Authorizations for Z and Y queries in BI
Hello everyone,
I have a BI developer who needs to be able to create/save as BEx Y queries directly on our QA and Production systems.
Right now they can do that on the DEV system because it is allowing changes to repository and cross-client customizations in transaction SCC4. QA/PRD do not allow this.
I was reading that you can allow people to create/save Y queries via authorizations/roles while still keeping the system locked down. Is this true?
If so, does anyone know what authorization object I need to use or add to a role? I tried to find one in SU21.
Also, does anything need to be done in SE38 to make the program call the auth check?
Any help would be greatly appreciated and <removed_by_moderator>
Thanks!
Edited by: Julius Bussche on Dec 3, 2008 5:49 PM
Hi Ben,
For changing Queries in non-development systems you have to make some changes to your transport system:
Transacation RSA1, Goto Transport Connection, Click on Object Changeability: change ELEM Query Element to 'Everything Changable'.
See [OSS Note 992965|https://service.sap.com/sap/support/notes/992965] for further reference.
Kind regards,
Lodewijk
Similar Messages
-
Authorization for Infotypes and Actions
Hi Experts,
In my project i have a requirement to give authorization to individual infotype level and also give authorization for each and every PA40 actions .
Please give me a solution if any.
thanks..
AvikHello:
For authorization to individual infotype, use object P_ORGIN, authorization field INFTY. In here you can specify individual infotypes, and also authorization level on field AUTHC:
R - Read access
W - Write access
M - Matchcode access
E, D - Enqueue, dequeue access (Asymmetrical double verification principle)
S - Symmetrical (Symm. double verification principle)
For authorization for each and every action, use:
INFTY: 0000 (Actions infotype)
SUBTY: ## (Specific actions)
This is done with basis team cooperation in transaction PFCG.
Hope this helps
Regards. -
Authorizations for materials and material groups
Hello experts,
Is it possible to limit the authorization to make purchase requerisiton of some materials or material groups depending on the user?
I heard that it is possible be able to update some materials using the authorization M_MATE_MAT and including them in the material master, material group and user. But this also works for the creation of purchasing documents (PR,PO,RFQ,...)? Do I have to include this authorization for all the materials? If they do not have I understand that works for every people.
Thanks in advance for your help
Best regards,Hi Madii,
actually Authorization works at the object level, i.s if you have provided the authorization for the user to makePR with certain Material Grp, then if you dont define that grp in the PO role, but still user will get the authorization from the PR role.
why you want to allow the user to make the PR of certain Mtrl Grp for which he should not be making the PO.
or let a different Body take care of the other mtrl Grp.
Hope it helps.
Regards,
Yawar Khan -
How to give authorization for create and change particular Condition Type
Hi...
In my requirement is , Only one user can be authorized to create and change a particular condition type 'ZABC' in vk11 and vk12 .
For remaining condition type can be used as in normal .
How to do this ? How to give authorization for a particular user for particular condition type ?
Plz guide me ..
Thanks in advance .
Deepa .Hi Deepa ,
u can check A.Object V_KOND_VEA, in user profile u can assign condition type or tables.
have a word with ur basis guy , so he can help u in better way.
aand also ref FM SD_COND_AUTH_CHECK
Regards
Prabhu -
Authorization profile that provides "all authorizations" for PP and LO
Hi:
I'm looking for several authorization profiles provided by SAP:
(1) Allow a user with "all authorizations" to work with PP module (Production Planning)
(2) Allow a user with "all authoirzations" to work with LO module (Logistics)
For examples, I found that there is the profile M_ALL that allows a user "all authorization" (universal authorization" for MM (Material Management) module.
If you have some idea about one of these above (1) and/or (2) profile, please help. Any help would be appreciated.
Thanks a lot,
Thuan NguyenThuan,
You can build it using PFCG fairly quickly. Go to PFCG, you will see a button called "Selection Criteria", all authorization objects are group by module (Object Class). You can include all PP auth objects in one shot. Logistic will separate into few class (General, Controlling, Warehouse Management, etc).
It will be fairly clear to you once you get there.
Hope this help.
Thanks,
Lye -
Authorization for va01 and va02
Hi all,
I have a requirement to add an authorization for certain fields (not for editing) in va01 and va02. If i create an authorization object for the same, is it possible to integrate auth object to roles and What will be the fields of auth object ?. Anyone can put comments.
Thanks and regards
JijoHi,
This is my code in so include program...
AUTHORITY-CHECK OBJECT 'ZSO_SCHED'
ID 'ACTVT' FIELD '02'.
CASE SCREEN-NAME.
WHEN 'RV45A-ETDAT' OR 'VBEP-WMENG'.
IF SY-SUBRC EQ 0.
SCREEN-input = 1.
ELSE.
SCREEN-input = 0.
ENDIF.
ENDCASE.
Now, i have to connect role to auth. object 'ZSO_SCHED'. Any idea how to do it?
Thanks and Regards
Jijo -
Performace Issue using Crystal Report For enterprise and BEx Queries
Hi all;
We are generating the following error stack when trying to build a report on top of a BEX query using Crystal Report for Enterprise :
|7C4F8ECE44034DB897AD88D6F98B028B3|2011 12 12 17:24:21.277|+0100|>>|E| |crj|20380| 56|ModalContext | |2|0|0|0|BIPSDK.InfoStore:query|CHVXRIL0047:20380:56.174:1|-|-|BIPSDK.InfoStore:query|CHVXRIL0047:20380:56.174:1|Cut2PbOe3UdzgckPBHn8spEab|||||||||com.crystaldecisions.sdk.occa.infostore.internal.InfoObjects||Assertion failed: Java plugin for CommonConnection is not loaded.
java.lang.AssertionError
at com.businessobjects.foundation.logging.log4j.Log4jLogger.assertTrue(Log4jLogger.java:52)
at com.crystaldecisions.sdk.occa.infostore.internal.InfoObjects.newInfoObject(InfoObjects.java:576)
at com.crystaldecisions.sdk.occa.infostore.internal.InfoObjects.continueUnpackHelper(InfoObjects.java:548)
at com.crystaldecisions.sdk.occa.infostore.internal.InfoObjects.continueUnpack(InfoObjects.java:489)
at com.crystaldecisions.sdk.occa.infostore.internal.InfoObjects.startUnpack(InfoObjects.java:464)
at com.crystaldecisions.sdk.occa.infostore.internal.InternalInfoStore$XRL3WireStrategy.startUnpackTo(InternalInfoStore.java:1484)
at com.crystaldecisions.sdk.occa.infostore.internal.InternalInfoStore$XRL3WireStrategy.startUnpackTo(InternalInfoStore.java:1464)
at com.crystaldecisions.sdk.occa.infostore.internal.InternalInfoStore.unpackAll(InternalInfoStore.java:910)
at com.crystaldecisions.sdk.occa.infostore.internal.InternalInfoStore.queryHelper(InternalInfoStore.java:944)
at com.crystaldecisions.sdk.occa.infostore.internal.InternalInfoStore.queryHelper(InternalInfoStore.java:929)
at com.crystaldecisions.sdk.occa.infostore.internal.InternalInfoStore.query_aroundBody24(InternalInfoStore.java:798)
at com.crystaldecisions.sdk.occa.infostore.internal.InternalInfoStore.query(InternalInfoStore.java:1)
at com.crystaldecisions.sdk.occa.infostore.internal.InfoStore.query_aroundBody20(InfoStore.java:175)
at com.crystaldecisions.sdk.occa.infostore.internal.InfoStore.query_aroundBody21$advice(InfoStore.java:42)
at com.crystaldecisions.sdk.occa.infostore.internal.InfoStore.query(InfoStore.java:1)
at com.businessobjects.mds.securedconnection.cms.services.olap.OlapCmsSecuredConnectionService.getConnectionObject(OlapCmsSecuredConnectionService.java:125)
at com.businessobjects.mds.securedconnection.cms.services.olap.OlapCmsSecuredConnectionService.getOlapSecuredConnection(OlapCmsSecuredConnectionService.java:191)
at com.businessobjects.mds.securedconnection.loader.internal.SecuredConnectionLoaderImpl.getOlapConnectionFromSecuredConnection(SecuredConnectionLoaderImpl.java:83)
at com.businessobjects.mds.securedconnection.loader.internal.SecuredConnectionLoaderImpl.getConnectionFromSecuredConnection(SecuredConnectionLoaderImpl.java:60)
at com.businessobjects.dsl.services.workspace.impl.DirectOlapAccessDataProviderBuilder.loadSecuredConnection(DirectOlapAccessDataProviderBuilder.java:193)
at com.businessobjects.dsl.services.workspace.impl.DirectOlapAccessDataProviderBuilder.loadSecuredConnection(DirectOlapAccessDataProviderBuilder.java:176)
at com.businessobjects.dsl.services.workspace.impl.DirectOlapAccessDataProviderBuilder.provideUniverseFromCms(DirectOlapAccessDataProviderBuilder.java:63)
at com.businessobjects.dsl.services.datasource.impl.AbstractUniverseProvider.provideUniverse(AbstractUniverseProvider.java:41)
at com.businessobjects.dsl.services.workspace.impl.AbstractDataProviderBuilder.updateQuerySpecDataProvider(AbstractDataProviderBuilder.java:119)
at com.businessobjects.dsl.services.workspace.impl.AbstractDataProviderBuilder.updateDataProvider(AbstractDataProviderBuilder.java:106)
at com.businessobjects.dsl.services.workspace.impl.AbstractDataProviderBuilder.addDataProvider(AbstractDataProviderBuilder.java:49)
at com.businessobjects.dsl.services.workspace.impl.WorkspaceServiceImpl.addDataProvider(WorkspaceServiceImpl.java:56)
at com.businessobjects.dsl.services.workspace.impl.WorkspaceServiceImpl.addDataProvider(WorkspaceServiceImpl.java:45)
at com.crystaldecisions.reports.dsl.shared.DSLTransientUniverseServiceProvider.createSessionServicesHelper(DSLTransientUniverseServiceProvider.java:72)
at com.crystaldecisions.reports.dsl.shared.DSLServiceProvider.createSessionServices(DSLServiceProvider.java:428)
at com.businessobjects.crystalreports.designer.qpintegration.DSLUtilities.getServiceProvider(DSLUtilities.java:279)
at com.businessobjects.crystalreports.designer.qpintegration.InitializeDSLRunnable.run(InitializeDSLRunnable.java:82)
at org.eclipse.jface.operation.ModalContext$ModalContextThread.run(ModalContext.java:121)
Here seems to be that a plugin is not loaded : com.crystaldecisions.sdk.occa.infostore.internal.InfoObjects||Assertion failed: Java plugin for CommonConnection is not loaded.
could this affect the performance of Crystal Reports for Enterprise and how could I fix this ?
Best Regards
AnisVenkat,
Thanks for your response. Please note, however, the transaction RAD1 does not exist. Let me provide more details about the current settings of the InfoObject.
The Characteristic is 'Item' (0CS_ITEM) and upon going to RSA1 > Modeling > InfoObjects > Item (0CS_ITEM) > Right Click > Display > Business Explorer (tab) > Text Type is set to 'Long Text' and BEx description is set to 'Long description' already.
When I run/execute the query with this Item characteristic, the results in BEx Analyzer is showing appropriate long text, however, Crystal Report for Enterprise shows short text only
K
Edited by: Kumar Pathak on Feb 3, 2012 6:18 PM -
Using wildcard parameters for MDX and RSQL queries
Hi,
Passing parameters to MDX and RSQL queries works,but is there a way we can pass wildcard(%) parameters to MDX and RSQL
Thanks,
Hari DevarapalliHari -- Try this Instr function -
http://publib.boulder.ibm.com/infocenter/dzichelp/v2r2/index.jsp?topic=/com.ibm.dwe.cubemdx.doc/mdx_instr.html
Thanks,
Venkat -
PI Developer Authorizations for ABAP and Netweaver
Hello,
I was wondering if anyone had the basic authorizations for a developer in PI? I also need to know what they need access to in the Configuration Tool? I have the Security Guide but I was looking for a little more specifics? Anyone that could help would be fantastic.
JamesHi James,
I find this one useful
http://www.erpgenie.com/sap/netweaver/xi/xiauthorizations.htm
As for the Config tool, i don't think developer should have access to it. It should be restricted to BASIS Team only
Cheers !!
Zaheer -
RRMX for executing and creating queries
Hi,
I have some users which are able only to create queries and another group which are only able to execute them.
Which auth object and values should I consider in order to distinguish these 2 roles?
Thanks and regards
FedeXHello, Firstly, may I suggest that the subject is misleading for the question asked.
Transaction RRMX only excute the BEX analyzer add in.
In BI/BW the authorization objects that govern whether the user is authorized to display/ execute / create / change queries are S_RS_COMP and S_RS_COMP1.
Both these objects work in tandem. Where as S_RS_COMP covers the infocube, info area authorizations along with activity and Report IDs, S_RS_COMP1 covers the authorization to execute reports (queries) created by author /Owner (SAP username). example: If the owner field in S_RS_COMP1 has user ID PTERRY01, a user who is assigned the role containing this authorization will only be able to execute queries created by the user PTERRY01.
Standard Activities 03, 16 allow the user to display / execute reports while 01,02 determine whether the user can create / change reports and if he can, what reports example: If the acitivty 01 is combined with report ID Y*, the user can only create queries whose names start with Y.
And please note, RRMX (Bex analyzer) does not allow you to create queries, Query designer does (link from BEX Analyzer opens up Designer).
Regards,
Prashant -
I sync my iPad to computer and get the following message: "some of the purchased items on the iPad, including 'Angry Birds', could not be transfeered to your itues library because you are not authorized for them on this computer. to authorize this computer for items purcchase from the iTunes store, choose Store>Authorize This computer.
I don't understand because the computer is one of my authorized computers. What am I missing?I have had this problem and after some time noticed that the apps that i couldnt put on my new computer were downloaded with a different ITUNES ID.
e.g.
I downloaded about 50 under [email protected] which was my account.
There were about 10 under [email protected] which is my daughters account (she used a $20.00 itunes card)
And a couple were from my sisters account [email protected]
i logged into those accounts and authorised the computer for each ID and it worked fine... You just have to remember what ID's downloaded each item. (app, song, etc) Log into each ID, authorise, then Sync....
Hope this helps..
Troy -
User Authorization for Network and Activity
I have given WBS authorization according to the Person Responsible.
Further I want to control all networks & all all activities under that particular WBSE.
System is blocking the reqd. WBS but allowing to create/change all Networks & activitites under blocked WBSE.
RIYA MHi,
Networks / Activities have different authorization checks than WBS / project definitions. You can check them by work center or plant, but not by person responsible on superior element.
From what I've seen you will have to either use a different authorization check or develop the check as an enhancement.
Kind regards,
Neil -
I want to create a super user on the production server who can create and save the queries only (no other authorization). He can save queries only under $TMP.
For that I have already created role for super user in the transaction PFCG and in business content S_RS_COMP and S_RS_COMP1 I have given all authorization.
Now User is able to create the query, but when He is going to save it the Error message is coming- 'No authorization for create and change'.
Please suggest what I am missing.
Regards,
DheerajHi Dheeraj,
Have you given auth as per http://help.sap.com/saphelp_nw04/helpdata/en/41/05453caff4f703e10000000a114084/content.htm : Analyst3? -
Plant level authorization for Notification Change
Hi All
We have 7 plants and person belong to one plant is able to open and change the notification of other plants.
In the role we have given restriction for the plant for the Tcode IW 22 and for the object SWERK .In the Notification only Workcenter and Plant fields are mandatory.
How can we restrict for a user belong to a particular plant can only change his plant notifications using IW22 only ---not IW28
Thanks in advance
gangsDear gangs,
Check in all the roles of that user in orgnozation levels maintenance plant and planning plant.
It may happen in one role you have ristricted for that user, but in other roles it may be having the t.code authorization for IW22 and with other plant also.
Check that also.
Regards,
Praveen. -
Authorization for Min., Max level
Dear Experts,
Where to set authorization for Minimum and Maximum Inventory level for logistic users?
Regards,
RaviHi Ravi,
Field level authorizations are not available in SAP.
You can only set authorizzation based on Item Master data.
Hope this will help.
Thanks,
Neetu
Maybe you are looking for
-
Video app on iPhone or iPad via Home Sharing is not playing movie's sound or video.
I can successfully connect to iTunes library via Home Sharing on my iPhone 6 Plus and iPad 3rd Generation. In Music app it works ok, but in Videos app, when I try to play a movie it doesn't play the video (but the sound) or the sound (but the video).
-
After transfer mail to new computer new message content not showing in view mode
I've been transferring data from OSX mavericks Macbook pro to imac using airdrop (migration assistant wasn't working). Wanted to duplicate mail from macbook so followed instructions for transferring as below http://www.macworld.com/article/1166999/tr
-
Capturing xml data returned from a url post in a jsp page
Hi, We are writing a interface which will capture data returned from an other website. The data returned will be in XML form. http://www.ecrm.staging.twii.net/ecrmfeed/ecrmfeedservices.sps?eCRMFeedInputXml=<twii><ecrmfeedinput><data%20method="Login">
-
Arial fonts in the headings of my website pages are distorted in FF4
I have heading at the top of my web pages using Arial font and this has been without problem for over ten years in any browser. The Arial font looks fat in FF4. Is this an issue with special coding needed for FF4 web-pages, or could it be that my ISP
-
Has anybody used motion control card like a CNC contol with G-codes with part program editor?
I have to use national instruments PXI 7344 motion card to substitute a CNC control that uses G-codes and M-codes in a part program . I need to know if some body has already developed such an application and also developed a part program editor.