Skip to Content
author's profile photo
Former Member

Authorization in reports

Hello everyone,

i have a quick question for the security guys out there in the BW (and of course everybody else that might be able to help!):

I have created an InfoObject called ZCOMPANY which contains all subsidiaries of our organization.

I have checked the flag Authorization relevant under of the "Business Explorer" tab in the InfoObject maintenance.

Now i need to have the ability to restrict user access to the companies in reports. I have one master set of reports that should be available to everybody but with access only to companies i assign to them.

We have 29 companies in our organization and i would hate to create a report for every one possible combination of companies and assign those reports to individual user by assigning individual roles!

How do i set that up in the role/profile maintenance? which authorization object is the be used and how?

Did anybody ever do this and knows how this works?

Any help is greatly appreciated....

Thanks

Stephan Engler

Add comment
10|10000 characters needed characters exceeded

  • Follow
  • Get RSS Feed

2 Answers

  • author's profile photo
    Former Member
    May 01, 2004 at 10:26 AM

    Hello Stephen

    You have to create a Reporting Object based on the ZCOMPANY object. There is documentation in Service.sap.com to do this. Once you have done this, you can then use this Reporting Object in the different Roles to specify the restrictions. And attach the users to these roles.

    Let me know how you go with this.

    Navin N

    Add comment
    10|10000 characters needed characters exceeded

  • author's profile photo
    Former Member
    May 03, 2004 at 01:57 AM

    Here's a starting point ...

    http://help.sap.com/saphelp_bw33/helpdata/en/72/eeb23b94c6e54be10000000a11402f/frameset.htm

    Outline steps...

    In RSSM:

    Create authorization object

    Make authorization object applicable to relevant InfoProviders

    In PFCG:

    Add authorization object to new or existing Roles with appropriate field assignments

    Make User/Role assignments

    NOTE: If any ZCOMPANY hierarchy will be active in any queries you will need to include 0TCTAUTHH and follow steps for hierarchy authorizations (groan!).

    Add comment
    10|10000 characters needed characters exceeded