on 08-19-2013 12:30 PM
Hi Experts,
We are on BI 7.0 and BO 4.0 , we are implementing authorizations in our BI system. We make authorization for below objects.
Company Code
Plan
Sales Group
Sales District
We have created roles and assigned one role a one user for testing, but ! as per the role, the user is not restricted the data. He is getting all the data irrespective above objects.
Is there anything we missed out ?, i check the user doesn't have other profiles other than the one role.
i think there is something, please any tips ? Let me have if any good documents, i searched for documents and couldn't find proper document for complete cycle.
Regards,
Suresh
Please follow the steps below:
1) First make all the required info-objects as Authorisation relevant.
Ensure that the corresponding attributes are also marked as authorisation relavant.
EX: 0ACCNT_ASGN and 0MAT_SALES__0ACCNT_ASGN
2) Check the fields in the DSO 0TCA_DS01 and prepare a Flat file and do the loading.
This would be useful for mass maintenance.
3) Go to RSECADMIN and do a generation by by giving 0TCA_DS01 in Flat Authorisation
Spece.
4) Now the required authorisation objects would be created by system.
Ex: ZAA_1000_V1(see screenshot)
5) Ask the basis to create a role R1 with Authoriastion object S_RS_AUTH and
add the corresponding auithorisation object(ZAA_1000_V1) created in step4.
6) Add the role R1 to a userU1.This is what needs to be done at BW side.
7) Import the roleR1 and userU1 created in step 5 and 6 to BO(using CMC).
😎 Create a connection with the userU1 created in step6 and create the webi report.
Hope this clarifies......
Br
Prabhith
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Suresh,
Are you checking data in BW or BO, if BO have you checked which type of OLAP connection you have created. It should not pre defined authentication. either use SSO or prompt. Then it should work.
Test user will see only desired data.
Regards
Shabnam
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi,
we need to assign the data for those objects in the process maintainance of objects by RSEADMIN tcode.
Thanks,
Ram
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi
Did you check the infoobjects to be "Authorization relevant"?
here is a good link to give you an overview of how it works.
http://wiki.sdn.sap.com/wiki/display/BI/Authorization+in+SAP+NW+BI
hope it helps
Martin
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
93 | |
10 | |
10 | |
9 | |
9 | |
7 | |
6 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.