RSSB_GENERATE_AUTHORIZATIONS

Similar Messages

• Error when running RSSB_GENERATE_AUTHORIZATIONS

  Iam having a SYSTEM_NO_TASK_STORAGE runtime Error when running program RSSB_GENERATE_AUTHORIZATIONS in a BW 3.5 system when it is attempting to load a very large amount of users/profiles from HR Structural Authorizations into BW.  The HR Structural Authorizations - Values 0PA_DS02 ODS was loaded with 47 million records when following the process specified on <a href="https://www.sdn.sap.comhttp://www.sdn.sap.comhttp://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/docs/library/uuid/e1cba990-0201-0010-43ae-af579aee7a73">this SDN document.</a>
  Memory parameters have been continually adjusted to try to allow the process to run with no results. 
  Any help will be greatly appreciated.
  Thanks.

  Hi,
  Did you try and break up the loads into smaller chunks ?
  Else you can also try and increase the number of data packets by breaking up the data packets into smaller amount if data.
  Cheers,
  Kedar

• Query and RSSB_GENERATE_AUTHORIZATIONS

  Hi experts,
  we can use report RSSB_GENERATE_AUTHORIZATIONS to Generating Authorizations in BW from Data in the InfoProviders,
  after that will be created new profile RSR_*.
  I would like to use the similar program ( function ) to create profile for queries, it means fill S_RS_COMP (Business Explorer -
  Components) - > ( ACTVT, RSINFOAREA, RSINFOCUBE, RSZCOMPID and RSZCOMPTP ).
  Do you have any idea ?
  Thanks in advance
  Martin

  FM SUSR_INTERFACE_AUTH

• Authorization on cost center !

  hi,
  i need help on Cost center Authorization.
  I have crared 3 dso. 1 for Hierarchy nod, 2. single values and 3. user reporting. and the data is loaded in all 3.
  after this i have generated Authorization in bW using RSSB_Generate_Authorization.
  Now, i m in Tcode RSSM, over there i am creating Authorization object ZZZ_OPC.
  Over here , i have to select Infoobjects for authorization.
  i have choosen 0TCTAUTHH for hier, 0costcenter ( As i am doing authorization on this ), what else i have to choose ?
  do i have to choose anything for Single value ? if yes then which info object ?
  thankz

  Hi,
  The relevant authorisation objects are as follows:
  K_CSKS_SET:  This will allow display/change/creation of groups based on activity selected.
  K_CCA:  This is a general authorisation object (relevant activites should be 0003, 3027, 3029).  You are  obviously trying to run a report.  For running a report the relevant authorisation object is K_REPO_CCA, which sadly does not have cost center group as a selection, only cost center values and ranges.
  However, K_CCA will work, if the cost center group that you have entered in the authorisation is also present in the standard hierarchy.  Can you test this, enter a cost center group from the standard hierarchy and not just any group that you have created seperately.  The authorisation should get restricted to that group.
  Cheers.

• ABAP program in process chain running under another user

  Hi, gurus
  I have a process chain that load three DSO in order to generate authorizations. I wish to add a new process at the end of this process chain which calls ABAP program RSSB_GENERATE_AUTHORIZATION. I wish to run this ABAP program under a different user rather than using ALEREMOTE, our general purpose load user. The user to run authorization generation must be a system user specially created for this purpose.
  My question is: is it possible to define a different user to execute only a process (ABAP program) inside a process chain while the previous steps can be run by a general purpose load user?
  Is there any other approach? What about separating it into two tasks? How to sincronize them, that is, how to run generation just after successful ending of the load process?
  Thanks for ideas.
  Fernando

  Let us assume that you have two parts to this -
  1. Process chain for Data Loads
  2. Program for authorizations.
  Schedule the authorization program in the background and have it run after a particular event - this way your authorization program is run with a specific user.
  In your process chain put in a program to raise the event at the appropriate time so that the authorization program can run. The authorization program in the meanwhile will be runnnig and waiting for the event to occur.

• BW Issues while generating authorization profiles RSSB_GENERATE_AUTH progm.

  Hello,
  We loaded ZTCADS02 hierarchy datastore authorization template with the following data fields mapping and along with the other authorization templates (ZTCADS01, DS03)
  when I try to generate the authorization profiles using RSSB_GENERATE_AUTHORIZATIONS program, I am getting the following error
  “Hierarchy YES_BRANDS (version, key date 12/31/9999) does not exist  Message no. RSSBR050”
  Here are the fields and field contents on ZTCADS02 datastore. Am I loading wrong data to any of the fields?? I tried couple of combinations for Hierarchy name (0TCTHIENM) but none of this helps me in successful generation of the profiles.
  0TCTHIENM = YES_BRANDS/99991231//0BP_GRP
  0TCTHIENM = YES_BRANDS
  0TCTUSERNM     User                     CARLMGRN1
  0TCTSYSID     BW System     SBC100
  0TCTAUTH     Authorization (Tech)     ZBP_GRP
  0TCTADTO     Validity, to                     99991231
  0TCTIOBJNM     InfoObject                     0TCTAUTHH
  0TCTHIENM     Hierarchy Name     YES_BRANDS
  0TCTHIEVERS     Hierarchy Version     A
  0TCTHIEDATE     Hierarch, Valid to     99991231
  0TCTNIOBJNM     Node (InfoObject)     0BP_GRP
  0TCTATYPE     Type of Authorizatn     2
  0TCTOBJVERS     Object Version     A
  0TCTADFROM     Validity, from     20061113
  0TCTNODE     Nodes              454BA58E856300F6000000000A173125
  0TCTACOMPM     Validity Period     1
  0TCTTLEVEL     Hierarchy Level     9
  0TCTNDEF     Default Value     Y
  Infoobject to be checked is 0BP_GRP which is hierarchy check
  ZBP_GRP is custom authorization object created by me with fields actvt, 0BP_GRP and 0TCTAUTHH fields via RSSM
  All suggestions are really appreciated and promise to reward very good points,
  for all good answers.
  Regards
  Sreeni

  Issue is resolved. There was a problem with the data load.
  Thanks
  Sreeni

• Generating Authorization for non HR/CO requirement

  Hi Experts,
  I am planning to use the generation of authorizations concept for my security requirement. The business users have to view data in the reports based on specific InfoObject values they are authorized to. We are getting this information viz. user and the values they have access to from the source system. I am planning to create a custom version of the standard DSO 0TCA_DS01 and load the data from the source system via a generic datasource. I will be using the standard program RSSB_GENERATE_AUTHORIZATIONS to generate the authorization for each user.
  My questions are:
  1. Is 0TCA_DS01 the right choice of DSO?
  2. If the answer to 1 is yes, then there is a field called 0TCTAUTH in the key fields of the DSO. I am not sure what information has to be brought in from the source system for this field
  3. Is there a way we can change the naming convention of the authorizations generated? If yes, how?
  I did go through this forum and most of the articles on BI Security. I understood the procedure, but the above questions are grey area that were not covered.
  Thanks in Advance!
  A

  I believe that you van use Structural Authorizations to fulfill this business requirement because these authorizations, although maintained based on Org structure, can be and are used across the variuos modules.
  Regards
  Lincoln

• Authorization:  Note 825016 - $! in the generated profile

  We recently were generating authorizations for info object 0employee using program RSSB_GENERATE_AUTHORIZATIONS and ODS 0PA_DS02.  When we viewed the user profile, we noticed instead of employee numbers being listed as authorized, it listed '$!'.  We found this SAP note 'Note 825016 - $! in the generated profile'.  It explains some new authorization functionality where SAP is now using cluster tables to store authorization values > 3500.
  This all sounds great, but it is not working.  When I try to view my query, I have no authorization for the values we generated with the program.  What am I missing?

  SAP proposed that we switch to the new authorizations concept in BW 7.0.  This resolved our issues.