cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Authorization Issue with navigational attribute..

Former Member

on ‎06-15-2015 10:33 AM

0 Kudos

Dear Experts,

    I am stuck with Navigational attribute authorization.

I have created a custom master Info object ZSPOKE.

Now this has 2 navigational attribute ZZONE and ZHUB.

I have checked all the authorization related settings but still this not working.

               ZONE               HUB               SPOKE

              Delhi                 Delhi                Delhi

              Delhi                 Delhi                Mayapuri         

        

              Delhi                 Gurgaon           Faridabad


              Delhi                 Gurgaon           Ghaziabad

              Delhi                 Jaipur               Bhilwara

              Delhi                 Jaipur               Kota

The above mentioned is the example of the Zone - Hub - Spoke levels.

I need to authorize user based on HUB or Spoke or even on Zone level.

Please advice.

Thanks,

Sanjana.

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (6)

Answers (6)

Former Member
‎06-24-2015 11:12 AM
0 Kudos

Hi,

Kindly suggest.

Show replies
Show replies
Former Member
‎06-23-2015 12:38 PM
0 Kudos

Hi,

    I have tried the same in many different ways,But no success.

When I add SAP_ALL profile , then only report is showing data. All data is appearing.

Please advice.

Thanks,

Sanjana.

Show replies
Show replies
Former Member
‎06-23-2015 3:41 PM
0 Kudos

Hi,

Can you again generate the authorization role for the user in SU01.

Double click on the Role containing the authorization.

Once you get the authorization , You can generate it using the "Generate" button (button with circle).

Please then check the issue again.

Regards,

Amit

Former Member
‎06-23-2015 7:46 PM
0 Kudos

Hi Amit,

     I have created a test user USER1. I have not assigned profile SAP_ALL

I have checked the report after assigning 0BI_ALL , this time report is appearing will all the SPOKE  , ZONE  and HUB without any issue.

     Now I simply copied copied the 0BI_ALL to another object ZBI_ALL. This time also ran the report successfully.

      With ZBI_ALL , I maintained the value for SPOKE e.g Delhi , Again I have received No authorization. I don't know , what is happening .

Please suggest.

Thanks,

Sanjana.

sapna_jgurudutt
Active Contributor
‎06-15-2015 12:17 PM
0 Kudos

Hi Sanjana,

Can you please clarify regarding whether any error message is occurring while doing this

which I asked in my previous reply here.

Also, can you please refer the following SAP KBA Note and check whether it helps you:

1953967 - BW Analysis Authorization for Navigation Attribute in Query Based on InfoSet

Thanks & Regards

Sapna

Show replies
Show replies
Former Member
‎06-15-2015 12:32 PM
0 Kudos

Hi Sapna,

    

     When I run the query , I am getting no authorization .

Thanks,

Sanjana

sapna_jgurudutt
Active Contributor
‎06-15-2015 12:40 PM
0 Kudos

Hi Sanjana,

Can you please clarify regarding what did you mean by mentioning 'no authorization' here as it is not clear.

Can you please clarify regarding whether there is any error message occurring relevant to

authorization when running the query.

Also, can you please refer the following SAP KBA Note (which I mentioned in my previous reply here) and check whether it helps you:
1953967 - BW Analysis Authorization for Navigation Attribute in Query Based on InfoSet

Thanks & Regards

Sapna

Former Member
‎06-15-2015 12:40 PM
0 Kudos

Hi Sanjana,

You can check the below note and also the reply which I posted above which will help you for your issue to find out where authorization is missing.

1904962 - How to Analyze a "No Authorization" or Showing Too Much Data Issue

with BW Analysis Authorization

"1951019 - Navigation Attribute and Display Attribute for BW Analysis Authorization

Also you can check below SCN document to check what authorizations are assigned to the user.

Following which you can adjust your authorization.

http://scn.sap.com/docs/DOC-59028

Regards,

Amit

Former Member
‎06-15-2015 1:13 PM
0 Kudos

Hi Amit,

   I have checke the link provided by you, http://scn.sap.com/docs/DOC-59028

But at final , I found

List Is Empty:

There Are No Characteristics That Have to Be Checked in Detail

That means Its is not checking the authorization objects while running the query.

But I have made all the settings perfectly.

Please advice.

Thanks,

Sanjana

sapna_jgurudutt
Active Contributor
‎06-15-2015 1:29 PM
0 Kudos

Hi Sanjana,

With regard to  message "There Are No Characteristics That Have to Be Checked in Detail", can you please check the following:

"Can you please clarify regarding whether your user have authorization?  If yes, they will be

removed from the list and then do not need to be checked."

Can you please refer the following SAP KBA Notes and check whether it helps you:

1736473 - Usage of authorization variables results in "no authorization" when multi-dimensional auths are assigned

2029766 - Authorization variables are not filled correctly when executing query-views

Thanks & Regards,

Sapna

cornelia_lezoch
Active Contributor
‎06-15-2015 2:38 PM
0 Kudos

please show the settings you made in info objects as screenshots

please show the definition of analysis authorization object as screenshot

please check that role, which inlcudes analysis auth object is matched to your user ID

regards

Cornelia

Former Member
‎06-17-2015 6:34 AM
0 Kudos

Hi  Cornelia,

       Please check the screenshots,

Also I have checked the Authorization relavant field checked for all the 3 info objects ( SPOKE, HUB and ZONE ).

Thanks ,

Sanjana

abdullahqureshi
Contributor
‎06-17-2015 9:07 AM
0 Kudos

Hi Sanjana,

This is the setting you made only for authorization relevant of info object.

Also you need to do following steps :

1. Create Analysis authorization object.

2. Create the role and use this query here and use this Analysis authorization object. And user also there. Also depends on how you creating the role single or composite?

3. In query create one mandatory variable on ZSPOKE also.

Also you can search the docs for detail. Out of them one is below :

http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/659fa0a2-0a01-0010-b39c-8f92b19fb...

Regards,

Abdullah

Former Member
‎06-17-2015 12:18 PM
0 Kudos

Hi Abdullah,

     I have made the setting for authorization relevant object. Along with this I also have created the Analysis authorization Object ( through t-code RSECADMIN ) ,  role.

      But I don't understand creation of mandatory variable on ZSPOKE.

Note : ZSPOKE is the main info-object. ZHUB and ZZONE are the two navigational attribute. I have made  the setting for authorization relevant object for all the 3 info objects ( means ZSpoke , ZHub and ZZone ). Is this right ??

Please advice.

Thanks,

Sanjana.

abdullahqureshi
Contributor
‎06-17-2015 12:45 PM
0 Kudos

Hi Sanjana,

Here I want to correct one point is variable can be optional but it should be Process as 'Authorization'.

It is for allowing the user to give the values. If user entered correctly then it will show the report otherwise will give the error of authorization. It means that user is not authorized for values entered.

Please have a look this below doc :

http://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/c0b7acf2-6121-2e10-5591-eaec182d9315?overridelayout=true&50452981137364

Regards,

Abdullah

Former Member
‎06-17-2015 1:32 PM
0 Kudos

Hi Abdullah,

   Let me check , I will update the same.

Thanks,

Sanjana.

cornelia_lezoch
Active Contributor
‎06-17-2015 4:19 PM
0 Kudos

Hi Sanjana,

if you made all 3 objects as authorization relevant,

you need to include all3 of them into one analysis authoriation object.

Which values did you maintain there?

Did you include the correect cube or multi provider into this analysis auth object?

in the query definition it depends a bit on the given auth values, whether you need variables or not.

usually it makes sense to use the variables, but if an object is not used in the query and you gave the : auth, you don´t need the variable.

Also for users with * auth you don´t need the variables.

could you simplify your problem, create a very easy query that inlcudes only the three objetcs and one key figure

then make a fixed selection for values which are included in the auth object

then check that this query rund correctly.

If this is the case, you know that the auth object and everythin around is created correctly.

afterwards you can create more complicated queries and then figure out which auth values need to be given.

regards

Cornelia

Former Member
‎06-15-2015 11:59 AM
0 Kudos

Hi Sanjana,

As you are having some issue in correctly setting authorizations for navigational attribute.

You should check below SAP note which can help you on your issue.

1951019 - Navigation Attribute and Display Attribute for BW Analysis Authorization

Also you can check below SCN document to check what authorizations are assigned to the user.

Following which you can adjust your authorization.

http://scn.sap.com/docs/DOC-59028

Regards,

Amit

Show replies
Show replies
abdullahqureshi
Contributor
‎06-15-2015 11:49 AM
0 Kudos

Hi Sanjana,

Just check out have you assigned AA object to correct role & run the user comparison?

Regards,

Abdullah

Show replies
Show replies
sapna_jgurudutt
Active Contributor
‎06-15-2015 11:30 AM
0 Kudos

Hi Sanjana,

Can you please clarify regarding whether any error message is occurring while doing this.

Thanks & Regards

Sapna

Show replies
Show replies
Ask a Question