Authorization Relevent Scenarios

Similar Messages

• Updating users profile when infoobject marked as authorization relevant

  Hi All,
  Consider a scenario where there are some projects in which perticuler infoobject is not authorization relevant but in some upcomming project the same infoobject needs to be authorization relevant.but when i marked this infoobject as authorization relevant then i need to manually insert this new authorization infoobject in each user profile. If there are more than 200 users available then it is not very good idea to include this infoobject in each profile manually. Is there any other way through which we can insert this infoobject in all user profile automatically.
  Regards,
  Deepak

  Hi again.
  Go to transaction se38 and create a program with the name ZCHANGE_APPEND_AUT.
  Insert the following code:
  REPORT  ZCHANGE_APPEND_AUT                             .
  TABLES RSECVAL.
  DATA: T_RSECVAL TYPE RSECVAL OCCURS 0 WITH HEADER LINE,
        T_RANGE TYPE RSEC_S_AUTH_VALUES_RANGE.
  SELECT-OPTIONS: ZAUT    FOR RSECVAL-TCTAUTH NO INTERVALS.
  PARAMETERS:     ZOBJN   LIKE RSECVAL-TCTIOBJNM DEFAULT '0TCAIPROV'.
  SELECT-OPTIONS: ZVALUES FOR RSECVAL-TCTLOW NO INTERVALS.
  LOOP AT ZAUT.
     LOOP AT ZVALUES.
        T_RANGE-IOBJNM = ZOBJN.
        T_RANGE-SIGN = 'I'.
        T_RANGE-OPT = 'EQ'.
        T_RANGE-LOW = ZVALUES-LOW.
        CALL FUNCTION 'RSEC_INSERT_FLAT_AUTH'
           EXPORTING
              I_AUTH = ZAUT-low
              I_RANGE = T_RANGE.
         CLEAR T_RANGE.
      ENDLOOP.
  ENDLOOP.
  Activate the program.
  Now when you run this program you'll be prompted for 3 parameters.
  The first is a list of Analysis Authorizations names that you wish to change.
  The second is the name of the InfoObject you want to insert to those authorizations, by default is 0TCAIPROV but you can change it to whatever you want
  The third is a list of values that will be inserted for those InfoObject.
  Therefore imagine that for authorization ZZZA, ZZZB and ZZZC you want to insert the object 0CUSTOMER with the values xpto, yyyy, and wwww.
  You would in this case run the program with the following parameters:
  AUT:
  ZZZA
  ZZZB
  ZZZC
  OBJN:
  0CUSTOMER
  VALUES:
  xpto
  yyyy
  wwww
  Please assign points,
  Diogo.

• Authorization Relevant Info Objects

  Hi Experts,
    In my Business scenario,Profit center infoobject is
  authorization relevant for FI reports.In my FI reports,I have used profit center authorization variable.FI reports are working fine according to the authorizations.
  In sales Report,users should be able to see all profit
  centers(No Authorization needed for sales report)
  In my sales Report,I have used value based non authorization variable.When I run the sales report,I am getting authorization error
  How can I make profit center authorization relevant for only FI
  Info Area?
  Can Some one help me in solving this problem?
  Thank you in advance.
  Reward Points expected

  Hi Senoy,
  I suggest the following steps,
  1. You should list all of Sales Report, after that you need identify all of InfoProviders of this sales scenarios.
  2. In base of the InfoProviders sales scenarios, you need list all of InfoObejct authorization relevant of this scenario. In case of the "0PROFIT_CTR" is part of the InfoProvider sale scenarios, you need include in your authorization with the follow value "*" (total access) or ":" (acess agregation).
  3. For avoid future problem, the InfoProviders sales scenario have to be different of InfoProviders FI scenario. Otherwise, you will have the same condition in both scenario with the 0PROFIT_CTR.
  I hope help you,
  Luis

• SAP BI authorization relevant

  All,
  I tried to create a custom authorization object for an infoobject otcaactivity (just for eg) .Before that I used RSD1 to make that infobject authorizartion relevant.But after that I inserted the infobject which is made as auth.relevant to the custom object and tried to assign value for the intervals.I got an message as the characteristic value is not authorization relevant...why is that?I tried in sand box..is it any way related to info cube which is not yet created for the particular info object in the sand box thats the reason I get error message ?
  Whats the reason to secure characteristics and key figure values?

  Hey,
  Activating business content mean making authorization relevant?
  For BW3.5 there is no need of the mandatory info objects?(0TCAACTVT ,0TCAIPROV ,0TCAVALID ,0TCAKYFNM)
  Whats the difference between securing through reporting authorization object and securing through BI specific object??
  Thanks

• InfoObject - Business Explorer Tab and field Authorization Relevant

  Is their a SAP utility / table / or transaction which can identify a field flagged on InfoObjects.
  I would like to determine all active InfoObjects which have the "authorization relevant" flagged on the
  InfoObject - Business Explorer tab.
  Version 7.0
  Thank you ...... dan

  Hi Dan,
  trIf you have used old analysis authorizations of BW3.5, in transaction RSSM if you click on Check authorization infoobjects for all infoproviders you should find a list of all authorization object which are in productive use.
  However, it does not give you the list of object which are marked as authorization relevant and have not been used in any productive cubes.
  Try table RSDCHA in se16. CHARNM - Put your char name and in OBJVERS put A. Authorization relevant flag would be 'X', if it is marked for authorization relevance.
  Hope it helps,
  Regards,
  Sunmit.

• Authorization Relevant Infoobject restriction for particular value

  Hi All,
  We have infoobject - 0COMPCODE which is authorization relevant. In query designer authorization variable - ZAUTH1 has been created.
  Now users want to restrict one particular Company Code (Ex- RU10) globally, so that none of the users will view this particular company code.
  We can't restrict this in query designer. Users can select among the company codes in the input selection of the report.
  Authorisations have been mantained in BW3.5 version
  Need help on this urgently.

  Hi Asish,
  Two ways.
  1. You can exclude the company code in the default values section, so that they would be able to view it in the list they see.
  2. You can exclude it in the authorizations assigned to the roles of the users. Give all the company code values in the authorization, except this company code, so that since the auth variable is createed in the query, you woulld view only the company codes that are authorized.
  Hope this helps.
  Regards
  Snehith.

• How can I activate 0CURRENCY  as Authorization Relevant?

  Hello gurus,
    I have many reports that use 0currency in the parameters in order to use a certain currency.  How ever we want to restrict the options using authorizations. 
  When I tried to mark 0currency as authorization relevant, i couldnt do it.  There is no tab of business explorer where I can mark it.
  ¿Does anybody knows how? or if it is not ossible, ¿how can i solve this problem?
  thank you!
  David Guerra

  Standard unitinfoobjects dont have Bex tab...if we use customized infoobjects we can

• Table name for authorization relevant InfoObjects

  Hi Gurus,
  In which table I could see all Authorization relevant InfoObjetcs ?
  Thanks
  Liza

  Hi,
  Table RSDCHA, field AUTHRELFL.
  or
  1. Go to RSSM t-code
  2.click the radio button Authorizations for several users there u have to enter ur login  Id name
  3.right hand side 1 spects symbol is there for disply-- click on it.
  It will show u all authorisation Infoobjects for u.
  Try this link. this might be helpful.
  Program to find the list of Authorization relevent info objects for given
  Regards,
  Haritha.
  Edited by: Haritha Molaka on Dec 7, 2009 5:47 AM

• List Database Table – Infoprovider, InfoObject, Flag Authorization Relevant

  Dear Expert,
  I’m working with SAP BI 2004s user management & authorization. I have several objects that I’ll have check. I don’t like check one by one, I like to check for the SE16 transaction, for this reason, I need to know what is the database table have content Infoprovider by InfoObject (Characteristics) which each have the flag authorization relevant.
  Moreover, in the same idea, which database has content Queries by Infoprovider which authorization variable?
  Thank for all,
  Luis

  For your first question:
  In addition to be above mentioned table, RSDCUBEIOBJ will give the information about Infoprovider and all the Infoobjects within this infoprovider.
  1. Find all the authorization relevant Infoobjects from RSDCHA table and copy them.
  2. In the table RSDCUBEIOBJ, paste all the Infoobjects obtained from 1 in the field "Infoobject". The result will be list of Infocubes and their corresponding authorization relevant Infoobjects.

• Error when trying to make an infoobject "Authorization Relevant"

  We are getting the following message in German when we try to make an infoobject - 0PERS_AREA "Authorization Relevant" (using RSD1), Can anybody help us in translation of this nmessage and possile remedy. In fact, I tried other infoobjects as well lke 0ORGUNIT, 0EMPLOYEE, etc with the same message.
  "InfoObject 0PERS_AREA: Keine Berechtigung, um die
  Berechtigungsrelevanz zu ändern"
  Thanks
  Raj

  hi raj,
  You should do first this :
  1. Goto RSA1->Click on Infoobjects->Select ur Infoobject(0PERS_AREA )-> rightclick->select Change It will give Change Characteristic screen in this screen-> click on Business Explorer Tabstrip observe in general settings vey below ur having one <b>check box for  " AuthorizationRelavent"-> check that check box --->save +Activte.</b>
  next u have to follow these steps :
  1.before going to authorizations u have to decide on which Infoobject u have to apply authorizations.
  EX: SD--- Sales Org, MM -> palnt ,purorg,FI> companycode.
  first u ahve to decide which area & on which Infoobject.
  2.goto that Infoobject --> change there check the checkbox Authorization relavent object cahechbox
  2.after that U Have to goto RSSM there u have to create authorization object
  Ex: Zxxx ( XXX is Infoobject Name ).
  3. In the same transaction Screen u have Infocube selection radio Button check that then select on which cube(cube means under that cube all Quaries) u have to make authorization for that perticuler Infoobject.
  4.next goto PFCG create role & save it
  5.goto Authorization tab in that selct edit authorization it will give automatiaclly authorization Templates in that u have to select only S_RS_RREPU & press Enter.
  6. Select manual pushbutton it will ask authorisation object enter ur authorization object what u have created ( zxxx) .
  7.click generate +enter
  8. goto user tab Enter userId+enter + click on usercomparision+ enter
  9.save the role.
  FOR HIRARCHIES:
  1. goto RSSM There u have one rediobutton called authorization hierarchy ( this radio button is very below the RSSM screen)
  2. there u have to select Hierachy on which u have to apply authorization.
  Thanks,
  kiran

• Making 0PROFIT_CTR Authorization Relevant (RSECADMIN)

  I am in need on restricting certain queires to run, based on specific Company Codes and Profit Centers.
  I have made so far, only Company Code (0COMP_CODE) authorization relevant.
  If I make Profict Center (0PROFIT_CTR) authorization relevant, should the existing queries be affected ?
  In other words, when a user runs existing queries (which require to pass a Company Code), could it be
  asked to provide the Profit Center as well  [I won't insert the Profit Center (characteristic 0PROFIT_CTR) in the authorization ] ?
  Best regards,
  Tom

  If you are on BW3.5 authorization concept, all the queries should not be impacted if those are on different multiproviders (as in BW3.5 concept you can select which object is to be authorization relevant for a multiprovider). If you need profit center to be authorization relevant for one query, all other queries on the same multiprovider will be impacted and if you do not want to add profit center characteristic in all the queries, you will need to create a role with : (colon) access and assign it to the users.
  In 7.0 authorization concept, a authorization relevant info object will impact all the queries on all multiproviders. If you dont want to use profit center as auth relevant for some multiproviders, you will have to take care of it with functional role for that multiprovider or you can use : (colon) data access role.
  Regards,
  Gaurav

• Mark InfoObject authorization relevant

  Dear Community,
  we've activated "authorization relevance" in one of our frequently used InfoObject and added it to an authorization object.
  We've the situation that the field information of this InfoObject disappears in reports.
  (The authorization object is nowhere marked as relevant for a DataProvider)
  Am I right that this isn't an expected bw system behavior??!
  Thx for some tips or remarks in advance.
  br, michael

  Sounds very peculiar...
  Did you add the authorization object to any roles? Did you specify any restrictions on values?
  For an overview of how we chose to implement security, see the following thread:
  Re: Auth Relevancy Not Working
  Hope this helps...
  Bob

• InfoObject 0TCAIFAREA Authorization Relevant

  Do I need to CHECK the InfoObject 0TCAIFAREA as Authorization Relevant for the SAP BI NW2004s NEW Analysis Authorizations concept?
  Please advice.
  Regards,
  Nicolette Nguyen

  Hi,
  Use transaction rsd1
  enter object name 0TCAIFAREA click on display
  Click on business explorer tab
  there you can find the check box authorization relevant or not
  Regards
  Ben

• Authorization Relevant Object

  Hi experts,
  Please suggest how to make an info object as an authorization relevant object. Please guide step by step.
  Thanks in advance.
  AJAY

  hi ajay,
  for authrization relevant info objects just mark your infoobject as authorization relevant in tha Business Explorer Tab of ur infoobject.
  then if u have authrization go to t-code RSECADMIN.
  here, undet the authorization tab ,
  just create an Authorization Relevant object into which just
  select ur actual info object name for which u want authorization.
  after this just double click on ur info-object and enter your all restictions.
  save it then.
  hope this will help u
  thanks.

• Suppressing Authorization-Relevant Values in Variables

  When a report has authorization relevant characteristic values, the values that have been assigned to that person are populated when the report is launched in the BI portal. For certain characteristics, this could be in the hundreds of values assigned to a person. What can be done to suppress these values?

  Dennis
  When you use a variable, ensure that it has an initial/default value. So when you execute your layout only the value [default] relevant to that characteristic first gets populated on the layout.
  Then, Ensure that you have the variable as a drop down box in your WAD template so that the user can select other values if he desires so.
  Srikant