on 03-06-2009 10:19 AM
Hi
How in Nw2004s implement this problem:
Query have characteristic 0material, 0comp_code and 0customer.
User A must see only 0material and user B 0comp_code and 0customer.
Create 2 query isn't good solution.
Best Regards
Piotr
Dear Piotr,
Iu2019m going to try helping you,
When you work the authorization object like S_RS_IOBJ, your are managing access by object, for example display, chanced, create, delete, ect. Furthermore, You are managing access by technical name, for example 0* (you can display all characteristic that begin with u201C0u201D value).
If you need create a specific authorization regarding 0MATERIAL, 0COMP_CODE and 0CUSTOMER, you should create roles with authorization object and specific values.
For example:
Tcode: PFCG
Role 1 for User A
Authorization Object S_RS_IOBJ
Activity: 03 Display
Object: 0MATERIAL
Role 2 for User B
Authorization Object S_RS_IOBJ
Activity: 03 Display
Object: 0COMP_CODE, 0CUSTOMER
I hope this suggestion can help you to answer your question,
Luis
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Thank Luis
I will test it.
Piotr
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi
I know this
But when we use new authorization concept in Bw 7 (NW2004s) it dosn't work.
I work in NW2004s about a week.
In BW 3,5 it works good.
Best Regards.
Piotr
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Dear Piotr,
Sorry but a donu2019t understand you question,
Regarding the authorization system in BI 2004s, you have two levels. First, you restrict access by object (authorization object, mange through tcode: pfcg); second, you restrict access by characteristic and navigational attribute values (analysis authorizacion, manage through tcode: rsecadmin).
If BW 3.5 it works good, the problem must be in the reporting authorization object 3.5, now analysis authorization in 7.0. Because the authorizations object has the same behaviour in both versions.
According explanation give above, you should be focus in the analysis authorization, but I need more details. For example the User A and User B what do they do?, they can create query, or only execute query. In case of, they only need execute query and display data. The authorization by focus in analysis authorization, and we need have to check, the query structure, and what characteristics (0MATERIAL, 0COMP_CODE, 0CUSTOMER) in InfoProvider are joined and which characteristic are relevant of authorization.
For example, in your scenario, you need that user A should display 0MATERIAL value,
In this case you need to create an analysis authorization (through tcode: RSECAUTH), where have to the following design:
0MATERIAL: specific values that you need
0COMP_CODE: u201C:u201D aggregate value
0CUSTOMER: u201C:u201D aggregate value
For the user B, the design must be:
0MATERIAL: u201C:u201D aggregate value
0COMP_CODE: specific values that you need
0CUSTOMER: specific values that you need
I hope this suggestion can help you to answer your question,
Luis
To achieve this you need to create two roles in the first role you give 0material as the value for S_RS_IOBJ and assign to user A. In the second role you give 0comp_code and 0customer as the values of S_RS_IOBJ and assign to user B
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
80 | |
9 | |
9 | |
7 | |
7 | |
6 | |
6 | |
6 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.