BPS / BW authorizations

Similar Messages

• BPS Hierarchy Authorizations

  Hi All,
  We are implementing hierarchy node based authorizations for our BPS and related queries and it works fine. We have 300+ nodes and for this we would require a role for each node of the hierarchy (that would be 300+ roles).
  Now we are planing to use a hierarchy node exit varaible so that we end up with only one role. Can someone please let me know if there are complications in this approach or, if anybody has implemented this, can you please share your experience.
  Thanks,
  Jay
  Message was edited by:
          jayaroop gullapalli

  Marc,
  Thanks a lot for the solution.
  Firstly pardon me for my ignorance.
  Do I really not need any roles at all? How would the users get access to the planning functions related to their fund centers (its a fund centers based hierarchy)?
  Please correct me if I am wrong, I think I will need one role that gives access to the planning functions and the authorizations in RSECADMIN will restrict to fund center nodes. But this way, half the burden of building 300+ roles is now decreased. Thanks for this solution.
  Our fund center hierarchy is based on the characteristic 0FUNDS_CTR and not on 0TCTAUTH. It looked like the second option in point 4 of the link you provided will not serve my case.
  http://help.sap.com/saphelp_nw2004s/helpdata/en/e3/fc8b41b5b3b45fe10000000a1550b0/frameset.htm
  Would I have to build 300+ authorizations using RSECADMIN for each node?
  Again thanks a lot for your guidance
  Message was edited by:
          jayaroop gullapalli

• How SEM BPS works with SAP BW

  Hi,
  How SEM BPS works with SAP BW.
  how to save planned in SAP BW.
  how to work with the data in Basic cubes and Transaction cubes.
  what is the relation between these two cubes.
  Thanks,
  cheta.

  hi,
  chk the link for BPS
  https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/7c85d590-0201-0010-20b5-f9d0aa10c53f
  Can any body send the material for BPS?
  Authorization for BPS
  Ramesh

• Marketing Plans & Campaigns

  I am a BW developer and have a project to work with CRM to build the Marketing Plans & Campaigns.  I have some experience with BPS, so I think I can work with this piece of it also.  However, the first problem I am having is when I go thru the following in CRM:
  SPRO->Marketing Planning and Campaign Management->Key Figure Planning
  The problem I have from this point is when trying to go into Planning Workbench or Define Key Figures. 
  When I try Planning Workbench, I get an error "Access via NULL object reference not possible." 
  When I try Define Key Figures, I get "You are not authorized to use Transaction UMK_MB"
  When I do an SU53 for both of these, it shows all authorization checks were successful.  So I am thinking there may be a problem with the BW to CRM connection.  However, we have another CRM project that I am not having any problem with.
  My next question is how does BPS play into the Marketing Campaigns?  I thought all the planning happens in CRM, so why can't I just pull the results into the BW InfoCube, instead of going thru BPS.
  Any info about anything to do with this, would be greatly appreciated.

  Hi Keith,
  Please check the below link which will explain how BPS is integrated with CRM Marketing planning & Campaign Management.
  http://help.sap.com/saphelp_crm50/helpdata/en/8e/6480ac5efb49f795efe5a50a1d3e07/frameset.htm
  Also please check if you have made the below customizing in CRM for BI :
  BI Update flag: Marketing --> Marketing Planning and Campaign Management --> System Landscape --> Activate BI Update.
  RFC Connection to BI: RFC connection to the BI system in Customizing by choosing Marketing
  -> Marketing Planning and Campaign Management --> System Landscape --> Define RFC Connection
  Also please make sure that user assigned to the system is a dialog user and the user has the required planning authorizations.
  For BPS planning Authorization please see the below link:
  http://help.sap.com/saphelp_crm50/helpdata/en/c8/ad8438619a7c51e10000009b38f842/frameset.htm
  Hope these help !
  Regards,
  Naveen

• Authorization in BPS

  Hi Everybody.
  We have Multi-Planning Area ZMPA that consists of standard planning areas ZSPA1 (infoProvider ZICPA1) and ZSPA2 (infoProvider ZICPA2).
  ZICPA1 infoProvider has:
  - characteristics
       0BUS_AREA;
       0CALQUART1
       0CALYEAR;
       0CMMT_ITEM;
       0FM_AREA;
       0FUNDS_CTR.
  - a key figure 0OI_EXPENSE.
  ZICPA2 infoProvider has:
  - characteristics
       0BUS_AREA;
       0CALQUART1
       0CALYEAR;
       0CMMT_ITEM;
       0FM_AREA;
       ZFUNDCTR.
  - a key figure 0OI_EXPENSE.
  ZFUNDCTR is compounded with 0CALYEAR, 0CMMT_ITEM, 0FM_AREA. ZFUNDCTR has a navigation attribute 0FUNDS_CTR.
  Example of ZFUNDCTR master data:
  ZFUNDCTR   0CALYEAR    0CMMT_ITEM   0FM_AREA      ZFUNDCTR-0FUNDS_CTR
  01        Y1          A1           2700          01
  01        Y1          A2           2700          01
  02        Y1          A1           2700          02
  02        Y1          A3           2700          02
  03        Y1          A3           2700          03
  03        Y1          A4           2700          03
  Where Y1 - year value,
  A1..A4 - different values.
  0FUNDS_CTR is an authorization relevant characteristic. We have selected the 'Obsolete Concept with RSR Authorization Objects' and have created an authorization object ZOFUND for InfoProvider ZICPA1 only.
  The planning function ZMPAPF at the ZMPA area should copy data from ZSPA2 to ZSPA1 with formula like this:
  === begin ===============
  Operand {0FUNDS_CTR,ZFUNDCTR,Plng Area}
  DATA s_fund TYPE STRING.
  DATA V_0FUNDS TYPE 0FUNDS_CTR.
  DATA V_ZFUNDS TYPE ZFUNDCTR.
  foreach V_ZFUNDS in REFDATA.
    s_fund = V_ZFUNDS.
    V_0FUNDS = s_fund.
    {V_0FUNDS,#,Plng Area} = {#,V_ZFUNDS,ZSPA2} .
  endfor.
  === the end ==============
  1) A User has an authorization object ZOFUND with values '01' and '02' .
  But when he performs this planning function there becomes an error that he hasn't an Authorization. System can not to read data from {#,V_ZFUNDS,ZSPA2} because User hasn't an Authorization ZOFUND = #. But ZOFUND authorization have not been selected for ZICPA2 infoProvider.
  Have you any comments?
  2) We have given an authorization value '#' for this User to solve the problem. And now User can see all values in the list of authorization relevant variable in the BPS. I think it's not correct. For example he can see only '#', '01', '02' values for autorization type variable in the BEx Analyzer .
  SAP NetWeaver BI 7.0, Support Package 15.
  With best wishes, Alexander.

  Hi,
  To answer ur first question, as u didnt select infocube2 for authorization and the planning function level contains 0FUNDS_CTR, system cant read any record from infocube2 example {#,V_ZFUNDS,ZSPA2}.
  Now after giving # access, he can see all values for the variable but the planning function wont work because authorization is not checked for cube2.
  i hope u should give authorization check for cube2 also. and see giving only # value to cube2.
  i didnt understand what exactly is the planning function doing.
  i guess it is dealing only those records which have 0funds_ctr as # from cube2.
  u can try this.
  Bindu

• Authorization issue in BPS

  Hi guys,
  I've the authorization issue in a BPS application, where a user can upload a flatfile into a BPS-cube, but only when I select in the authorization object S_RS_AUTH 0BI_ALL.
  Without selecting 0BI_ALL (another analysis authorization) yields to the message, that the user has not enough authorization...
  Now the user gets access to data in the BW reporting to all the organizational marks like the organization unit (0ORGUNIT).
  How is it possible to design the authorizations / analysis authorization, that the same user can upload data via flatfile, but gets only access to transaction data for organizational data which he should see???
  How should the analysis authorization should be designed? Has it something to do with the techn. char. like 0TCAACTVT?
  THX in advance!
  Clemens

  Hi,
  Have you tried creating Authorization Variable for organizational Unit ?
  This will give restricted access to data based on the authorization assigned .
  Thanks
  Pratyush

• Analysis Authorization with SEM-BPS

  Hi,
  We have performed technical upgrade from BW 3.5 to BI 7.0. We want to migrate to BI 7.0 functionality phase wise.
  We have SEM-BPS and now we want to migrate to Analysis Authorization of BI 7.0.
  Once we have igrated to Analysis Authorization, will there be any impact on SEM-BPS? Can we still use SEM-BPS with New Analysis Authorizations? We do not want to move to BI-IP in near future?.
  Please advise.
  Best Regards,
  UR

  Dear UR,
  Iu2019m going to try helping you,
  In difference of reporting functionality, in planning, the data of an InfoCube is not just read; it is also changed or created.
  There are two planning tools in BI: BW-BPS (Business Planning and Simulation), and BI Integrated Planning.
  There are two main tcode: BPS0 and RSPLAN
  There are three authorization objects to manage Integrated Planning:
  S_RS_PL_ADMIN - Planning Administrator
  S_RS_PL_PLANNER u2013 Planner
  S_RS_PL_PLANMOD_D u2013 Planning Modeler (Development System)
  The main object in the planning scenario is InfoCube real-time, where can available writing in small package that arrive in parallel. In some cases the security requirements for reporting and planning can be merging. In this case you need authorization object for checking planning, as authorization object above, and you need authorization object for using a query for planning requires as S_RS_COMP.
  In addition to authorization for displaying data, the authorizations for changing data you need analysis authorization (the analysis authorization focus in the InfoProvider, no in Aggregation Level).
  In your analysis authorization design for reporting stuff, you should use in 0TCAACTVT characteristic 03 value. In the planning stuff, you should use in 0TCAACTVT characteristic 03 and 02 values. As explain following:
  Using the characteristics 0TCAACTVT (activity), you can restrict the authorization to different activities. Read (03) is set as the default activity; you must also assign the activity Change (02) for integrated planning.
  http://help.sap.com/saphelp_nw70ehp1/helpdata/en/b1/0c9441b8972e7be10000000a1550b0/frameset.htm
  I hope this suggestion can help you answer question,
  Luis

• BW authorizations in BPS layout

  Dear all,
  My question may seem basic, but I don't have any experience with authorizations.
  I need to use already existing BW authorizations in my BPS layouts, so well, I created auth. variables on the needed characteristics and assigned it to my layout.
  ==> nothing changes when I'm launching the layout.
  I wonder if I need to ask the modification of the already existing BW roles in order to add field ACTVT? Will this have an impact on already existing BW reports for the users?
  Also, does something need to be done in RSSM (or other T-code) in order to activate the auth. for my planning cubes?
  Thank you in advance for your help!!

  Ravi,
  The objects you mentionned talk about area, planning, etc,... so they are usefull when a user wants to launch a layout in order to let him launch/plan it or not, etc... . That's the first step, and that doesn't interest me.
  Second step is that when launching, the user will get his layout. This layout will be generated regarding the design I made in BPS0 and then also the variables I've used.
  If I've restricted my planning level by using variables of type authorization on an char. that is in the lead column of my planning layout, it should restrict the diplayed/available rows regarding that authorization (ex : only company code 1000 for user A; company code 2000 for user B ; company code 1000 and 2000 for user C ==> coming from reporting authorizations in BW)
  So I really think we don't speak about the same thing... or it's me that doesn't understand! (that's also possible )

• Issue with authorizations for BPS

  Hi Experts,
  There was an issue with authorizations for BPS. We have a large number of agents that need to enter plan data via a layout. In order to control the necessary authorizations, we would like to filter via something similar to a user exit using a function module in order to avoid having to define authorization objects for each of the agents who have access to the systems. Right now, we are not sure if there is user exit concept available as it is for BW variables. Any body experienced similar issue may share their experience.
  Regards,
  Ankit

  Hi,
  In BPS, you can use user specific variables or you can set up a Variable of type exit. You can also have a variable of type authorization which uses the security / authorization of the BW system.
  Hope it helps...
  Cheers,
  Tanish

• BPS You have no authorization for the requested data

  We are implementing Hierarchy node based security for our BPS.
  When the user tries to display the planning layout, they get the error message "You have no authorization for the requested data "
  I have given authorization to the relavant Infocubes, also checked the all the Authorization Relavant Info Objects and added theses Info Object to the custom authorization created in RSECADMIN.
  Also added the info objects 0TCAACTVT, 0TCAIPROV, 0TCAVALID to the custom authorization.
  In pfcg, this authorization has been added to S_RS_AUTH. I have also given activity 02, 03, 16 values and a * to planning areas, functions, packages, groups, levels, folders, ... to the objects R_AREA
  R_BUNDLE
  R_METHOD
  R_PACKAGE
  R_PARAM
  R_PLEVEL
  R_PM_NAME
  R_PROFILE
  But still we get the same error.
  Has anyone encountered this problem? Can you please provide me some clues to resolve this issue

  Thank you very much Grevaz, but that template does not help.
  I did run both ST01 trace and BI RSECADMIN trace.  RSECADMIN Trace shows the below authorization failure
  Subselection (Technical SUBNR) 1  
  Supplementation of Selection for Aggregated Characteristics
    No Check for Aggregation Authorization Required  
  Following Set Is Checked  Comparison with Following Authorized Set  Result  Remaining Quantity 
  Characteristic  Contents 
  0FUNDS_CTR
  0TCAACTVT
  SQL Format:
  FUNDS_CTR BETWEEN '4012001000'
  AND '4012001999'
  AND TCAACTVT = '03'
  Characteristic  Contents 
  0FUNDS_CTR  Node 1 I EQ #
  I EQ :
  0TCAACTVT  I EQ 02
  I EQ 03
  Partially Authorized (Average)   Characteristic  Contents 
  0FUNDS_CTR
  0TCAACTVT
  SQL Format:
  FUNDS_CTR > '4012001000'
  AND FUNDS_CTR <= '4012001999'
  AND NOT FUNDS_CTR IN ('4012001001','4012001002','4012001003','4012001004','4012001005','4012001006','4012001007','4012001008','4012001009','4012001010')
  AND TCAACTVT = '03'
  Value selection partially authorized. Check of remainder at end
  Following Set Is Checked  Comparison with Following Authorized Set  Result  Remaining Quantity 
  Characteristic  Contents 
  0FUNDS_CTR
  0TCAACTVT
  SQL Format:
  FUNDS_CTR > '4012001000'
  AND FUNDS_CTR <= '4012001999'
  AND NOT FUNDS_CTR IN ('4012001001','4012001002','4012001003','4012001004','4012001005','4012001006','4012001007','4012001008','4012001009','4012001010')
  AND TCAACTVT = '03'
  Characteristic  Contents 
  0FUNDS_CTR  Node 1 I EQ #
  I EQ :
  0TCAACTVT  I EQ 02
  I EQ 03
  Not Authorized   
  All Authorizations Tested
    Message EYE007: You do not have sufficient authorization  
    No Sufficient Authorization for This Subselection (SUBNR)  
  Following CHANMIDs Are Affected:
  206 ( 0FUNDS_CTR )
    Authorization Check Complete  
  We have created custom authorization and trying to restrict based on hierarchy node.
  One point I observed is, when I give access to all nodes with a wildcard * in the custom authorization, then the error disappears and the layout is visble. But our point here is to try to restrict based on the nodes and we cannot give display access to all nodes.

• Authorizations in SEM-BPS (Web Layouts)

  Hi all,
  I have a question that hopefully somebody can help me in solving it.
  We have a bps application, with authorizations maintained in the sap normal way: pfcg, rssm, etc.
  The question is that we started to build some web (alv) layouts, and need to maintain the same authorization schema.However, the authorizations are not verified in the web layouts.
  Can somebody provide some hint in solving this problem ?
  Best Regards,
  Ricardo

  Hi Raman,
  Sorry but your tip doesn't work
  That's precisely our problem: the authorization scheme we implemented in the "SAP GUI side" doesn't work in the web side". Using web layouts, I still can acess some layouts I shouldn't be allowed to (user dependent)
  Thank you anyway
  Regards,
  Ricardo

• Authorizations for BW reportings and BW BPS

  Hello,
  The project we are working on contains two aspects : one in BPS and one in BW reporting
  First the user needs to input or change data in the BPS application and then he can check his figures in a BW Report. We want each user to have authorizations only for his company and his business unit.
  So we created authorization objects (RSSM) with a typical user profile (does not have SAP_ALL and all profiles required to customize anything).
  In this authorization object we put different characteristics such as : Company, Business Unit, Activity and Version.
  In the (PFCG), for company and business unit we put the values needed for the user. For Activity, we put "change" and "display". And for version we put "*".
  We can then change values in the BPS layouts but we do not have access to the concerned report in BW.
  Could somebody help us on this matter ??? Or does somebody have informations on how to implement this kind of authorizations ?
  Thank you very much for your help

  Hi Jacques,
  I hope the following links and documents ll be useful to u.
  <u>BUSINESS PLANNING AND SIMULATION –BPS:</u>
  go to https://websmp103.sap-ag.de/bi
  -> SAP BW 3.5 -> SAP BW Business Planning and Simulation
  Here you can find "HOW TO... Guides - BPS", "SEM-BPS ASAP" and other useful section with many documents...
  https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/docs/library/uuid/ae9fba90-0201-0010-d490-cbf9a364de95
  https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/com.sap.km.cm.docs/library/biw/d-f/enhancements bw-bps formerly sem-bps in sapnetweaver 04.ppt
  https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/com.sap.km.cm.docs/library/biw/d-f/frequently asked questions - planning with sap netweaver bi.faq#q-6
  https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/docs/library/uuid/5d90209f-0501-0010-59a2-9243ac94a4d7
  https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/com.sap.km.cm.docs/library/biw/s-u/sap bw business planning and simulation - how to guides list.htm
  http://help.sap.com/saphelp_sem40bw/helpdata/en/05/242537cedf2056e10000009b38f936/frameset.htm
  <u>Hierarchies in BPS appln :</u>
  https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/docs/library/uuid/ae9fba90-0201-0010-d490-cbf9a364de95
  https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/com.sap.km.cm.docs/library/biw/d-f/enhancements bw-bps formerly sem-bps in sapnetweaver 04.ppt
  <u>for BEx-reporting</u>
  http://searchsap.techtarget.com/searchSAP/downloads/chapter-august.pdf
  http://searchsap.techtarget.com/featuredTopic/0,290042,sid21_gci1121728,00.html?bucket=REF
  Hope it helps...let me know
  regards,
  R.Ravi

• BPS Authorization

  Hi all,
  Need your valuable input to resolve this.
  I intend to restrict BPS users to access BPS data pertaining to their cost centers only. I am creating BPS hierarchy node variable with user defined values. My expectation is that if a user with defined node in the variable execute the planning layout, all cost centers within the defined node will be made available for combination navigation.
  The problem is that when the user is assigned to an authorisation profile with access to the right planning area, level and folder, the user is getting the following errror message.
  Characteristic combinations: No values could be found for chara. Cost Center
  Message no. UPC527
  When I assign this user with SAP_ALL profile, this problem is gone.
  I have no authorization objects (via RSSM) created for both cases.
  Any input to solve the issue will be awarded points. Thanks
  Regards.

  Can't you get the necessary input when doing SU53?
  D

• Authorization to run a bps function from web

  Hi gurus,
  We have a layout that the users will access from web. For this we have created a Web Interface. This layout has also a planning function that calls an abap program.
  We have created a profile and the user is able to access and run that function from GUI, however from WEB that fuctions does not run the abap.
  The user already have the following authorization objects: S_ICF, S_DEVELOP, R_BUNDLE, R_PLEVEL, R_WEBITF, S_RS_ICUBE, S_RS_IOBJ, but it looks like something is still missing.
  I´d appreciate any help
  Thanks,
  Pablo

  You may want to run Su53 and see the error.
  You need to grant authorizations for the BPS objects that may be called when the web inyterface executes.
  PL take a look at the link:
  http://help.sap.com/saphelp_sem350bw/helpdata/en/05/242537cedf2056e10000009b38f936/frameset.htm
  Ravi Thothadri

• Bps variable by authorization

  Dear Friends,
  I can tell a bps variable value is authorization-derived.
  How can  I know straightaway what is the authorization / object tied to this so that I can check / set the  authorization?
  Please can you give me some hints.
  regards
  H.C

  <FONT FACE = "Tahoma", Font Color = "Blue">
  Hi<br>
  In BW 3.x, you can even go to t-code SU01, Enter User ID (whose authorizations have to checked) and press the Display button at top to see User Profile.<br>
  In the next screen, you can navigate to different tabs like roles, profiles etc to get more details. If you double click on any role, system will display the specifics of that role.
  <br><br>
  Hope it helps.<br>
  Cheers Abhijit</FONT><FONT FACE = "Verdana", Font Color = "Red">
  Please assign Reward Points if I deserve them in your opinion
  </FONT>