Managing Users, Groups, and Roles 
Use
This function enables you to create, modify, and delete users, groups, and roles. This enables you to define these objects so you can then group them according to your access management strategy.
Prerequisites
To manage users, groups, or roles, you must be assigned a role that includes the relevant actions. For example, to view users, you must have the right to manage users. Standard roles may include such actions. The UME role Administrator includes all necessary actions. By default, administrator roles are only assigned to administrators.
Actions Required to Manage Objects
To Manage |
Actions Required (Any One Action) |
All objects (users, groups, and roles) |
UME Manage_All |
All objects (read-only) |
UME Read_All |
Roles |
UME Manage_Roles |
Groups |
UME Manage_Groups |
Users (all companies) |
UME Manage_All_Companies |
Users (own company) |
UME Manage_Users |
Your own password |
UME Manage_My_Password |
Your own Profile |
UME Manage_My_Profile |
See also:
Features
Integration with ABAP user management
If your system is
configured to use ABAP user management, PFCG roles from the ABAP system are
displayed as groups in the user administration console. You cannot change or
delete these groups using the J2EE Engine tools. The only possible action is
to assign UME and security roles to them. You can create new
groups, which are then stored in the J2EE Engine database and are not created
as PFCG roles in the ABAP system. For more information, see 
AS for ABAP User
Management as Data Source.
Activities
In the user administration console, you can perform the following activities:
Activity |
How to Perform the Activity |
Search for a user, group, or role (simple search) |
... 1. In the search area, choose the type of object you are looking for: user, group, or role. 2. Optionally enter a string to search for. The search function searches for this string in the user ID (users only) and name. Use the asterisk (*) as a wildcard. If you do not enter any text, the search function will return a list of all users, groups, or roles, depending on the object you chose. 3. Choose Go. A list of search results appears in the search view. |
Search for a user (advanced search) |
... 1. In the search area, choose User as the type of object you are looking for. 2. Choose Advanced Search. 3. Enter your search criteria in the required fields in the various tabs. 4. Choose Search. A list of search results appears in the search view.
|
View detailed information on a user, group, or role |
In the search results list, select the user, group, or role. The detailed information appears in the details view below.
|
Create new user, group, or role |
1. In the search area, choose the type of object you wish to create. 2. Choose Create. 3. Enter data as required in the details view. |
Copy an existing user |
In the search results list, select the user you want to copy. ... 1. Choose Copy to New. 2. Enter a logon ID and define a password. 3. Choose Save. |
Change existing user, group, or role |
... 1. In the search results list, select the user, group, or role you want to change. 2. Choose Modify. 3. Change the data as required. 4. Choose Save. |
Delete a user, group, or role |
... 1. In the search results list, select the user, group, or role that you want to delete. 2. Choose Delete. If you are deleting a user, you are prompted to write a reason for deleting the user. This text is sent to the user in a notification e-mail, if you enabled notification e-mails.
|
Lock or unlock a user |
See Locking or Unlocking Users
|
Approve or reject a user |
|
Reset user passwords |
See Password Management. |
Automatically generate a new password for a user |
See Password Management. |
Assign a user to a group or a role |