Skip to Content
author's profile photo Former Member
Former Member

BEx Authorization for Users

Hi,

What are the steps or how can I give authorization to users for BEx? The problem is I am having several clients in one system and I want to limit the queries they can view/edit/create based on the infocube or multiprovider or DSO they are using.

Users should be able to:

CREATE The queries only used for the infocubes/ multiprovider / DSO

VIEW the queries only used for the infocubes/ multiprovider / DSO

EDIT the queries only used for the infocubes/ multiprovider / DSO

I want them to have authorization on creating queries using the query designer but using only certain infocubes.

CREATE The workbook only used for the infocubes/ multiprovider / DSO

VIEW the workbook only used for the infocubes/ multiprovider / DSO

EDIT the workbook only used for the infocubes/ multiprovider / DSO

Also, if I limit them on specific queries, the problem there is what if they created another new query, they will not be able to see it since it is not indicated in the authorization.

And, it would be better if they can have access to a certain role exclusive for them. so they can easily access the queries without searching it in analyzer or query designer.

Thanks!

Add a comment
10|10000 characters needed characters exceeded

Related questions

2 Answers

  • Posted on Nov 20, 2014 at 01:05 PM

    Hi Anne,

    Create authorization (RSECADMIN) to limit an access to specific values of characteristics. Eg. 0comp_code = 1000 and 0bus_area = 0001.

    Create role (PFCG) to restrict on infoproviders, workbooks, level of access (create,view,edit, etc).

    Combinations of them give authorizations you can give to users.

    There are some documents on SCN how to do it step by step.

    Regards, Leszek

    Add a comment
    10|10000 characters needed characters exceeded

    • Hi,

      All in all I wouldn't restrict user's access on workbook/query level.

      Imagine, each time a new workbook/query is made the role should be modified. In the system I work on there are approx. 180 reports (workbooks/queries). Horrible !

      You'd better create a system of roles which restrict access of groups of users to groups of reports.

      Regards, Leszek

  • author's profile photo Former Member
    Former Member
    Posted on Dec 04, 2014 at 12:30 PM

    Hi,

    For provided your desired authorizations on Queries you can create a role which contains authorization object:

    S_RS_COMP

    and S_RS_COMP1

    using the activity field you can decide which role should have create/change/display authorizations. there is also an option of providing the info provider name on which you want to provide the authorizations.

    For workbook authorizations, you should check below link.

    http://scn.sap.com/docs/DOC-47244

    it is a nice document and should help you.

    Regards,
    Subhendu

    Add a comment
    10|10000 characters needed characters exceeded

Before answering

You should only submit an answer when you are proposing a solution to the poster's problem. If you want the poster to clarify the question or provide more information, please leave a comment instead, requesting additional details. When answering, please include specifics, such as step-by-step instructions, context for the solution, and links to useful resources. Also, please make sure that you answer complies with our Rules of Engagement.
You must be Logged in to submit an answer.

Up to 10 attachments (including images) can be used with a maximum of 1.0 MB each and 10.5 MB total.