Skip to Content
0
Former Member
May 29, 2007 at 02:23 PM

BI Analysis Authorisation. IP Security Restriction Not Working

53 Views

Hi All,

I am trying to set up security using the new security concept 'Manage Analysis Authorisation'. The authorisation requirement was to allow users to read all data however only able to plan for certain company code, version and at certain level in contract hierarchy.

A single analysis authorisation profile was created which gave read access to all data. This works OK, if you only assign this authorisation profile to the users, then they are only able to display data. Two analysis profiles were created (both included special chars) one defines the write access for selective company code and contract hierarchy level another analysis profile gives write access to selective Versions. However, the issue is that when I assign three profiles (one to give read access and two profiles to give write access) I encounter the authorisation issue.

But strangely if I only create one write profile giving access to the relevant company code, contract hierarchy and version then assign one write prfile and one read all profile t the user, I get no issues and authorisation works as intended.

<b>Example of Authotisation Profiles</b>

Auth1 (All read Access)

0TCAACTVT I EQ 03

0TCAIPROV I CP *

0TCAKYFNM I CP *

0TCAVALID I CP *

0CALYEAR I CP *

0FISCYEAR I CP *

0COMP_CODE I CP *

0VERSION I CP *

ZCONTPL I CP *

Auth 2

0TCAACTVT I EQ 03

0TCAIPROV (Restricted to planning cubes)

0TCAKYFNM I CP *

0TCAVALID I CP *

0CALYEAR I CP *

0FISCYEAR I CP *

0COMP_CODE I EQ 110

ZCONTPL I(Node within Hierarchy)

Auth 3

0TCAACTVT I EQ 03

0TCAIPROV (Restricted to planning cubes)

0TCAKYFNM I CP *

0TCAVALID I CP *

0CALYEAR I CP *

0FISCYEAR I CP *

0VERSION I EQ FOR

Not sure what is making the authorisation not work when I use multiple Authorisation profiles to define write access. Could anyone please tell me what I am doing wrong.

Regards

Mohammed