Roles and authorizations in BI content

Similar Messages

• As XI developer what are the roles and authorization i shoul have in realti

  Hi Experts,
                  As XI developer what are the roles and authorization i shoul have in realtime, as a dveloper is it possible for me to crate namespace and business system, can any one please exaplain me abt business system  in real time scenario.
  thanks
  dhanush

  Hi Dhanush,
  your authorizations will be decided depends on your role in your team.
  yes you will have authorization for creating name space ,but your bussiness system will be created by Basis pesron and assign it to your scenario.
  Business System is a logical entity which represents logical view of your technical system. (eg a client in R3 system can be respresented as business system in SLD) For one technical system you can have multiple business systems.
  Look in to these links for detalis of bussiness systems.
  http://help.sap.com/saphelp_nw04/helpdata/de/31/f0ff69551e4f259fdad799a229363e/frameset.htm
  http://help.sap.com/saphelp_nw04/helpdata/de/87/7277e8fba34421a45d97a41ec27381/frameset.htm
  http://help.sap.com/saphelp_nw04/helpdata/en/7b/d4653fd1d3b81ae10000000a114084/content.htm
  Reward points if found usefull......

• RFC Sender - Logon User - What Roles and Authorizations?

  Hi,
  Scenario: RFC Sender --> XI --> JDBC
  What necessary Roles and Authorizations has to be given for Logon User (in Sender RFC Communication Channel).
  It has to be moved to production soon. My Client wants to give only Roles and Authorization that are necessary for the Logon User.
  With Regards,
  Manikandan R

  Hi ,
  U need to give ECC Authorisation
  Application server : ECC Server
  Sytsem no : ECC system number
  Logoon User : ECC any username
  password : password for above user
  clientr : ECC client ( From which client u are sending to RFC adapter)
  Regards,
  Jayasimha jangam

• Business Explorer Roles and Authorizations

  Hi,
  I am using Business Explorer Query Designer and Analyzer ( Excel Work book add on) with BI 7.0.
  I need to create roles and authorizations for the end users to create queries and view queries in excel by using Business Explorer Query Analyzer.
  Kindly suggest me what are the standard transactions, roles and authorizations to be given to the end users.
  Thanks and regards
  Murugesan

  I dont have idea about Bi 7.0 ..
  If its bw 3.X i jusz used rrmx --->>excel ->addins-->>queries --->pop up window --->here we need rfs object S_RFC
  Finally rrmx tcode and general roles which has S_RFC  autorisation object and the query .
  Regards,
  Naveen

• What Roles and Authorization Req

  Hi All,
  I am getting the Error in SOAP to RFC Sync secnario.
  User using one URL through that URL he is trying the send the data to before sending the req user have the USER ID and Password. what are the Roles and Authorization req for that user id and password. Are they service user id ?
  Regards

  This user ID have roles similar to Service user PIAPPLUSER or XIAPPLUSER. However, it is recommended not to provide this user detail directly to sender system. Instead create a new user and provide that to your partner.
  Regards,
  Prateek

• Deleting FICO Roles and Authorizations

  Hi Guys,
  i want to Delete some roles and authorizations from a user profile.I have the user id and I want to know what roles are assigned to the user.
  Which tcode can be used for the same and how to delete the fico roles assigned to that sap user id.
  thanks,
  Srikanth.

  Hi,
  I got the solution. It is SUIM.
  Anyways thanks for the help
  srikanth

• About roles and authorizations

  hai friends,
  who will create roles and authorizations plz
  thanks in advance
  suitable answer will be given suitabel points
  kumari

  Roles and authorizations have to be done with Basis team and HR team together, because they are not the usual roles that other modules use. For instance, HR authorizations have different objects for PA, PY, Clusters, BM and CM. For OM and PD, you use transaction OOSP for authorization profiles.
  For my personal experience, when the consulting team ask the basis team to deal with authorizations for HR, they become paralized when they find Structural Authorizations Profiles, Period of responsibility, etc., because they don't know (and it is not their responsibility) about HR objects and concepts handled in txn OOSP.
  In order to avoid this problems, take an extra time for this in your implementation project. Roles and authorizations in HR, when done correctly, takes more time than other modules.

• Portal roles and Authorization in NW2004s

  Hi Gurus,
  In earlier Portal implementation of ESS/MSS which was ITS based we used to maintain roles in EP by doing a role upload and maintaining authorizations in the backend R/3 system and if any new changes being made in the role is being distributed to the r/3 system using system administrator -> Permissions -> sap authorization and role distributions are sent to R/3. where we can go to W3PR transaction can create authorization profile for that role there.
  Now my question is in ESS/MSS implementation based on Web dynpro how are portal roles and authorization maintained?
  please do tell me as to how they are maintained in the NW2004s implementations.
  Regards,
  Ramesh

  plz take a break for few minutes and start.... u will get it..

• OAM manage roles and Authorization in WebLogic integration

  Hi
  Had anyone done weblogic integration where OAM manages roles and Authorization?
  I could read in Oracle WebLogic integration document that,
  "The Security Provider only supports authentication for portals."
  I wanted to figure out if anyone has done this before or Is it possible to delegate role management and Authorization responsibility to OAM?
  Thanks
  Kiran Thakkar

  Thanks for the quick response.
  Thanks
  Kiran Thakkar

• SAP XI Roles and Authorizations

  Hi All,
            Could u pls tell which are the main roles and authorizations a SAP XI Developer should have. Also how to set them up?
  Thanks,
  Ashish

  Hi Ashish
  the necessary roles to be provided for a developer in XI system are mentioned below.
  SAP_SLD_DEVELOPER
  SAP_XI_DEMOAPP
  SAP_XI_DEVELOPER_ABAP
  SAP_XI_DEVELOPER_J2EE1) SAP_XI_Developer_ABAP
  2) SAP_XI_Developer_J2EE
  3) SAP_XI_MONITOR_ABAP
  4) SAP_XI_MONITOR_J2EE
  5) SAP_SLD_ORGANIZER
  6) SAP_XI_BPE_MONITOR_ABAP
  7) SAP_XI_DEMOAPP
  8) SAP_XI_DISPLAY_USER_ABAP
  9) SAP_XI_DISPLAY_USER_J2EE
  for further details, visit the link given below...
  http://www.erpgenie.com/sap/netweaver/xi/xiauthorizations.htm
  http://help.sap.com/saphelp_nw70/helpdata/en/56/361041ebf0f06fe10000000a1550b0/frameset.htm
  Cheers..
  Vasu
  Reward Points if found useful **

• BI Content Roles and Authorizations

  Hi All,
  We just installed a BW system and trying to activate the Business Content. But its giving some authorization issues.
  Can anyone please give the list of transactions/roles/profiles/authorizations that needs to be added to my user id so as to install all the Business Contents available.
  PS: Basis is not giving me SAP_ALL and SAP_NEW because of internal issues.
  Thanks & Regards,
  Vikas Sharma

  Hi
  Vikas you need to have S_RS_ADMWB Authorization Object in Ur profile
  that will help U.
  and See the TCode SU53 for the required authorization objects and their activity
  Hope this Helps U
  Regards
  Ajay
  PS : Assign points if helpful

• Roles and authorization - 0BI_ALL

  hi all,
  i have problem creating a proper role for our users in sem-bcs. The problem is in the transaction ucmon. They cant see the list of journals unless i give them authorization object S_RS_AUTH with 0BI_ALL. But i dont want to use 0BI_ALL because they see all data and they shouldnt.
  I created two authorizations in rsecadmin and had put them into the role in S_RS_AUTH:: one with infoobject ZIOCELOK and one with ZIOICOUJ and gave them values that the user needs to see only his data. I also added  But he still cant see it. I run rsecadmin analysis and found this in error logs, but i dont have a clue what does this mean.
  Following Set Is Checked          Comparison with Following Authorized Set          Result
  Characteristic     Content(in SQL Format)     Characteristic     Content(in SQL Format)     Not Authorized
  0TCAACTVT     NOT ZIOCELOK = 'KAP10'     ZIOICOUJ     I EQ 00699021     
  ZIOCELOK     AND ZIOICOUJ = '00699021'          I EQ 30806101       Not Authorized
  ZIOICOUJ     AND 0TCAACTVT = '03'             I EQ 31819559     
                                                   I EQ 35822163     
                                                 0TCAACTVT       I EQ 03     
                                                   ZIOCELOK  I EQ KAP10     
  All Authorizations Tested
  Message EYE007: You do not have sufficient authorization
  No Sufficient Authorization for This Subselection (SUBNR)
  Following CHANMIDs Are Affected:
  477 ( ZIOCELOK )
  478 ( ZIOICOUJ )
  Authorization Check Complete
  PLS help
  Edited by: Martin  Zluky on Jul 30, 2010 10:12 AM
  Edited by: Martin  Zluky on Jul 30, 2010 10:12 AM

  Hi,
  here is the full error log. Please take a look. ZIOCELOK is a variable in ISJUS_BCS, which is our infocube from where ucmon
  is getting data.
  Authorization Check Log
  For a general description see the Note 1234567
  Date and Execution Time (Local Server)
  Execution Date: 05.08.2010
  Execution Time: 08:11:24
  TransactionUCWB_INT ( List of Totals Records )
  Executed by User TE001019
  Executed with Analysis Authorizations of Another UserTE001019
  Software Component     Release     Level     Support Package
  SAP_ABA     700     0019     SAPKA70019
  SAP_BASIS     700     0019     SAPKB70019
  SAP_BW     700     0021     SAPKW70021
    InfoProvider Check 
  Building the Buffer...
  ...Buffer Built
  Are there authorizations for accessing InfoProvider ISJUS_BCS with activity 03?
  Authorization exists for general access to InfoProvider ISJUS_BCS with activity 03
    Relevant Characteristics for Detailed Authorization Check 
  (Characteristics with Full Authorization Are Not Listed!)
    List of Effective Authorization-Relevant Characteristics for InfoProvider ISJUS_BCS: 
  ZIOCELOK
  ZIOICOUJ
  0TCAACTVT
    Authorization Check 
    Detail Check for InfoProvider ISJUS_BCS 
    Preprocessing: 
  Selection Checked for Consistency, Preprocessed and Supplemented As Needed
  Subselection (Technical SUBNR) 1
  Check Node Definitions and Value Authorizations...
  Node- and Value Authorizations Are OK
  End of Preprocessing
  Filling the Buffer...
  ...Buffer Filled
    Main Check: 
    Subselection (Technical SUBNR) 1 
  Supplementation of Selection for Aggregated Characteristics
    No Check for Aggregation Authorization Required 
  Following Set Is Checked     Comparison with Following Authorized Set     Result     Remaining Set
  Characteristic     Content(in SQL Format)
  0TCAACTVT
  ZIOCELOK
  ZIOICOUJ
       ZIOICOUJ IN ('00699021','30806101','31819559','35822163')
  AND 0TCAACTVT = '03'
  AND ZIOCELOK LIKE *
  Characteristic     Content(in SQL Format)
  0TCAACTVT     I EQ 03
  ZIOCELOK     I EQ KAP10
  ZIOICOUJ     I EQ 00699021
  I EQ 30806101
  I EQ 31819559
  I EQ 35822163
       Partially or Fully Authorized (Intersection) Partially or Fully Authorized (Intersection)     
  Characteristic     Content(in SQL Format)
  0TCAACTVT
  ZIOCELOK
  ZIOICOUJ
       NOT ZIOCELOK = 'KAP10'
  AND ZIOICOUJ IN ('00699021','30806101','31819559','35822163')
  AND 0TCAACTVT = '03'
  Value selection partially authorized. Check of remainder at end
  Following Set Is Checked     Comparison with Following Authorized Set     Result     Remaining Set
  Characteristic     Content(in SQL Format)
  0TCAACTVT
  ZIOCELOK
  ZIOICOUJ
       NOT ZIOCELOK = 'KAP10'
  AND ZIOICOUJ IN ('00699021','30806101','31819559','35822163')
  AND 0TCAACTVT = '03'
  Characteristic     Content(in SQL Format)
  0TCAACTVT     I EQ 03
  ZIOCELOK     I EQ KAP10
  ZIOICOUJ     I EQ 00699021
  I EQ 30806101
  I EQ 31819559
  I EQ 35822163
       Not Authorized Selection is not authorized     
  All Authorizations Tested
    Message EYE007: You do not have sufficient authorization 
    No Sufficient Authorization for This Subselection (SUBNR) 
  Following CHANMIDs Are Affected:
  477 ( ZIOCELOK )
  478 ( ZIOICOUJ )
    Authorization Check Complete

• Roles and Authorization strategy for SAP BIBO

  Hello All,
  We are doing an implementation where Source is a Oracle, SAP BI warehouse and BO XI3.1 as reporting solution.
  Our customer has asked for the authorization strategy that will be implemented in SAP BI. Currently the users belong to different companies or plants or countries
  Current structure is like,
  User 1 belongs to Plant1 of Country1
  User 2 belongs to Plant2 of Country2
  user 3 belongs to Plant3 of Country1 etc..     
  We have more than 500 users who will use the reports. The user belonging to a particular plant should only see the plant data/Country data he belongs to.
  As I understand, we need to create the roles in BW and these roles to be imported into BO to use for the row and column level security.
  The options we considered are,
  1. Use Bex queries in BW to with ABAP code in CMOD to identify the user belongs to Plant  1, 2 or 3 and provide necessary authorizations.
  2. Create user groups based on the country or company they belong to and create as many roles as required. This will however impact the maintenance of so many roles in the BI system.
  We are also forced to avoid Bex queries in BW and hence,  trying to connect Multiproviders directly in BO universe.
  How should we go forward in designing the authorization concept? Any better ideas?
  Thanks and Regards,
  Srinivas

  There are two ways which we can implement this kind of authorization based on my knowledge.
  1. Data Security purely at BW
  If the data is secured based on roles and users, there is no  need of additional authorization from BO side except at report and folder level if you go for SAP Authentication.
  Once you use SAP authenication and enable single sign on option in universe connection, the SAP users can access data based on their profile set at BW.
  2. Data Security from BO
  Let's assume that, if nothing is set at BW and every thing to be take care from BO.
  Then you could create one multiple provider for each plant / country. Create one connection for each multiprovider
  Create restrictions (Tools--> Manage Access Restrictions) for each plant/country. There you can change connection names.
  So you would need to create many restrictions for different permutations and combinations.
  I never tries this option with Multiprovider. But It worked well with NON-SAP data.
  Hope this helps!
  Regards
  Gowtham

• Diff.between BW and R/3 roles and authorizations

  Hi Experts,
  Please any one let me know is there any difference for creating roles and assigning authorizations in BW and R/3 systems.
  Please let me know the BW related T-codes
  Regards,
  Reedy V.

  What version of BW? Are you using BI7 analysis authorisations.
  BI7 - go [here|https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/docs/media/uuid/ac7d7c27-0a01-0010-d5a9-9cb9ddcb6bce]
  If using BW 3.5 or another similar version then build your roles in PFCG and assign to users in SU01
  There is more to it which you can find [here|https://service.sap.com/SECURITY] (sorry for the poor link Bernhard ) under category SAP Business Information Warehouse Security Guides
  Edited by: Julius Bussche on Jul 8, 2008 12:34 PM
  Formatting and link corrected
  Thanks Julius!
  Edited by: Alex Ayers on Jul 8, 2008 2:10 PM

• User Roles and Authorizations

  As we know in MM different user have different roles to play and they need different SAP transaction and related activies.
  In SAP we define the particular user who are actually allow to access only certain transactions only?
  What are the steps to do this in SAP?
  Secondly in which stage of implementation we define those user roles and assign duties to them in SAP ?
  bEST Regards,
  Kapil

  u can create the user role using tcode su01 and pfcg for authorization management