cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Is this possible in RSECADMIN?

Loed
Active Contributor

on ‎08-26-2020 4:24 PM

0 Kudos

Hi guyz,

I would just like to check if this is possible in BW authorization? I already tried several testing but I wasn't able to achieve my desired report.

Here is my transaction data:

These are my users and I need to limit them in accessing the following:

It means that even if company code BBB and CCC has the plant Z, USER1 should only see the plant Z under company code AAA.

RESULTS:

Is there a way to achieve this?

Thank you.

Loed

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (6)

Answers (6)

FCI
Active Contributor
‎08-28-2020 4:28 PM
0 Kudos

I must admit that if I have to implement this I will serioulsy investigate the alternative solution that would be to manage a concatenation of both infoObjects into a new characteristic (company code + plant). This allowing the use of an authorization variable.

Show replies
Show replies
Loed
Active Contributor
‎08-31-2020 6:30 AM
0 Kudos

I might be needing all combinations for me to implement this concatenation since I'm using 4 authorization objects now.

Anyway, thanks for the idea Frederic. 🙂

I will also check how to implement the blog you shared.

Thank you.

Loed

FCI
Active Contributor
‎08-27-2020 4:18 PM
0 Kudos

Have you seen my previous comment ? This is what I was explaining.

But you're right, the user will be able to get the data for one combination only (selection on one company and one plant) and will send an error message if you try to display more (no authorization).
This behavior is described in note 557924 (old one and for authorization variables but whose principles are still valid and valid also for classical variables).
You can have a look to the following wiki for possible solutions : here (though I never implemented it).
Show replies
Show replies
Loed
Active Contributor
‎08-28-2020 11:55 AM
0 Kudos

Thanks for the link. But I can't find any link or documentation on how to implement it.

Do you have any idea?

Thank you.

Loed

FCI
Active Contributor
‎08-27-2020 3:16 PM
0 Kudos 
I tried it. I created 2 AAs for AAA/Z and BBB/X, but got the NO AUTHORIZATION error.
Were you able to try it on your side ?

Which filters did you use for company code and plant ?

Show replies
Show replies
Loed
Active Contributor
‎08-27-2020 3:40 PM
0 Kudos

These two(2):

AAA/Z

and

BBB/X

Thanks.

Loed

Loed
Active Contributor
‎08-27-2020 3:49 PM
0 Kudos

Here is the error log with actual values:

ZDW_BU/ZDW_CU

First AA = 00615/0247

Second AA = 00616/39

ZDW_CU 0247 is also available in 00616..But I only wanted it to be shown under ZDW_BU 00615..

FCI
Active Contributor
‎08-27-2020 12:26 PM
0 Kudos

You have to create 3 AA with both infoObjects (company and plant):

  1. AAA/Z
  2. BBB/X
  3. BBB/Z

And you have to filter on the company code and the plant at the query level.

Show replies
Show replies
FCI
Active Contributor
‎08-27-2020 2:59 PM
0 Kudos

But you're right, the user will be able to get the data for one combination only (selection on one company and one plant) and will send an error message if you try to display more (no authorization).

This behavior is described in note 557924 (old one and for authorization variables but whose principles are still valid and valid also for classical variables).

You can have a look to the following wiki for possible solutions : here (though I never implemented it).

Loed
Active Contributor
‎08-27-2020 3:14 PM
0 Kudos

Hi,

I tried it. I created 2 AAs for AAA/Z and BBB/X, but got the NO AUTHORIZATION error.

Were you able to try it on your side?

Thank you.

Loed

FCI
Active Contributor
‎08-27-2020 10:32 AM
0 Kudos

If you create an AA with both infoObjects with the values AAAA/Z and BBBB/X the user should only have access to this data (even if plant Z exist for the company BBBB.

Regards,

Frederic

Show replies
Show replies
Loed
Active Contributor
‎08-27-2020 11:18 AM
0 Kudos

Hi cincet.frdric2.

Were you able to try it on your side?

Because I tried to create 4 AAs first for AAA, BBB, X and Z. But I had the result below which is INCORRECT.

Then I tried next to create 2 AAs for AAA and Z then BBB for X, but got the NO AUTHORIZATION error.

Thank you.

Loed

FCI
Active Contributor
‎08-26-2020 4:46 PM
0 Kudos

Hi Loed,

Sure, just create an AA with both company code and plant. Then, only the combination will be authorized. This is called multi-dimensional authorization (you will find blogs and posts on the subject).

The difficulty, here, is more a selection issue than an authorization one, As authorization variable does not work with more than one infoObject, the users have to select the right combination (or you have to find a way to select for them).

Regards,

Frederic

Show replies
Show replies
Loed
Active Contributor
‎08-27-2020 10:16 AM
0 Kudos

Hi cincet.frdric2.

Sorry my sample was incorrect.

This is the right scenario:

USER1 should only see the transactions above even if PLANT Z is present for all company codes.

Thank you.

Loed

Ask a Question