Show TOC Start of Content Area

Procedure documentation Granting Initial Privileges  Locate the document in its SAP Library structure

Use

Note

These are configuration steps that you only have to take to manually configure SAP NetWeaver Development Infrastructure (NWDI) if the automatic configuration fails.

For the first authorizations, define two Access Control Lists (ACLs):

      One ACL for the root directory (“/”)

This ACL contains the basic privileges for all users (read, change, check in).

      One ACL for the system directory

This ACL grants authorizations for administrators only.

Caution

The ACL for the root directory is essential: if you grant privileges only to inferior nodes, you lock the server for all users.

Procedure

...

       1.      Start the Design Time Repository perspective. In the Repository Browser, select the root node.

Note

This node is labeled <user> on <system>.

       2.      In the context menu, choose View Permissions.

The Permissions view of folder /ws appears.

       3.      To maintain authorizations for the root directory, enter its URL:

Note

The proposed value is the URL of the root directory (http://<server>:<port>/dtr/).

The Permissions view of the root directory appears.

       4.      In the Permissions view, choose Add Principal from the context menu.

A dialog window appears.

       5.      Make the following settings:

                            a.      As the Principal Type, select ALL.

                            b.      Select the following principles:

       access

       read

                            c.      Confirm your settings with OK.

       6.      In the Repository Browser, navigate to the directory /ws/system.

       7.      In the context menu, choose View Permissions.

The Permissions view for /ws/system appears.

       8.      In the Permissions view, choose Add Principal from the context menu.

A dialog window appears.

       9.      Make the following settings:

                            a.      As the Principal Type, select ALL.

                            b.      Select the following privileges:

       access

       read

       write

                            c.      As the Privilege Type, select deny.

                            d.      Confirm your settings with OK.

   10.      Again select Add Principal.

A dialog window appears.

   11.      Make the following settings:

                            a.      As the Principal Type, select USER.

                            b.      Enter the name of the administrator.

                            c.      Select the following privileges:

       access

       read

       write

                            d.      Confirm your settings with OK.

   12.      Repeat these steps for all administrators.

   13.      To activate your changes, choose Activate all Changes. Open a browser window under the URL http://<DTR server>:<port>/dtr/sysconfig/support/AclRefresh and choose Refresh.

Emergency User Account

You have set the permissions too restrictively or made invalid specifications for users or groups when creating ACLs; as a result, you have denied access to all users or at least to yourself. This implies that you do not have the authorization to undo these changes. In this case, you can use a special user account with all rights to all resources. The default name of this user account is superadmin.

To be able to use this emergency user, in the User Management Engine, create a user superadmin in your system. You can then use this user to log on and access all resources. More information: Editing Emergency Users.

Note

You can change the name of the emergency user.

End of Content Area