Skip to Content
0
Former Member
Mar 21, 2009 at 03:56 PM

manual migration steps to new authorization concept

95 Views

Hello,

I'm trying to migrate to the new analysis authorization. I would prefer to go the manual way, after evaluating the automatic migration program. It would create to much clean up work at the end. Furthermore we have a lot of InfoCube with authorizations objects but they are not checked under rssm for that provider. So after migration these infoproviders would not work properly.

Can anyone provide any usefull manuel steps when switching to the new concept? How did you build your new authorizations in rsecadmin by hand or thru generation out of dso?

I'm considering this scenario:

1: Standard analysis authorization with infoprovder which do not have any auth. objects in them to grant general infoprovider access. (Basically rsec_admin should do that job, but it generates a lot of junk too, as we use infoarea instead of s_rs_icube etc.)

Assign to all user in BI. Unauthorized access would be stopped through s_rs_comp.

2: Authorization with infoprovider which include auth. objects but should not be checked. (Not supported under rsec_admin)

Assign to all user. Unauthorized access would be stopped through s_rs_comp.

3: Authorization for every Profile where an RSSM-Object is included. (Rsec_admin would be able to do this)

Assign to specific Users.

Nr3: I would go through every profile and generate the authorizations under rsec_admin by hand.

Nr 1 & 2: To ease the work I use a abap report which provides all the necessary information example: list of all inforptovider without auth. objects (Nr. 1) and infoproviders with auth objects in them. The report also provides me with information if a infoprovider has a query, so I can decide if an authorization is even necessary.

What do you think and how did you design your concept ?

Thanks.