Show TOC

Procedure documentationUsing Roles to Assign Required Permissions to Users Locate this document in the navigation structure

 

You assign permissions to your search users and administrators by assigning the users to the following SAP NetWeaver Enterprise Search roles:

  • Search users must be assigned to the SAP_ESH_SEARCH role.

  • Administrators must be assigned to the SAP_ESH_ADMIN role.

  • Users that are allowed to view but not edit the configuration settings for SAP NetWeaver Enterprise Search must be assigned to the SAP_ESH_SUPPORT role. The purpose of this role is to offer a support organization the possibility to investigate problems, but not allow them to change anything.

Note Note

The users are assigned to the corresponding ABAP roles during synchronization with the LDAP directory.

More information: Synchronizing the ABAP User Store and the LDAP Directory

End of the note.

Procedure

  1. In user management, choose Identity Management and search for the SAP_ESH_ADMIN role.

    Assign the users who should have access to the administration cockpit and the modeler to this role.

    1. In the list of search results, choose the SAP_ESH_ADMIN role.

    2. In the Details of the SAP_ESH_ADMIN Role area, choose Change.

    3. Choose Assigned Users or Assigned Groups.

    4. In Existing Users or Existing Groups, search for the users or groups that you want to assign to the role to assign them the authorization. Narrow down your search by using LDAP as the data source.

      You can display the details for assigned and existing users or groups. To display the details, click the name or logon ID and choose Display Details. The details appear in a new window.

    5. Select the users or groups from the search results list and choose Add.

  2. Repeat the above steps for the SAP_ESH_SEARCH role.

    Assign all users who should be able to access the Search UI to this role. Users require this role to log on to the Search UI and receive the search results that they have authorization to access (or that do not require user authorization).

  3. Repeat the above steps for the SAP_ESH_SUPPORT role.

    Assign any users who are to have read-only access to the administration cockpit and the modeler for investigating problems to this role.

For more information about authorization, see the security guide section about Authorizations.