cancel
Showing results for 
Search instead for 
Did you mean: 

I require information about BPC Security

Former Member
0 Kudos

Hi experts !!

Currently we are using SAP BPC 7.5 for Microsoft.

We need to create a user group for which they alone, are responsible for creating users and assigning privileges to the application.

This group of users should have access to only those security tasks.

For this, using the Planning and Consolidation Administration, we have created a Team, a Task Profiles and Member Access Profiles exclusively for them.

By creating the Task Profiles, only add the DefineSecurity task in interface. Do not select any other options (System Admin, Primary or Secondary Admin Admin).

But when testing access to one of the users, I could see he always has access to the user to modify Business Rule Library options (accessed Save Rule Rule table table and reports).

Can anyone tell me what should I do?

Accepted Solutions (0)

Answers (3)

Answers (3)

Former Member
0 Kudos

Hi experts,

We have the sp6 for SAP BPC 7.5 from Microsoft.

What steps recommend to us for update our version to sp9.

What improvements would bring each of the updates?

former_member186498
Active Contributor
0 Kudos

Hi William,

just read carefully the related notes right of the sp, apply the sp with all the steps connected (several activities like copying the packages from APShel etc.) first in develop environment testing all the

functionality of admin console and client(web, DE/reports, script, packages etc.) to see that all is working.

I found some changes when upgrade from sp5 to sp9, errors and warning in script logic and sp and also in 2 DE, nothing serious but annoying.

If all ok apply the same  on the other environments.

Kind regards

     Roberto

JohnL
Product and Topic Expert
Product and Topic Expert
0 Kudos

Hi William,

I tested this exact scenario and it in fact works as designed.

Please make sure the user only has that particular interface task of DefineSecurity.

Check if the user has other inherited rights from other Task profiles or Team assignments.

Thanks,

John

Former Member
0 Kudos

Hi John,

I have created a new Team and a new Task which one only have assigned the DefineSecurity interface. After that, I have added a new temporary user Team.

However, to review each of the options, the user has access to Security and Business Rule Library.
All other options are disabled (Dimension Library, Application, Work Status, Business Process Rows, Manage Custom Menus and Logic Library).

former_member186498
Active Contributor
0 Kudos

Hi William,

I've tried just now and it works you can change only the user, Team, a Task Profiles and Member Access Profiles but business rules's list of function (right side) etc is empty.

I work with 7.5 sp9 patch level 2 (the last one), so or it was a bug before or you must check your definition for task and m.a.p.

Kind regards

     Roberto

Former Member
0 Kudos

Hi Roberto,

This is the version we have in the company.

former_member186498
Active Contributor
0 Kudos

Hi William,

sorry but your is sp6, I'm on sp 9 pl2 this means 7.5.110.02

Kind regards

     Roberto

Former Member
0 Kudos

Hi William,

If you have to create a group who can provide authorizations to other users, then you need to give the modify security task to this group. This means that they can modify their own securities also. Hence, you cannot restrict this group from not changing their own securities.

Hope this helps.