Dialog Users

Each dialog user role has authorizations for multiple components of SAP NetWeaver usage type PI. The roles contain task-specific authorizations and they all contain at least display authorizations in all PI components. They are described in more detail in the following.

The following dialog user roles are provided:

• SAP_XI_DISPLAY_USER

  The display user is able to display the entire content of the Enterprise Services Repository, the Integration Directory, the System Landscape Directory (SLD), the Integration Engine/Server, and so on.

• SAP_XI_SUPPORT

  The support role provides all display rights of SAP_XI_DISPLAY_USER plus additional read-only access rights to specific AS Java administration pages on the Integration Server.

  This role is required for SAP support using Solution Manager Diagnostics (SMD).

• SAP_XI_DEVELOPER

  The developer is responsible for all activities within PI that affect the design and development of integration processes.

  In particular, this means the design of scenarios, interfaces, and mappings in the Enterprise Services Repository. The tasks of a PI developer also include generating proxies (ABAP and Java) and implementing them in the associated business systems.

• SAP_XI_CONFIGURATOR

  The configurator is responsible for all activities within PI that affect the configuration of integration processes (integration content).

  In particular, this means

  • The settings for logical routing, mapping, and technical routing in the Integration Directory

  • The maintenance of the SLD

  • The maintenance of the configuration data for the IDoc adapter (metadata on the ABAP side)

  • The configuration settings of the Adapter Engine

• SAP_XI_CONTENT_ORGANIZER

  The content organizer is responsible for activities within PI that affect the organization and structuring of the contents of the SLD. More precisely, this means maintaining and importing software components in the SLD.

  These are tasks that are usually not performed by a developer or a configurator.

• SAP_XI_MONITOR

  The monitor is responsible for all activities within PI that affect monitoring.

  In particular, this means

  • Monitoring XML message processing and message throughput

  • Troubleshooting and status tracking of XML messages

  • Monitoring the processed IDocs and RFCs in the corresponding adapters (on the ABAP side)

  • Monitoring the messages sent or received by the Marketplace adapter

  By using the authorization object S_XMB_MONI, you can grant authorizations for monitoring depending on party, communication component, and interface. For more information, refer to the documentation for this authorization object.

• SAP_XI_MONITOR_ENHANCED

  In addition to the activities of SAP_XI_MONITOR, this role enables you to edit the payload of a message.

• SAP_XI_ADMINISTRATOR

  The administrator is responsible for all activities that affect the technical configuration and administration of the individual PI components.

  The administrator is also responsible for maintaining the data in the exchange profile.

• SAP_SLD_ADMINISTRATOR

  The SLD administrator is responsible for all activities that affect the administration of the SLD.

• SAP_SLD_CONFIGURATOR

  The SLD configurator is responsible for all activities that affect the configuration of the SLD.

These roles are equipped with role menus, which are available and displayed as user menus on the initial SAP Easy Access screen.

The users entered in AS ABAP are automatically available in AS Java for logging on to the Enterprise Services Builder, Integration Builder, SLD, Runtime Workbench, and Marketplace adapter. This means that user authentication takes place In AS ABAP.

After installing AS ABAP, the roles are also automatically available in AS Java. Here they appear in the form of User Groups on the administration user interface. The authorizations required for the Java components (security roles) are assigned during deployment.