cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Authorizations - cannot start Query Designer/BEx Analyzer

Former Member

on ‎12-28-2004 9:14 AM

0 Kudos

I test setting up authorizations that could discreminate between basic and power users.

I've created a role for basic users (all authorizations on their own reports using $USER variable) but such a user cannot start the Query Designer nor the BEx Analyzer. An error message is obtained and the application terminates.

Is there a specific authorization to include in the user's profile so as to be able to use the Reporting applications?

Thanks.

Best wishes for 2005.

Laurent Querella

BI Consultant

ALTI - Belgium

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

mstrein
Active Participant
‎12-28-2004 1:45 PM
0 Kudos

Hi Laurent,

what error message do you get?

easiest is set up a trace (ST01). That should show you what authorization is missing? If you are using reporting authorizations you have to run the trace in RSSM.

Let me know if you have further questions

Michael

Show replies
Show replies
Former Member
‎12-29-2004 9:04 AM
0 Kudos

Hi Michael,

My test user has profile S_RS_ALL (Business Information Warehouse: All Authorizations).

In the trace analysis (ST01) I get the following missing authorization: S_RFC / Program SAPLRFCH / RFC_TYPE: FUGR / RFC_NAME: RFCH / ACTVT: 16

I guess something is missing...

Laurent Q.

Former Member
‎12-29-2004 9:35 AM
0 Kudos

You need to add authorization object S_RFC with the parameters shown in the trace. This is needed because the communication between BEx and the BW server is done with RFCs.

Best regards

Dirk

Former Member
‎12-29-2004 10:06 AM
0 Kudos

Hi Dirk,

This I think I had understood...

My point is:

1. Why do I need to add the specific authorization I mentioned (RFC_NAME=RFCH)?

2. Is this object included in a generic role/profile?

When I compare authorizations for a BEx reporting user in BW2.0B and in BW3.5, I find differences but I do not see the very object RFCH. When performing a trace comparison, I see the latter.

Best regards.

Laurent

Former Member
‎12-29-2004 10:44 AM
0 Kudos

The delivered roles and profiles are only examples. And I think they didn't update them all with 3.5. If a developer created a new function group during 3.5 development and calls an RFC from BEx you need to maintain this new authorization.

I haven't found it in standard profiles or roles but I haven't checked too deep.

Best regards

Dirk

mstrein
Active Participant
‎12-29-2004 1:58 PM
0 Kudos

Hi Guys,

we are authorizing the Queryusers and Querybuilders in general for all RFC's (RFC_NAME: *) of the type FUGR (RFC_TYPE: FUGR). Didn't find any information wether that is a potential hazard or problem during an audit. So for us thats nice and easy.

Regards,

Michael

Former Member
‎12-29-2004 2:14 PM
0 Kudos

OK guys.

I just tried to understand a little bit deeper what I'm doing. Your comments can be summarized as: "KEEP BEING PRAGMATIC!" - If it works, it is not necessary to figure out why...

Thanks every one.

Best wishes.

Laurent Q.

mstrein
Active Participant
‎12-29-2004 2:47 PM
0 Kudos

Hi Laurant,

honestly the only reason I can think of why it could be necessary to be more detail oriented is security concerns.

Anyway.... If that helped you fell free to close the thread and assign some points to whoever helped you.

Like Roberto puts it "spread some love.. "

Regards,

Michael

Former Member
‎12-30-2004 9:13 AM
0 Kudos

Hello guys!

I eventually got the right answer from SAP (Holger Knödler). Let me share it with you.

The relevant info can be found in SAP notes 726874 and 93254.

I quote Holger:

*****************

Dear Laurent,

30.12.2004 08:02:05

if you compare the standard profile S_RS_ALL in a BW2.0B System and

in BW 3.5 you see that it is correctly updated, there are even more

fields than in BW2.0. But in both no RFCH. The reason to need RFCH are

some changings in the basis. You can read the details in the basis

note 726874.

Kind regards and Happy New Year,

Holger Knödler, SAP Active Global Support (BW Team)

SAP AG, Walldorf

********************

Best wishes again!

Laurent Q.

Ask a Question