BPC 10.0 NW - Matrix structured security

Hej Gurus,
I have been searching the internet for information about the possibility of doing matrix structured security in BPC 10.0 NW.
I have found that it is possible to do in 7.5 using a BADI, and I know that it is standard in BPC 10.1. However, I have not found a conclusive proof of it being possible in BPC 10.0 NW, can somebody please confirm og decline the possiblity of using security structured security.
If it is possible, how can we acheive it?
Best regards,
Mikkel Kristensen

Hi Gersh,
It seems to be a hidden feature within BPC 10.1.  For example it is not mentioned in the security guide.
What is needed is some sort of how to guide for this.  In fact there are no how to guides for BPC 10.1 at all!!  Something I find surprising as the product has been GA for several months.
You said that it is delivered and works in 10.1.  Can you please explain how to activate and implement it.
Regards,
Mark

Similar Messages

  • Matrix Structures

    I have created a matrix in two dimensions. Functional and Administrative. I have created relationship between a position and two superior positions. For the first superior position, I used 002 and for the second superior positions I used 004 relationship. (I hope 002 cannot be used twice for the same position.)
    I tried to generate the matrix structure. The dot was black only in 002 relationship. It should be black in 004 also, but it is not black.
    Points assured!
    Thanks,
    Nivedita

    Hi
    Why do you want to use the relation 004 for. Can you just explain the scenario.
    As in Matrix structures scenario you have explained i think u want to give one person reporting to two different managers am i Right?
    If it is so please use the dotted line relationship for the second position reporting than using the relation 004.
    Ge back if problem exists.
    R K

  • Matrix structure with MSS

    Hi , good Afternoon.
    Is posible user matrix structure (Matrix Organizations) with MSS?
    Regards

    Hi Juan,
    That's possible, but you have to follow OADP config (to include the custom relationship from your matrix org), then make accesible to MSS apps.
    You can enhance a group of org. views (by adding your custom relationships) to avoid do changes to MSS apps; for example for appraisal documents you have the 'MSS_HAP_STATUS' group, with the following views;
    MSS_HAP_EE_DIR
    MSS_HAP_EE_ORG1
    MSS_HAP_EE_ORG2
    MSS_HAP_EE_SRCH
    you can add a (previous created) custom view;
    ZEE_FROM_MATRIX
    Or create a new group, then depending on the app, you have to do some changes (for FPM apps like Employee Information -> maintain the FPM, in another, just change iView properties).
    Check for OADP config in the SDN Community, there is a lot of threads that can help you to build your custom solution.
    you can start in SAP Help: http://help.sap.com/saphelp_erp2004/helpdata/en/7f/bb834014d26f1de10000000a1550b0/content.htm
    KR!

  • Dynamic Smartform - Matrix structure

    Hi All
    i have a requirement to create a table dynamically in a matrix format. i am new to smartforms
    scenario is something like
    1) My internal table structure
    *Article   Store     Quantity*
    1a         S303         2
    2a         S304            3
    3a          S305         2
    4a          S306         4
    5a         S307         5
    1b         S303         2
    2b         S304         3
    3b         S305         2
    4b         S306         4
    5b         S307         5
    i want my smartform to be like
    *Article     S303         S304     S305         S306     S307*
    1a              2          3               2           4                5
    1b              2          3               2           4            5
    suggest me how can i achieve this.thanks in advance.
    Internal table structure may vary time to time
    Regards
    Chaitanya.A

    Article   Store     Quantity
    1a         S303         2
    2a         S304         3
    3a          S305         2
    4a          S306         4
    5a         S307         5
    1b         S303         2
    2b         S304         3
    3b         S305         2
    4b         S306         4
    5b         S307         5
    for this same internal table you have one more filed like char1.
    new internal table is
    Article   Store     Quantity   char1
    1a         S303         2           a
    2a         S304         3           a
    3a          S305         2            a
    4a          S306         4            a
    5a         S307         5            a
    1b         S303         2             b
    2b         S304         3            b
    3b         S305         2             b
    4b         S306         4          b
    5b         S307         5           b
    here you can take 2 varibles like
    data: var1 type char 250,
            var2 type char250,
            lv_n(3)   type n.
    lv_n = 20
    loop at newitab into wa_itab.
    concatenate ' 10 char space'  wa_itab-store  into var1+lv_n(20).
    concatenate ' 10 char space'  wa_itab-Quantity into var2+lv_n(20). .
    at end of char1.
    append var1 to final  interbal table
    append var2 to final  interbal table
    clear lv_n.
    lv_n = 20.
    endat.
    lv_n = lv_n + 20.
    endloop.

  • Tape Drive and Library Compatibility Matrix - Oracle Secure Backup Express

    Does Oracle Secure Backup Express support IBM System Storage TS3200 Tape Library with two Tape Drives?
    Regards
    Rado

    That library is listed on the support matrix which applies to both OSB-XE and OSB:
    http://www.oracle.com/technology/products/secure-backup/pdf/Tape_Devices10.2.pdf
    Keep in mind that OSB-XE licensing restricts usage to one server direct attached to one tape drive. Per your post, your library has 2 tape drives which cannot be used with OSB-XE but certainly could with OSB.

  • Matrix structure.

    Hi,
         Does anybody have some good documentation about Matrix organization in OM.can anybody explain me waht is use of matrix and how we use matrix in real time scenarios.and for example
    what will be dimention 1 and 2.if i want one org unit reports to more than one org unit .can u show me with example it will be highly appreciated i am really confused about Matrix.
    Thanks.
    Sunil.

    Hi
    I do not have document but can help you with the required steps
    1 You have to define the relationship which you want to maintain in a matrix in table T779M.(If not working you can go through SPRO under OM).For creating this table you have to mention relationship name along with dimensions.For each dimension you have to give object type and the evaluation path.(eg O-O-S , O-O-S-P, O-S-P, O-O-VACS  etc depending upon the matrix you want to maintain)
    2.Through Tcode PPME change access and PPMS display access you can see the relation which you have maintained in the above said table.Here you can maintain the relationships.

  • Unable to connect to environment after migrating Security from BPC 7.5 to BPC 10.1

    Hi Experts,
    We are working on BPC 7.5 to BPC 10.1 NW migration and after migrating the environment, we are unable to connect to environment.
    While trying to access, we are getting the following error:
    After taking a backup of the necessary environment in BPC 7.5 NW we are carrying out the 2 steps in the BPC 10.1 NW box:
    Step 1 : Tcode UJBR - Restore the environment in BPC 10.1
    Results: This is working fine.
    Step 2: Program UJT_MIGRATE_75_TO_101 - Running the migration utility in BPC 10.1 to make the objects compatible with BPC.
    2.1 Execute without Security Mapping
    Results:
    This is working fine. We are able to connect to the Environment and access the dimensions and models.
    2.2 Execute with only Security Mapping
    Results:
    After this step, we are not able to access the environments and are getting the Logon error.
    cannot get model "" in environment "xxxxxx" from Admin module
    The logon attempt failed; contact your administrator.
    If you have any options to resolve this error, it would be great.
    Else, we will have to re-build the entire security design manually.
    Regards,
    Sushant Pradhan

    Hi Andy,
    Thanks for your response. Yes, my id has SAP_ALL authorization.
    Still unable to access the environment after migrating security.
    To make things less complicated, we went back to BPC 7.5 NW - deleted all unwanted user ids, we kept only 3 user ids. Then, we took backup of application set and restored it in BPC 10.1.
    We created a mapping file of those 3 user ids in BPC 10.1 as NW user ids and executed the Migration utility. Again we have same error.
    Regards,
    Sushant Pradhan.

  • BPC Security

    To All BPC Experts,
    I am using SAP BPC MS V7
    Q1 - In the security How do I add AD User Groups in Custom Filter to the  (BPC has this opion but I can not add the filter as all 3 options are grayed out or dose not accept my input)
    Q2 - Is there an easy way to search for users in the search function that BPC provides?
    Thanks for all of your help.

    Q1 - Below is what i found in BPC help. Thanks for your direction.
    Rather than allowing all users within Active Directory (AD) to access Business Planning and Consolidation (BPC), you can limit the pool of users by adding them to a particular domain and then giving access to only those users. This is important because if you try to add a user from the entire AD, BPC may time out while searching.
    Features
    Defining User Groups
    You use the following features for defining a user group.
    Choosing user group names
    The group name is displayed in the Add Users assistant in the Admin Console. The default group name is u201CDomain usersu201D if a domain user installs the BPC server. The default group name is u201CLocal usersu201D if a local user installs the BPC server. You can modify the settings for an existing group by selecting the name of the group from the list.
    Defining Filters
    You use filters to define user groups. The following table includes examples of filters you can define:
    Scenario
    Example
    Description
    Single organizational unit (OU)
    OU=Marketing
    Finds users of the Marketing OU.
    Multiple OUs
    OU=Sales;OU=Marketing
    Finds users of the Sales and Marketing organizational units.
    Multiple OUs from a single container
    OU=Sales;OU=Marketing;CN=Users
    Finds users of the Sales and Marketing organizational units and the Users container.
    A group (or user) in an OU
    CN=DM,OU=Sales
    Finds users of the DM group in the Sales organizational unit.
    Multiple groups (or users) in an OU (when multiple groups are in a single or different groups)
    CN=DM,OU=Sales;CN=DM,OU=Sales2
    Finds the users of the DM group in the Sales2 organizational unit and the users in the DM group in the Sales organizational unit.
    Mixed condition
    CN=DM,OU=Sales;CN=FR,OU=Sales2; CN=HR,CN=Users
    Finds users of the DM group in the Sales organizational unit, users of FR group in Sales2 organizational unit, and users of HR group in the Users container.

  • What to do incase of new change in Org Structure while using indirect assig

    Hi all,
    This is my first post in this forum and I hope I will get the right answer.
    We have implemented the indirect role assignement and now we are in the process to set the process incase of any change in the Org Structure.
    Option 1)
    Me as a security engineer I have decied to have the following process:
    HR has moved an employee from position to position > HR will inform the SAP Security Engineer about the new change > SAP Security Engineer lock the user and send the new list of roles for the employee to the mananger and process team lead for approval > mananger and process team lead can either approve the request or suggest new changes > then the SAP Security Engineer will do the changes i(if any) and then unlock the user.
    Option 2)
    One of the Process Team Leads is suggesting that we assign the roles to the positions once, get it approved and then whatever happen we don't care.
    Please let me know what is the best way, and I am sure the first option is the best but a lot of manual work.
    I hope to get good response on this and I hope if there is supported document from SAP.

    >
    Julius Bussche wrote:
    > Option 1 sounds labour intensive. Option 2 requires better planning and testing.
    >
    > If your roles are built with the org structure in mind and the user's authority for anything other than basic common functions is from those position based roles, then you can assign the roles to the positions and let HR move the user's around as their jobs change in the org structure.
    >
    > What you should however be involved in is any changes to the org structure itself and the roles assigned to the positions and the roles themselves anyway.
    >
    > As you would be letting the system do a large part of the boring work for you, you should also monitor the usage of it from time to time.
    >
    > If you have a very large number of users and your org structure is stable and well defined (i.e. not a chaotic project structure...) then go for option 2 because it is more scalable.
    >
    > Cheers,
    > Julius
    In addition to Julius comments, I like to add the following base on our current security design.
    We have something similar to option #2 in place.  We have HR base security by positions.  We made sure the business owners of the security roles are aware of the security role to position mappings.  We have a matrix of security to position mappings that has been approved by the business owners.  Exceptions are address in the form of a Help Desk ticket.
    In this example all managers will get a set of roles.  The clerks will also get a set of roles.  Again these will be pre-approve role to position assignments.
    Position: Manager
    Assign Role: Z-GL-MANAGER & Z-AP-MANAGER
    Position: Clerk
    Assign Role: Z-GL-CLERK & Z-AP-DISPLAY
    Option #1 - It's too much work and you are assuming that all the players involve on the business process will follow through, from notification of move, to approval, and more notification, etc.
    As long as the business owners are aware and understand how position base security works option #2 is the way to go.  Of course we have other procedure in place before handing out security credentials, from submitting an SAP access form to mandatory training, etc.  We currently do not have the man power to have option #1 in place.
    Good Luck!

  • Matrix report - row field text extends into cell field's display space

    The horizontal elasticity of the row field in the matrix is set to VARIABLE. This row field's horizontal elasticity needs to be VARIABLE (not FIXED).
    However, this causes problems because if the row field's text length is long, the matrix does not change accordingly, i.e. the cell field does not move to the right to make room for the row field. So the row field extends into the display space of the cell field, and the text of the row and cell field overlap, and so the text is almost impossible to read (as well as ugly).
    I have tried to put a frame around the row and cell field so that they are together and move accordingly, but this hasn't helped. I have also tried anchors but they cause the fields to appear NULL when they are not.
    Any help is appreciated.
    -nelson
    [email protected]

    I think you'll need to revert to a fixed sized field and increase the height of the field to cope with the number of rows that you could have.
    You might be able to create a repeating frame above the matrix that tracks the matrix and pushes the whole matrix down as it expands, but I don't see how you could do this within the matrix structure itself.

  • Difference in Webi Report from BPC Multiprovider and BW Multiprovider

    Hello Gurus,
    I'm new in Webi but I have knowledg in SAP BI 7.0.
    The problem is as follows:
    BPC generates in BW some structures for its applications like Infocubes and Multiproviders.
    I create an Universe from BPC Multiprovider. When I creted the Webi Document, I can not see the hierarchies or parenths associated to the dimension in the bpc application (Multiprovider y BW). To solve this I create a BEx Query to associate the hierarchy in the characteristc an create an universe from the BEx Query. The problem of this is that I have to create a BEx Query and universe for every single parenth in the bpc dimension.
    Other test that I did was create a Z multiprovider from the BPC Infocube an build an Universe from it. When I create the Webi Documento now appears all hierarchy.
    Is something like a difference between the multiprovider that generates BPC and the multiprovider created natively in BW.
    Are there some corrections to fix the multiprovideres generated by BPC?

    http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/d0b0ae66-071d-2c10-5dab-89349a9dc40d?QuickLink=index&overridelayout=true
    BPC Multiprovider
    BPC multiprovider
    http://sapbpctutorials.blogspot.com/2011/04/reporting-plan-and-actual-values-in-bpc.html
    http://www.insiderlearningnetwork.com/molly/blog/cat/Crystal%20Reports

  • So Can I determine the business partners linked to user based on the assigned role and org. structure?

    Hello, I am working on a SAP CRM 7 Sales implementation and we are implementing leads and opportunity scenarios. The current business organization model is that there multiple vertical and horizontal departments. This is typical matrix structure. This organization has done the segregation of its clients based on the verticals so every clients belongs to at least one or more Vertical department but Horizontal departments can contact all the clients. In the same way sales executives are also either belonging to one or more Verticals or Horizontal departments? Horizontal sales executive can create leads for any clients available in the system but a Vertical sales executive can only create lead only for the client belongs to his vertical and assigned to him. This can be achieved by creating organization structure and business partner relationship.
    Now the problem statement is that few sales executives need work for both some Verticals and Horizontals at the same time. But requirement is that they should be able to do the both roles with single user id but multiple roles. So when sales executive is creating leads his vertical department, he should only be able to select clients assigned to his Vertical only but when he is creating lead for Horizontal department, he should be able to select any clients.
    So Can I determine the business partners linked to user based on the assigned role and org. structure?
    Please let me know if this is not clear also  note we are only using CRM WebUI no SAP ePortal.
    Thanks a lot your help in advance.
    Regards
    Sudesh Sharma

    Thanks, Tahir
    my problem has solved
    Kind Regards,
    Faisal

  • Retrieve ejb security roles list

    Hi,
    in a EJB stateless session bean is it possible to retrieve, by EJB context, the list of configured roles related to the current user?
    Thanks in advance.
    bye
    Rob

    Based on the link given here is the xml. This XML already exists in the application and has such structure
    <security-permission>
       <security-role-map>
          <role-name>developer</role-name>
          <server-role-name>role1</server-role-name>
          <server-role-name>role2</server-role-name>
          <server-role-name>role3</server-role-name>
          <server-role-name>role4</server-role-name>
          <server-role-name>role5</server-role-name>
       </security-role-map>
    </security-permission>
    My question is, which of the following annotation will work:
    @RolesAllowed(value=)
    or
    @RolesAllowed(value=)  //currently I am using this.
    Edited by: Arpit Goyal on Feb 27, 2009 4:39 AM

  • EJB security roles

    Hello,
    I am using JDeveloper 3.2.2 to deploy EJBs to an 8.1.7 DB. Could someone point me in the direction of some documentation that would explain the concept of security roles and users for EJB methods? Do the users have to map to real users in the DB or how are they handled etc.
    Thanks in advance,
    - Nik

    Based on the link given here is the xml. This XML already exists in the application and has such structure
    <security-permission>
       <security-role-map>
          <role-name>developer</role-name>
          <server-role-name>role1</server-role-name>
          <server-role-name>role2</server-role-name>
          <server-role-name>role3</server-role-name>
          <server-role-name>role4</server-role-name>
          <server-role-name>role5</server-role-name>
       </security-role-map>
    </security-permission>
    My question is, which of the following annotation will work:
    @RolesAllowed(value=)
    or
    @RolesAllowed(value=)  //currently I am using this.
    Edited by: Arpit Goyal on Feb 27, 2009 4:39 AM

  • Matrix  Organization in OM Module

    Hi experts,
    My client want to implement matrix Organization in OM Module. I have to study about matrix organization and until now I still have no ideas what actually matrix organization was. My question is :
    1. What is the matrix organization ?
    2. What is the function of matrix organization ? 
    3. What is the impact if I implement this?
    4. Is that any possibility to implement matrix organization in OM module.
    Needs your help. Thanks in advance.

    MATRIX is one fo the Structure we use to Develop the OM structures as we do with Simple Maintainence , staffing method ...........along with these MATRIX is of the structure
    See this:
    Matrix structure.
    see this:
    http://help.sap.com/saphelp_47x200/helpdata/en/bb/bdbe58575911d189240000e8323d3a/frameset.htm
    http://help.sap.com/saphelp_47x200/helpdata/en/bb/bdbe65575911d189240000e8323d3a/frameset.htm

Maybe you are looking for