Skip to Content

Roles suggestion!

Hi,

Need real help as its tricky. I do not have access to RSECADMIN or even BI Channel.

We have to implement hierarchy node authorizations for 2 new plants.

There are 2 hierarchies. Each hierarchy got 10 nodes and hence 10 roles.

One hierarchy has 2 divisions. Hence total no.of roles would be 30 for all these.

Now coming to my issue:

Below is the current structure for an existing single plant value authorization

Users view the reports in portal (BI Channel).

Portal has 6 sections/categories/tabs AB, CV, PD, HP, HQ, BE

Hence currently users got 6 composite roles created for these with different analysis objects and RRMX read/write roles.

Each composite role consists of one analysis object role, one RRMX read role, one RRMX write role. Hence total single roles are 18!

Question: If this is the case, how can I do it for nodes?

For each tab/category above, and for a single hierarchy of one division, it would be 10 composite roles as there are 10 unique nodes/values.

This means total of 30 single roles for a tab. For all tabs, this mean total of 60 composite roles and 180 single roles!

If this is the case, for other division of same hierarchy and second hierarchy, this would mean total 180 composite roles and 540 single roles!

Am convinced this is not correct.

Can I try avoiding the RRMX read/write separately for each?

Add a comment
10|10000 characters needed characters exceeded

Related questions

4 Answers

  • Posted on Jan 09, 2014 at 03:16 PM

    Can some one help please?

    This is related to the portal roles to BI roles also I guess.

    Portal has these 6 tabs as below:

    | AB | CV | PD | HP | HQ | BE |

    Should I create 7 X 3 = 21 composite roles for each of these tabs?

    Add a comment
    10|10000 characters needed characters exceeded

  • Posted on Jan 08, 2014 at 06:09 PM

    This message was moderated.

    Add a comment
    10|10000 characters needed characters exceeded

  • Posted on Jan 08, 2014 at 09:26 PM

    Hi

    Not sure if I fully understand your authrouization requirements here. For sure you need for each node an auth object and then add that to a role. The question is where you maintain the hierarchy and if you can apply the best practices that for example works in cost center reporting. Generating Users and Profiles (SAP Library)

    hope that helps

    Martin

    Add a comment
    10|10000 characters needed characters exceeded

    • Hi Martin,

      Please check the below response where in I attached my 2 hierarchies.

      Am clear that we need to create 7 roles for each hierarchy here, which means 21 roles.

      But my question is related to the additional roles that are created for each tab in portal.


      Issue:

      Below is the current structure for an existing single plant value authorization

      Users view the reports in portal (BI Channel).

      Portal has 6 sections/categories/tabs AB, CV, PD, HP, HQ, BE

      Hence currently users got 6 composite roles created for these with different analysis objects and RRMX read/write roles.

      Each composite role consists of one analysis object role, one RRMX read role, one RRMX write role. Hence total single roles are 18!

      Question: If this is the case for existing plant value authorization, how can I do it for current nodes?

      For each tab/category above, and for a single hierarchy of one division, it would be 7 composite roles as there are 7 unique nodes/values. This means total of 7 composite roles for a tab. For all tabs, this mean total of 42 composite roles and 126 single roles!

      If this is the case, for other 2 pictures below, this would mean total 126 composite roles and 378 single roles!

      Am convinced this is not correct.

      Can I try avoiding the RRMX read/write separately for each composite role separately?

  • Posted on Jan 09, 2014 at 02:26 AM

    Hi Martin,

    These 2 hierarchies are being maintained in custom infoobject ZCUSTSAL.

    HIER A DIV 00

    HIER A DIV 02

    HIER B DIV 00


    Add a comment
    10|10000 characters needed characters exceeded

Before answering

You should only submit an answer when you are proposing a solution to the poster's problem. If you want the poster to clarify the question or provide more information, please leave a comment instead, requesting additional details. When answering, please include specifics, such as step-by-step instructions, context for the solution, and links to useful resources. Also, please make sure that you answer complies with our Rules of Engagement.
You must be Logged in to submit an answer.

Up to 10 attachments (including images) can be used with a maximum of 1.0 MB each and 10.5 MB total.