BI Authorisation Roles???

Hi there,
I have been having a problem with the BI authorisations on our Dev box.  It seems that all our Characteristics werent marked as authorisation relevant and the 0BI_ALL authorisation object doesnt help.  The only way to get a user to open a report is by giving them SAP ALL.  Is there any BI role that enables a user to view all reports on BI?
Thanks in advance.

Hi,
1/ there is the standard role template for viewing report, "BI Report user" .
2/ the purpose of BI authorization object is used for restricting data more than granting authorization . This meant that If you only want to grant authorization to view report, you no need use BI auth object. Just create REPORT_ROLE from standard template I have mentioned above.
Hope this helps
BR
TRUC

Similar Messages

  • On Authorisation - Role Creation

    Hi mates,
      I would like to create a Authorisation Role based on SAP Standard Templates
    Basically, this Role should allow the user to do modelling in RSA1 including Loading of Data via InfoSource from Source System
    Please advice your suggestions!
    Here are the SAP Templates :-
    S_RS_RDEAD
    S_RS_ROPAD
    S_RS_RDEMO
    S_RS_ROPOP
    S_RS_RREDE
    S_RS_RREPU

    hi John mate,
    try S_RS_RDEMO
    http://help.sap.com/saphelp_bw33/helpdata/en/80/1a6866e07211d2acb80000e829fbfe/frameset.htm
    http://help.sap.com/saphelp_bw33/helpdata/en/80/1a6880e07211d2acb80000e829fbfe/frameset.htm
    In BW, the following roles are pre-set and can be used as templates for generating profiles:
           1.      S_RS_RDEAD BW role: BW Administrator (development system)
    The BW Administrator deals with the following tasks in the development system: Maintaining the source system, uploading metadata, executing queries for the statistics InfoCube and maintaining aggregates.                       
           2.      S_RS_ROPAD BW role: BW Administrator (productive system)
    The BW Administrator in the productive system is mainly responsible for maintaining the connection to the source system and executing queries for the statistics InfoCube.                    
           3.      S_RS_RDEMO BW role: Modeler (development system)
    The BW Modeler in the development system works on the data model. He/she is responsible for designing data targets, InfoObjects, InfoSources and the data flow, as well as defining communication structures, transfer- and update rules.  
           4.      S_RS_ROPOP BW role: Operator (productive system)
    The main task of the BW Operator in the productive system is to upload data from the source system and monitor the results                                                 
           5.      S_RS_RREDE BW role: Reporting Developer (development system)
    The main task of the Reporting Developer is to design the queries for the reports you want. He/she creates authorization objects for these reports.
           6.      S_RS_RREPU BW role: Reporting User
    The Reporting user executes queries using the BEx Analyzer or via the Web.
    hope this helps.

  • VMS Authorisation roles

    Hi
    Could someone please help with assigning authorisation roles. I assigned transaction VELO in the role. When I test the role with ACTION CRE1 to create a planned vehicle it works. But when I click on the CONFIGURE button it gives me an error
    "XCM scenario VEHICLEMAN DEFAULT not found". The authorisation role is missing Objects. I am not sure what object and I do not know how to look to see which objects are missing.
    Thank You
    Tiaan

    Hi                                                                         
    Please   maintained VELO_CU50_ACTIVE ='X' in parameter    
    id for the user in transaction SU3( SU3 -> tab "parameters"
    -> Parameter id :-   VELO_CU50_ACTIVE and parameter value
    "X"  and check the scenario if the issue still persist then the
    This error usually points out to a J2EE  engine problem.                                                            
    Did you install the j2ee engine and then on deploy IPC web application  using SDM(Software Deployment manager)? If not please do so.   please  refer Webinstallation guide for that .
    Many thanks!
    Vijayesh V V
    Ps: Reward points if it helps

  • Authorisation roles and transaction codes for users(MTO--PPmodule)

    Hi !!!
    GURUS !!!!!!!!
    I am working here on live project for  make to order scenario.
    We are using only batch management.
    Could you give me transaction codes for users for authorisation roles.
    All codes from start to end scenario.
    Regards,
    Nitin

    Dear,
    You have to do the JRM - Job role mapping. The list of transactions cannot be decided commonly across all implementations, as per your Business process definition you have to list the transactions invovlved and which business roles are required for that.
    One example: PP_Planner is a Role, this is applicable for the planning person, he will be given transactions related to SOP, DM and MRP, he will not be given transactions related to SFC. Its vice versa for a operations person.
    Thanks & Regards,
    Vijaya Bhaskar A

  • Authorisation roles table

    Hi all,
    Could anybody let me know which table holds the entries of authorisation roles. normally for a authorisation role there will be one or more user names assigned to it. I need to know which table stores all these entries plzz.
    Thanks,
    Kiran

    Hi ,
       Table AGR_USERS gives Assignment of roles to users
    Regards,
    GSR.

  • Authorisation Roles

    Is there any way to see what aouthorisation role allows me to manage data of an infocube? Or al the roles of an infocube?
    Thank you,
    Gabriel

    Hi Gabriel
    If you need to check what authorization you don't have then do as below:
    1) try to execute the task, example try to manage the infocube and then if it say you don't have auth. or not authoirzed then look into su53 ( this will tell you the authorization object which is not there in you already assigned roles as of now) .
    Now once you get the required auth. objects then goto Suim and choose roles with complex selection criteria and then put that authorization object there with required activity/values( can be seen from su53 ouput) and then assign that role to your id and then you should have required authorization.
    You can follow above approch for all of your future auth. problems.
    Cheers
    Vishal

  • BEX Selection Screen Authorisations

    Hi all,
    I have developed a new authorisation role for a demand planner in APO. Part of its function is to allow the user to run a BEX report on a remote cube. This is working, apart from the selection screen when running the BEX query does not appear. This is NOT due to personalisation of variables.
    When I grant the same user the SAP_ALL profile, the selection screen appears when repeating this test. I have ran traces and gone through the SAP_ALL profile and ensured that every BW object I could see existed in my new role.
    Sadly I have not reached an answer as to what is missing in my role. Any ideas?
    I appreciate any help you can give on this matter.
    Kind regards,
    Nick

    Hi Ravi,
    There is one characteristic in the query that I've made authorisation relevant, 'Sales Org'. I have added the associated authorisation object to the role and as a test I've also given full access to this object in PFCG. This is why I would still expect it to prompt me with a selection screen.
    Sadly this is not the case. Do you have any other ideas? I do believe it is to do with at least 1 other SAP standard authorisation object, I just can't find which one it is.
    Thanks, Nick

  • Indirect Role Assignment

    I am adding roles to positions using indirect role assignment, when adding the role to the position I am prompted to carry out a reconcilliation of indirect user assignments, receive message 'Indirect user assignments ok'  so then I've run PFUD.  When I check both the role and the user I cannot see the role attached to the user, but the role is listed in the 'Relationships' in PP01.
    A new organisation structure has been created, when I click on the drop down at the 'change agent assignment' the old organisation structure is displayed.  Any suggestions please how I can select the new organisation structure?
    Thanks

    Hello Anthea,
    to pass on a role from a position to a SAP user id I would suggest the following.
    Go to transaction SA38 and run report RHPROFL0.
    Some notes on the report and report selections.
    The report can be used to eveluate and assign roles from HR objects to SAP users. The report starts reading at a given HR object along an evaluation path. It then updates the SAP user found with authorisation roles.
    Selections:
    You have assigned the roles to a position therefore you should select object type S.
    Then put the position number in the Object ID.
    The key date is hopefully self explaining.
    The evaluation path might have defaulted to PROFL0. That would be the correct one.
    The program has a test mode. I suggest you run the test mode first. It will tell you what the program would change in an actual run.
    In the next selection box - "Generate authorization profiles"
    You might leave the ticks in the boxes:
    - Standard authorizations
    - PD authorizations
    That will generate profiles if they aren't generated yet.
    Next selection box - "Delete manually maintained authorisation profiles"
    Leave the tick boxes blank if you have any direct assigned roles.
    If you tick the boxes all roles and profiles directly assigned to SAP user ids will be deleted.
    In section "New Users"
    There is a tick box "Generate".
    If that box is ticked the report will create new SAP user IDs for all occupied positions with roles but without SAP user ID on the Employee record.
    You might leave that box unticked for the moment.
    I suggest to create the application log --> Last tick box on the selection screen.
    Some general comments at the end.
    The report RHPROFL0 might be scheduled in production systems if indirect role assignments are used. Depending on your needs make sure that the deletion of manual assigned profiles is activated or deactivated.
    If you do not enter an object id, the report will run for all object ids.
    A further note on the indirect setup.
    If roles should be passed on from a Position to a SAP user id, it is important, that the following conditions are fulfilled.
    The Position is valid/active as of the report key date.
    The position has a holder at key date.
    The holder has an assignment of a valid SAP user ID at key date. Infotype 0105 subtype 0001 for object type P.
    The Roles on the position are valid at the key date.
    I hope that helps solving your issue.
    Best regards
    Karsten

  • PR Release Strategies and Authorisations

    Hi Guru's
    My client is trying to set up their item-level Purchase Requisition Release Strategy to include Cost Centre (of which there are about 800), but they would also like to minimise the number of release strategies to cut down on maintenance of authorisation roles.
    If we were to create a release strategy for each cost centre (or group of cost centres), that would result in an insane number of release strategies. So, if cost centre were removed as a criteria in the release procedure, is there any way of controlling the release authorisation based on the cost centre?
    So, if a requisition line is created for a certain amount, it will have release strategy, say S1 and release code R1. Two approvers are authorised to release this combination. Is it at all possible to restrict the ability to release this line item to just one of them? Either by config or using a coding solution.
    I hope that made some sense.
    Thanks
    Lyal

    I hope the below link will help you:
    http://www.sap123.com/showthread.php?t=59

  • Role does not allow visibility on activities

    Using CRM 2007 sp4 I have recently created a new business role and have assigned this business role a pfcg authorisations role (based on the original sales manager role).  I was having problems having users assigned to this role being able to create activities.  When they try and create an activity in the calendar area, or through quick create links set up as direct links in the direct link groups or through the activity component no activities types were selectable from.  The setup of the authorisations appears fine as if i give the users sap_all access they can create any of the activity types they want.  In my pfcg role I had been using the authorisation object to control access to spsecific transaction types (object :  CRM_ORD_PR) and eveything seemed to be ok.
    The system gives me the following info:
    Details No transaction type is available for creating a transaction
    Diagnosis: No transaction type is available when creating a transaction. This can be due to the following reasons:
    No transaction type is available according to Customizing
    The user has no authorization for the transaction type
    System Response
    It is not possible to create the transaction.
    Procedure
    Make sure that:
    The transaction type is set up in Customizing
    The user has authorization for the transaction type
    From what i can see this appears to be an authorisation issue but i'm unsure what authorisation objects are required to create activities.
    Any help would be appreciated
    Regards
    Eddie

    Hi Eddie,
    based on the fact that you are setting restrictions on transaction type CRM_ORD_PR , it means you are actually modeling your access according to the third level check during the authorization check process flow for business transaction processing.
    As such you should have access for following authorization objects:
    CRM_ACT (value 45 = allow)
    CRM_ORD_PR (where you restrict the allowed activity AND the allowed transaction types)
    CRM_ORD_OE (where you restrict access based on the allowed sales/service organization).
    you must at least have all 3 authorization objects avaialble in your PFCG role, and some concrete values should be maintained as explained above.
    The problem however 'might' also be due to missing authorization on "UI component level"; based on object UIU_COMP.
    As such it 's a good idea to perform tracing.....
    cheers
    Davy Pelssers

  • DSD Settlement Cockpit authorisation issue

    Hello
    We are using paper-based DSD. There are many TPPs mapped to several Settlement offices. Objective is to restrict a user to have a worklist  consisting of shipments related to Transportation Planning Point that are assigned to his user-id via authorisation/roles. Currently, all users (irrespective of which state(BSO) he/she belongs to) get a worklist of all shipments.
    Any ideas/suggestions on how we can implement such an authorisation?
    Ujjwal

    Hello,
    After you Assign Allowed Settlement Types to Settlement Office in customising use Parameter ID /DSD/SL_BSO and assign it to user profile parameters.
    Hope this helps.
    Best,
    Osnat

  • Authorization roles for Release Codes

    Hi,
    We have a requirement wherein the release codes for the PO release strategy are about 100. The roles are repeating itself i.e. Buyer, Manager, Director etc for different countries and other attributes. Is there any way by which we can reduce the authorisation roles.
    Regards,
    Mohit Sehgal

    If you have implemented the Work flow than you don't need the repeated code for manager or buyer etc.
    you can just define the oce code for each position and use them in release strategy and based onthe workflow with combination of HR org structure you can send them to appopriate manager
    e.g. you have 10 manager and each manage has 10 buyer
    so you create one manager relese code e.g. MG and one Buyer code BY
    now you have create many release strategy where you enter the MG code and BY code but you want send the PO for approval based ont he buyer
    so you have to set up the HR ord sturcture in the tcode PPOCE and create teh tree for the buyer code and manager relation ship
    now when you create the release strategy you will enter the purchase group in the release strategy which is assigned to the buyer code and based on the HR org structue it will find the appropriate manager whitout defining many manager code and buyer code.
    or if you don't have the workflwo than you have to create diff buyer code and manager code.

  • Auto Creation of Inbound Doc from Outbound Doc

    Hi
    We have the scenario where the inbound delivery is automatically created from the outbound delivery.  This is done using a header output on the outbound delivery.
    The message fails to process giviing the error that it has no authorisation to process against the shipping point.
    Where does it check for this autorisation as we I have checked all the users roles and where shipping point is maintained the shipping point the system is complaining about is maintained.
    Am I missing something?
    Thanks
    Vinesh

    It seems the output processed user does not has authorisation to create inbound delivery against shipping point.Check authorisation roles you may get some clue.

  • Down Payment Blocking and Release

    Hi,
    My company reauires a block for all down payment request and subsequently release by the manager for further processing.
    Can some one explain how to go about it. Is it standard SAP??
    Best Regards,
    Sathya

    Hi Satya /
    I feel this can be achieved in standard SAP as under :
    When a person want to process a down payment , we have make the post option disabled , so that he can park that down payment document. when he park a document , it can triggar a mail to his/her superior.
    The next level person can post the down payment after duly verifiying the same .
    changing Authorisation roles , this can be done.
    assign point if helpful

  • I want to add transaction code for one user.

    Hi abapers,
    My requirement is;
    I want to add transaction code for one user.
    EX: zsdf to kanne.
    Can any body tell me the procedure step by step.
    With regards,

    If you want to give authorisation to an user for a particular tcode, you need to first include the transaction code in an authorisation Role and then assign the authorisation role to the user id in the transaction code SUIM.
    A Basis guy will be able to help you to do this and anyway this is not the job of an ABAPer.
    Hope this helps you.
    Reward if this helps you

Maybe you are looking for

  • Retail POS Data

    Hi We have a requirement where in we need to transfer data from Retail POS system into BW cubes. I read in help portal that POS Inbound Processing Engine (PIPE) is used to pull the data from POS database. 1. Is PIPE available readily in BI system or

  • MRP creating cancel notices for min max purchased items

    We use min max planning for many repetitive purchased items. These same items are also set to MPS/DRP Planned as well. This is only so we can use the Planned Order report to identify material shortages to flow schedules. However, MRP exceptions is re

  • Firefox always loads previous session despite the option set to show hompage on start up.

    Last night, a problem began occurring when I launched Firefox. Every time I open my browser, it launches the previous session from when I last closed it. The problem persists despite many attempted fixes. The option "When Firefox starts" is set to "S

  • Cannot see photos

    I have a bit of a problem with my aperture library, probably something silly I did, but would appreciate some advice. Here is the situation, something happened, I clicked restore masters (or something like that), and then aperture spend the night pla

  • Cannot find my iTunes on computer at all for the past two weeks.

    I have been looking for my iTunes in my music folder and it is nowhere to be found. I have 5 ipods and have purchased many audiobooks etc...and now have no access to anything. Every time I click on the desktop icon I get this window: "The folder "iTu