We have BI 4.0 SP5 Patch level 6 working with SAP BW as the data source. We are using SSO with BW and users will login to BOBJ using SAP BW user name and password. We have imported the users in to BOBJ and assigned them to BOBJ groups to manage folder level and tool level security. I was thinking to assign the users into PFCG roles in BW rather than assigning them to BOBJ groups directly. Then we can assign the PFCg roles to BOBJ group. This way BASIS team can manage day to day security within BW it self. When a new user added they have to just assign the PFCG roles required to access BOBJ. Then automatically they will get the required rights in BOBJ. Has any one tried this approach or see any problems with this ?