Authorizations Issue in BI7

Dear Gurus,
I am having an issue with regard to Authorizations.  In BW3.x  with respect to query designer an end user can just change the local view of a query.  How about the same thing in BI7?  What are the procedures i need to follow to give an user authorizations to only the edit query local view.  Is there any BC role or Profile that i can just add to get the desired result.  Kindly give the inputs in a detailed manner as I am new to BASIS part.
Your Kind Inputs will be definitely rewarded with a great honour.
Regards
Mohan Kumar
Message was edited by:
        mohan kumar

Did you tried defining authorization objects using transaction code RSECADMIN, as this is working of me for Profit Centers.
Thanks.
Sachin

Similar Messages

  • Authorization issue in BI7.0

    Hi friends,
    Following is the situation,
    I have created two Authorization Anlysis objects on 0COSTCENTER.
    AUTH1 = COSTCENTER1, INFOPROV = A
    AUTH2 = ALLCostcenters, INFOPROV = B
    I have two queries built on each infoprovider.
    Scenario1.
    Assigned AUTH1 to User XYZ and when i run the Query on INFOPROV A, the variable on costcenter shows only COSTCENTER1 when i do the F4 on variable. : No problem with this scenario.
    Scenario2.
    Assigned AUTH1 and AUTH2 to User XYZ and when i run the Query on INFOPROV A, the variable on costcenter shows ALL COSTCENTERS when i do the F4 on variable but i am expecting only COSTCENTER1.
    Please suggest how to take handle this situation.

    Take a look at these links...
    http://help.sap.com/saphelp_nw04/helpdata/en/e7/56b23bdb0d0156e10000000a11402f/content.htm
    http://help.sap.com/saphelp_nw04/helpdata/en/a0/48f438f3422f2ce10000000a114084/content.htm
    http://help.sap.com/saphelp_nw70/helpdata/en/59/2cf4388818ac2be10000000a114084/content.htm

  • Hierarchy authorization pbm in BI7.0 with Front end of BW3.5

    Hello All,
    We have a problem regarding authorizations for the hierarchies in BW7.0
    We have migrated from BW3.1 to BW7.0. Authorization are OK in our BW3.1 server, the authorization on hierrachy work well.
    Current Issue (in BI7.0) :
    An authorization object for XCOMPROD for a hierarchy 'ZMAT_HIER'.
    There are 2 queries which have variables of XCOMPROD & ZCOMPROD in selection criteria, ZCOMPROD has variable of type 'Hierarchy node'
    I've a test_user which has authorization on Product Group 5 (one of the nodes in the hierarchy-ZMAT_HIER).
    When i run the queries independently with this test_user, the user has access to Group 5 only, which is correct. 
    When i run a web template report with any one query (from the 2 queries), the user has access to Group 5 (as in first case) - correct.
    However when i run a web template report having above 2 queries together, the authorization fails, as user gets access to root node (instead of only Group 5).
    FYI, we're using BW3.5 front end (no PORTALS)  with the OLD authorization concept (of BW3.1).  Not 'Analysis Authorization' as in BI7.0.
    Looking forward to an explanation/solution to the above.
    Regards,
    Nagendra.

    Hi,
    Check out the customization of SPRO to select the authorization concept. I suspect that it's set on the new authorization concept.
    Tomer.

  • No authorization error in BI7

    Hi
      Recently we had migrated to the new authorization concept in BI7 after that, when the business users open an query or workbook they get the selection screen and when they press F4 on company code info object  (Authorization relevant object) to select values they get an message" you don’t have sufficient authorization" and the out put does not get displayed. but as an BW developer i am able to open the same report without any error
    I checked in for authorizations in Su01 and su53 every thing looks fine for the business user.
    Note: This error occurs only to queries having infoobject company code
    Can someone help me out in this issue?
    Thanks a lot
    Sheetal

    Hi sheetal,
    I am facing the same problem what you have faced regarding authorization error in BI queries.
    when users try to open the workbook, select their options in selection screen and run it, they get warning 'you do not have sufficient authorizations'. when i try to run the same, i am able to open it. this is happening in prod.
    how are you able to solve this problem.

  • Secured WebDAV Mounted Volume Authorization Issues

    I use a secure WebDAV mounted volume from myDisk.se and up until the latest Security Update have had zero issues being able to manipulate files and folders as I would on a normal volume. However, since the installation of the Security Update (2009-004 (PowerPC) 1.0) I find weird things happening with this mounted volume:
    1) I am able to mount the secured WebDAV share using my security credentials.
    2) I can create a default "untitled" folder but when I try to change its name, the WebDAV authorization dialog pops up and despite entering the same credentials (why, I am not sure as the volume has already been properly credentialed in order to be mounted), access is denied.
    3) Trying to create a file within a folder on the mounted WebDAV volume I previously created pre-update causes the same authorization issue.
    I have no other WebDAV shares I can try to mount from any other companies so I am not sure if this is a myDisk issue or one borne from the Security Update. I am not a .Mac/MobileMe user and that info is not filled out in System Preferences. The internal hard drive has been meticulously maintained with Disk and Permissions repair being run both before and after each and every software update installed. Likewise, the volume's structure is also checked both before and after and shows no need for repairs.
    Any ideas? Perhaps there is a corrupted file somewhere that's affecting the authorizations needed by this third-party WebDAV volume?
    The machine that has this problem is the last model iBook G4/1.33GHz 12" display, 1.5GB RAM, and a 100GB 5400rpm HD which replaced the stock OEM 40GB 4200rpm drive about one year ago.
    I'm not willing to do an Archive and Install at this point as the loss of the WebDAV access to my online volume is not critical. Inconvenient as heck but not to the point where I'm willing (or able) stop my normal work to spend the hours it will take to get WebDAV access back.
    Thanks in advance for any insights.

    same problem here with webdav, I can't mount my idisk from university network on Mac Pro 10.5.3 (although it mounts fine from home network on both ibook and PMG5 10.5.3). Everything was fine with 10.5.2 and I already re-installed 10.5.3 combo. Other bugs as well with .Mac prefs (keeps crashing, sometimes it shows the available space on idisk but still no mounting, with error -35 or -8086), but .Mac sync is OK
    Jun 11 12:34:21 webdavfs_agent[579]: mounting as authenticated user
    Jun 11 12:34:22 kernel[0]: webdav server: http://idisk.mac.com/[username]/: connection is dead
    Jun 11 12:34:22 KernelEventAgent[75]: tid 00000000 received VQ_DEAD event (32)
    Jun 11 12:34:22 kernel[0]: webdav_sendmsg: sock_connect() = 61
    Jun 11 12:34:22 KernelEventAgent[75]: tid 00000000 type 'webdav', mounted on '/Volumes/[username]', from 'http://idisk.mac.com/[username]/', dead
    Jun 11 12:34:22 kernel[0]: webdav_sendmsg: sock_connect() = 61
    Jun 11 12:34:22 KernelEventAgent[75]: tid 00000000 found 1 filesystem(s) with problem(s)
    Jun 11 12:34:22 kernel[0]: webdav_sendmsg: sock_connect() = 61
    Jun 11 12:34:52: --- last message repeated 1 time ---

  • BI 7.0 Analysis Authorization issue: some reports displaying a blank page.

    Hi All,
    This is regarding BI 7.0 Analysis Authorization issue.
    Overview:
    we have restricted some queries at infoobject level.
    Issue:
    a. For some of the queries, we can see the selection screen but when we try to execute the query by clicking on the execute button (Queries WAD) we get a blank page, meaning nothing is displayed on the output (white/Blank screen).
    b. When we execute the same query through RSRT, we get a message which says "Disconnecting from BW server..".
    c. Let me explain further on this. Basically we are doing this in order to have limited access to Auditors at the client side. At the same time normal users should not get impacted due to this, hence we created two roles. One for normal users and other for Auditors.
    d.  Now the thing is that we execute the same report with normal user ID's the report executes properly and displays the output. it does not show the blank page.
    e. But when we execute the same report with Auditors ID then we get a blank page.
    Any idea why this is so?

    Hi Neha,
    I tried the below also,
    GL Acnt
    I EQ 0000134010
    I EQ :
    but still it didn't work.
    No Infoobject is missing in Authorization Object.
    For your point, "rsecadmin - > analysis -> execute as -> check for the desired user & analyze the log" it didnu2019t allow me to analyze, since as soon as click on execute button a pop-up comes up saying "Disconnecting from the BW server..."
    As mentioned earlier also it is giving me the below message,
    ""I>> Row: 103 Inc: AUTHORITY_02 Prog: CL_RSR_RRK0_AUTHORIZATION                                                                       RS_EXCEPTION        301CL_RSR_RRK0_AUTHORIZATION                         AUTHORITY_02"
    Kindly suggest, since this is a show-stopper for us!
    Thanks,
    Ishdeep Kohli.

  • Variable screen/variant screen authorization issue

    HI All,
    We have implemented standard Cost Center Overview Report(0SR_C02_Q0002) in BI 7.
    We have three selection fields:
    1.Company Code which is mandatory
    2.My controlling Area which is also mandatory
    3.Costcenter which is not mandatory
    The requirement we are facing over here is that in the Variable screen/variant screen when I enter a company code, then I need to display dynamically only those "My Controlling Area" values which are assigned to that particular company code and not all. In the same way after selecting the appropriate "My controlling area" value, I need to display only those cost centers in the cost center selection field which are assigned to the selected company code and My controlling area combination and not all.
    can anyone guide me on how to go about on this authorization issue at the variable screen itself.
    Please treat this issue/requirement on high priority.
    Appreciated in advance.
    Regards,
    raps.

    Hi,
    I think that an alternative to solve your concern could be using Web Application Designer (WAD).  In this respect, there are several design options, with different levels of complexity.
    As the simplest alternative, you could create a WAD including your query and three Dropdown Boxes: one for Company, a second for Controlling area and another for Cost center.  The four mentioned elements should be linked to the same dataprovider so, when you select a company, the options in the other two Dropdown boxes and the information in the query are updated.
    In order to enforce mandatory filter selection at Company and Controlling area level, you should set NO_REMOVE_FILTER='X' in both two Dropdown boxes, so that "All values" option -which would mean no filtering- is not offered.
    I hope this helps you.
    Regards,
    Maximiliano

  • Authorization issue - help request

    Hi guys,
    One of the consultants is having an authorization issue ( He is not abele to run a t-code)
    I ask him to run a su53 report and i am not sure how to proceed with this.
    Please help.
    Here are the details from the SU53 report.
    DISPLAY AUTHORIZATION DATA FOR USER VYXXXX
    User : VYXXX                       profile parameter authorization buffering    4
    Authorization Object: F_KNA1_GRP
    Description
    Authorization check failed:
          + Authorization object F_KNA1_GRP Customer Account Group Authorization
                Activity                                08
                Customer Account Group     ZM01
    Users Authorization Data :
          +  Authorization object F_KNA1_GRP Customer Account Group Authorization
                   Authorization  T-PD19002300
                  Authorization  T-UG39000900
                  Authorization  T-UG39001000
    Please help me guys what need to  be performed.
    Regards,
    Vamsi.

    Hi Vamsi,
    SU53 shows us the last failed authorization for a user. However, it might not only be the failed authorization object failed.
    Hence, "just to learn" , you can use transaction ST01 to enable and run a trace for particular users. Be sure to use in a test environment first, and with proper filters. (for a particular user only).
    Then check-> which auth object is failing.
    RC=4 means a object value is failing.
    RC=12 means an object is missing!
    Check, which tcode is calling that object and this tcode is present in which role. Then.........proceed.
    You can check the SAP documentation on running traces on the help portal of SAP.  I think you will find the answer yourself by troubleshooting more and may be massaging some test roles here and there!
    Likewise, if you are new to security, I would encourage you to start by reading some books on SAP security. Authorizations made easy is a good book to start with.
    Let me know if you have any questions
    EOD for me :P . take care
    Abhishek

  • Authorization issue during Jump

    Hi all,
    I am faced with an authorization issue when I am jumping from a BW report into an ABAP report in R/3. The particular BW report is built on a Multiprovider and when I jump to the R/3 report it displays a message saying that I have no authorization to display the R/3 report. Now the issue is that when I run the same report on the base infocube and perform the jump there is no problem. It works just fine.
    Both the multiprovider and the base infocube have the same authorization objects checked.
    Can someone please help?
    Regards,
    Ashmith Roy

    Pls have a look on the below thread:
    Authorization by InfoArea
    Regards
    Ganesh
    *Assign points if this helpful

  • Authorization issue in Info spoke

    Hi all,
    I am facing some authorization issue when executing info spoke in process chain.
    Info spoke is working fine in direct Scheduling (both background and Dialog).
    Am getting this error after execution of process chain
    "System error: RSDRC / FORM AUTHORITY_CHECK RSDRC / FORM AUTHORITY_CHECK R"
    "System error: RSDRC / FUNC RSDRC_BASIC_CUBE_DATA_GET RSDRC / FUNC RSDRC_B"
    "System error: RSDRC / FORM DATA_GET RSDRC / FORM DATA_GET RSDRC / FORM DA"
    "Extraction Cube : Error in DataManager API".
    I dont know why this problem comes.
    Can anyone tel me what went wrong and how to solve it.
    Thanks in advance.
    Kind regards,
    Shanbagavalli.S

    Hi All,
        The above issue is getting due to # character in text at end(e.g ljdfsaa##). After removing # characters in text issue got resolved.
    Thansk,
    Manjunatha

  • Authorization issue after the Support packs upgrade

    We're having problem on authorization issue after the SP upgrade.
    One issue if "You are not authorized to call up line item display" using FCH1 and FS10N tcodes.
    And the SU53 showing problem on S_TCODE FAGLL03.
    How are we going to solve this issue? We dont want to add this missing auth object on all our finance roles.
    Thank you in advance.

    How can i send you the trace file? What is your email address?
    If I were you, I won't do that. Did you not ever sign some confidentiality agreement? I wonder.
    Anyhoo... (copy right @ David)
    What are the objects been caught in category RC=4, RC=12?
    Relate them with functional aspect of the transaction (error screen)
    Edited : You can paste RC=4, RC=12 objects here without customer specific value if you want to.
    Regards,
    Arpan Paik
    Edited by: P Arpan on Aug 23, 2011 2:36 PM

  • Authorization issue - need to know the Role providing this access

    Hi,
    User is facing an authorization issue below:
    "You donot have authorization to display DataSource 2LIS_06_INV, Component MM" and
    "You donot have authorization to display DataSource 2LIS_11_VAITM, Component SD"
    Kindly let me know what Role is missing from the user's profile?
    Thanks and Regards,
    Sachin
    SAP Security Consultant

    Hi Murali,
    It helped.
    I found out the BW Data Support role for the object S_RO_OSOA and when checked it was already in user's profile but the missing part was user Comparision for that role.
    I did user comparision and then user is able to view the below DataSources....
    Thanks for your help, it triggered to find the root cause.
    Thanks
    Sachin

  • Authorization issue to execute query via analyzer

    Dear,
    We are experiencing an authorization issue that we can not solve...
    We have grant to user the expected objects to execute query (S_RS_COMP & S_RS_COMP1) and the central objects like S_GUI, S_USER_AGR.
    When we test in RESCEADMIN, everything is fine. We can execute the query.
    When we test it in the analyzer, the variable screen does not pop-up and we get the error message:
    "There is no variable in the workbook, which allows user input"
    Does anybody have a direction to help us to orientate our investigation?
    Many thanks,
    Rodolphe

    Hello,
    What is the basic settings you have in the Query Properties basic setting tab
    Try making it mandatory
    Regards
    Nitin Bhatia

  • Authorization issue to view cube contents

    Hi Gurus,
      I am getting Authorization issue to view cube contents in Production server, When I execute the cube it is showing me the following statement.
    "You do not have sufficient authorization for the infoprovider ZMMG_C05".
    Please provide me a possible solution for this.
    Thanks,
    Jackie.

    Hi,
    Two things to be checked with respect to authorization for this one.
    1) Functional Roles: Check whether Info cube is present in the functional roles that are assigned to you.
                                  If not you need to get the functional role in which the Infocube is assigned.
    2) Data Access Roles: Check in the data access roles assigned to you, whether you have the access
                                      to the selection that you are using to see the data in the info cube. Else, request
                                      BASIS team to assign the appropriate data access roles to you.
    Hope this helps.
    Regards,
    Bharat

  • Authorization issue within a table in BI

    Hello All,
    Here is my authorization issue :
    We have set up an authorization on infoobject Zapplication. End user is allowed to choose "HR" only.
    In Rsecadmin, infoObject Zapplication is restricted to "HR"
    Then, this authorization object has been assigned to end user.
    This user go to a specific table to select an application and a date.
    When user display the possible value he only see "HR". Which means our authorization is correct.
    However, this user can enter another value such as "SD". This value does exist in infoObject Zapplication. So, it means that there is an issue with our authorizations settings.
    We have added a control table, it's even worse in this case, authorization are not checked at all and all available values are displayed.
    Any idea to prevent the user to entered a value within this table ?
    Why our authorization does not check the value entered directly in the table ?
    Thanks &
    Regards
    Cath

    Hello
    For info we manged to restrict acces on this table by using event table from table maintenance and we have combined it with a specific authorisation object.
    Regs
    C.

Maybe you are looking for