, RSUSR008_009_NEW)Determining Roles, Profiles, Authorizations, and Authorization ODetermining Transactions (RSUSR010)Comparing Cross-System Users, Authorizations, Roles, and ProfileCreating Where-Used Lists for Roles (RSUSR002)Creating Where-Used Lists for Profiles (RSUSR002)Creating Where-Used Lists for Authorizations (RSUSR002)Creating Where-Used Lists for Authorization Values (RSUSR002)Creating Where-Used Lists for Authorization Objects (RSUSR002)Determining Change DocumentsCreating a User-Specific Result ListTroubleshootingCleaning Up User TablesReference Documentation for User and Role AdministrationAuthorization Objects Checked in Role AdministrationRole Administration: ExampleRole Administration: Tips and TricksCreating RolesOrganization without the Profile GeneratorCreating and Maintaining Authorizations/Profiles ManuallyLine-oriented AuthorizationsAdministration TasksMaintaining Authorization ProfilesSimple and Composite ProfilesDefining Profiles and AuthorizationsAlternative AuthorizationsChoosing Authorization ObjectsMaintaining Composite ProfilesActivate profilesNaming Convention for Predefined ProfilesMaintaining AuthorizationsCreating and Maintaining AuthorizationsEntering ValuesActivating AuthorizationsNaming Convention for SAP AuthorizationsSpecial Authorizations Requiring Protective MeasuresAuthorization Profile SAP_ALLGenerated Role SAP_APPDeveloper Documentation for User and Role AdministrationAuthorization ChecksAuthorization Checks in Your Own DevelopmentsCreating Authorization FieldsAssigning an Authorization Object to an Object ClassProgramming Authorization ChecksTransporting Authorization Objects and ClassesUser Management of the Application Server JavaUser Management EngineAuthorization Concept of the AS JavaConfiguring User ManagementUME Data SourcesSelecting the UME Data SourceDatabase Only as Data SourceLDAP Directory as Data SourceOrganization of Users and Groups in LDAP DirectoryConfiguring the UME to Use an LDAP Directory as Data SourceConfiguring High Availability of the LDAP Data SourceUME LDAP Configuration ToolConfiguring the UME Offline to Use an LDAP DirectoryCustomizing a UME Data Source ConfigurationAccessing Data Source Configuration Files OfflineAccessing Data Source Configuration Files OnlineData Source TypesHome Data SourceData Partitioning ScenariosNamespacesStructure of a Data Source Configuration File<dataSources><homeFor> and <notHomeFor><responsibleFor> and <notResponsibleFor><attributeMapping><privateSection>Examples of Data Source Configuration FilesExample: Attribute Mapping for Client CertificatesExample: Attribute Mapping for Custom AttributesExample: Configuration of Multiple LDAP Data SourcesExample: Type-Based Data PartitioningExample: User-Based Data PartitioningExample: Attribute-Based Data PartitioningExample: Multiple Object Classes for a Principal TypeExample: Negative User FilterExample: Self-Managed PasswordsUser Management of Application Server ABAP as Data SourceConstraints for UME with ABAP Data SourceConstraints for the UME and Central User AdministrationData Source Configuration FilesConfiguring the UME to Use an AS ABAP as Data SourceChanging the AS ABAP Back-End System for the UMEChanging the ABAP Client for the UME After a Client CopyChanging the Password of the User for UME-ABAP CommunicationRequirements for the System User for UME-ABAP CommunicationOffline Configuration of the UME for AS ABAPEditing UME PropertiesConfiguring the Security Policy for User ID and PasswordsIntegration of the UME Security Policy With External Data SourceDefault Security Policy ProfilesNotification by E-MailConfiguring E-Mail NotificationChanging the Texts of Notification E-MailsConfiguring Self-RegistrationConfiguring Self-ManagementEnabling Users to Reset Their Own PasswordConfiguring Logon HelpConfiguring Legacy Logon HelpConfiguring the Logon ScreenConfiguring Delegated User Administration Using CompaniesConfiguring CompaniesUsing a Trading Partner Directory Implementation for CompaniesTypes of User AdministratorCompaniesCompany GroupCompanies and Self-Registration with ApprovalConfiguring Virtual GroupsAllowing Users to View the Contact Information of Other UsersAdding Custom Attributes to the User ProfileAdditional Configuration OptionsConfiguring Users' Display NameConfiguring Groups' Name, Display Name, and DescriptionConfiguring Simple SearchConfiguring Search Options for the UMEConfiguring the List of Available LanguagesConfiguring E-Mail SignaturesEnabling E-Mail SignaturesCreating and Modifying Corporate SignaturesCreating and Modifying Personalized SignaturesDefining a Pattern for User E-Mail AddressesOptimizing Performance With the UME CacheAdministration of Users and RolesIdentity ManagementIntegration of UME Roles with ABAP RolesUME GroupsDefault GroupsUser ProfileManaging Users, Groups, and RolesAssigning Principals to Roles or GroupsPassword ManagementLocking or Unlocking UsersApproving or Rejecting UsersCreating a Technical UserSelf-RegistrationMoving a User to Another CompanyMaintaining the User's Certificate InformationExporting User Management DataImporting User Management DataMonitoring the Performance of the UME Cache
AS Java User Management Using the Visual AdministratorManaging ResourcesTroubleshootingActivating the Emergency UserModifying the Default Administrator UserLogging and TracingDirectory Server Access LogDirectory Server Connection Pool LogChecking the Consistency of Entries in the UME DatabaseRepairing Inconsistencies of Entries in the UME DatabaseRefreshing the User Caches of the AS JavaDownloading the UME ConfigurationReference Documentation for User ManagementLogical AttributesStandard UME ActionsStandard UME RolesUME PropertiesSAP* SuperuserUME Properties for Default GroupsData SourceUME Properties for an AS ABAP Data SourceUME Properties for LDAP Directory Data SourceUME Properties for LDAP Directory: Connection PoolingUME Properties for Logon FunctionsLogon TicketLogoffUser MappingUME Properties for AdministrationUME Properties for the Security PolicyUME Properties for E-Mail NotificationUME Properties for CompaniesUME Properties for UsersUME Properties of the Security Audit LogSimple SearchUME Properties for Virtual GroupsUME CacheImport Format for UME PrincipalsUser Data Import FormatGroup Data Import FormatRole Data Import FormatAdditional User Stores of the AS JavaDeveloper Documentation for User Management