":" in analysis authorisation objects

Similar Messages

• Hierarchy Analysis Authorisation

  Hi All
  We are trying to limit the output of a HR Sickness report depending on the user's position in the Org Structure hierarchy. We can't use structural authorisation as its not maintained in ECC.
  We have the org struct in BI and we want to setup dynamic Analysis Authorisation (AA). So we want to create AA with hierarchy restriction on 0orgunit based on a variable. Then at runtime the variable is populated by ABAP with the user's org unit. The report then shows the data for the user's org unit (and all other org units below in the org structure).
  In RSECADMIN I can create a new authorisation object and add 0orgunit to it. On the Hierarchy Authorisations tab  I hit the create button and select orgeh hierarchy . Then I press the 'select variable' button and I get the error message 'No variable of type Customer/SAP exit for characteristic 0ORGUNIT exists'.
  What am I doing wrong? Where do I specify a variable for 0ORGUNIT so that it can be available in the selection screen?
  Thanx
  Asif

  https://wiki.sdn.sap.com/wiki/display/BI/AuthorizationinSAPNWBI
  http://www.sdn.sap.com/irj/scn/events?rid=/library/uuid/ded59342-0a01-0010-da92-f6b72d98f144&overridelayout=true
  Go through these links. Hope this would help you.

• BI analysis authorisations direct assign to user in RSECADMIN

  Hello,
  In RSECADMIN it is possible to directly assign the 'analysis authorisations' to user-id's
  It is also possible to assign the 'analysis authorisations'  to a role via the authorisation object S_RS_AUTH
  Can somebody tell me
  -    what are the pros and cons of directly assigning the analysis autorisations to the users in the RSECADMIN ?
  -    In which situation is direct assigning in RSECADMIN used ?
  -     IS dirtectly assigning to users in RSECADMIN in a production environment critical?
  -     what does SAP propose: directly assigning in analysis authorisations our via a role
  In our case we have the situation of
         BI system with a large number of analysis authorisations. The values of the analysis authorisations should be  
         maintainable in production environment.
         We have also to take in mind:
                            -  Roles are added to users via CUA ( RSECADMIN is not maintainable via CUA)
                            -  Business Objects is coming. So set up the authorisations that they can be used for Business Objects
                            -  Flexible ( new autorisation relevant info Objects)  should be easy adeptable.
         What we want to use is
                                   - assigning analysis authorisations via a single role ( in a composite ) to the user
                                   -  a variable in the analysis authorisations as field value  of a characteristic. In that case the values can be  
                                      assigned dynamically in production.
                                     the data access role has the link to the analysis autorisations in the RSECADMIN.
                                    this analysis authorisation contains variables instead of a fixed field value.
                                    The values of the variables are maintained in a table in a production environment
           Is using directly assigning analysis authorisations to users in the RSECADMIN in  the production environment an  alternative  ? 
      Thanks for your answers
      With Kind Regards,
      Vincent
  Edited by: Vincent Willems on Apr 7, 2011 10:37 AM

  Hello Vincent,
  My way of working is to follow the structure you have in the providing systems. If you have created a role for a production employee then try to translate the roles for the production analysis the same way in BI. You can use the s_rs_auth object. In HR you can use structural authorizations, you can use some programs to set the structural authorizations in BI and that will be done by creating an analysis object and add this to the user involved. Also updates from structural authorizations will be done automatically by these programs. I should not add your own objects to single users, that is a lot of maintenance you do not want. Use in BI the same concept as in the providing systems, it is more clear for anyone who has to work with it.
  Have fun
  Bye
  Jan van Roest
  PS. Did you solve your problem? If so please close your question
  Edited by: J. van Roest on Jul 7, 2011 12:51 PM

• Authorisation objects - FICO

  Hi experts,
  I need to find the list of Authorisation objects for FI & CO.
  If I go by table, How do i restrict for FI alone. kindly suggest the best way to find the authorisation objects. I have to create a authorisation matrix and where i can find a sample or template for the authorisation matrix. is it available in help.sap?
  Many thanks.
  regards
  Dinesh

  Hi,
  Please check below mentioned authorisation objects
  F_ACCL_ACT BCA Account Closure: Activity
  F_ACE_DST Accrual Engine: Accrual Objects
  F_ACE_PST Accrual Engine: Accrual Postings
  F_ACHY_ACT BCA Account Hierarchy: Activity
  F_ACHY_BKA BCA Account Hierarchy: Bank Area
  F_ACT_EBPP Authorization Object for the Activities (EBPP)
  F_AVIK_AVA Payment Advice: Authorization for Advice Types
  F_AVIK_BUK Payment Advice: Authorization for Company Codes
  F_BAF4_FXT FDB: Authorization for Exchange Rate Category
  F_BAF4_MDC FDB: Market Data Area
  F_BAF4_PRT FDB: Authorizations for Price Type (Securities)
  F_BAF4_SCE FDB: Authorization to Edit Real Data
  F_BAF4_SCN FDB: Scenario
  F_BAF4_SPT FDB: Authorizations for Spread Type
  F_BAF4_VOT FDB: Authorization for Volatility Type
  F_BAST_ACT BCA Bank Statement: Activity
  F_BAV_BUK Treasury BAV General Rights
  F_BKKA_ACT BCA Account: Activity
  F_BKKA_ATT BCA Account: Authorization Types
  F_BKKA_BKA BCA Account: Bank Areas
  F_BKKA_BPG BCA Account: Authorization Group According to BP
  F_BKKA_FDG BCA Account: Field Groups
  F_BKKA_GRP BCA Account: Authorization Groups
  F_BKKA_GSB BCA: Activities for Each Business Area
  F_BKKA_PRG BCA Account: Authorization Group According to Product
  F_BKKA_RCT BCA Account: Reactivate
  F_BKPF_BED Accounting Document: Account Authorization for Customers
  F_BKPF_BEK Accounting Document: Account Authorization for Vendors
  F_BKPF_BES Accounting Document: Account Authorization for G/L Accounts
  F_BKPF_BLA Accounting Document: Authorization for Document Types
  F_BKPF_BUK Accounting Document: Authorization for Company Codes
  F_BKPF_BUP Accounting Document: Authorization for Posting Periods
  F_BKPF_GSB Accounting Document: Authorization for Business Areas
  F_BKPF_KOA Accounting Document: Authorization for Account Types
  F_BKPF_VW Acc. Document: Change/Display Default Vals for Doc.Type/PKey
  F_BL_BANK Authorization for House Banks and Payment Methods
  F_BNKA_BUK Banks: Authorization for Company Codes
  F_BNKA_MAC Can be assigned; Still no usage, deletion not possible?
  F_BNKA_MAN Banks: General Maintenance Authorization
  F_BNKA_MAO Banks: General Maintenance Authorization by Country
  F_CASH_ACG BCA Means of Payment Management: Auth. Group Acc. to Account
  F_CASH_ACT BCA Means of Payment Management: Activity
  F_CASH_ATT BCA Means of Payment Management: Authorization Types
  F_CASH_BKA BCA Means of Payment Management: Bank Area
  F_CASH_BPG BCA Means of Payment Management: Auth. Group According to BP
  F_CASH_PRG BCA Means of Payment Management: Auth. Group Acc. to Product
  F_CASH_TYP BCA Means of Payment Management: Position Type
  F_CHAINREV Loans: Chain Reversal
  F_CHG_COND Loans: Change Conditions After Posting
  F_CLOS_ACT BCA Balancing: Activity
  F_COND_ACT BCA Conditions: Activity
  F_COND_ATT BCA Conditions: Authorization Types
  F_COND_BDC BCA Conditions: Retroactive Condition Change
  F_COND_COA BCA Conditions: Condition Area
  F_COND_ITP BCA Conditions: Individual Conditions Condition Category
  F_COND_TYP BCA Conditions: Condition Category
  F_DABS_BUK Loans: Write off Debit Position - CoCd/Partner Authorization
  F_DCFL_GLO Global Authorization Object for Decoupled System Landscapes
  F_DEURCONV Loans: Contract Currency Changeover to Euro
  F_DSIC_ACT Loans: Collateral - Maintenance Authorization
  F_DVER_BUK Loans: Waiver Debit Postion - Authorization for CoCd/Pr.Type
  F_DZNB_BEA Loans: Processing Key for Payment Postprocessing
  F_DZNB_SEL Loans: Selection Authorization for Payment Postprocessing
  F_EDX_AUTH EDX: Authorizations for Company Code, Activity, Messages
  F_EMAC_FDG BCA Employee Accounts: Field Groups on Account
  F_EMAC_MTH BCA Employee Accounts: Allowed Methods
  F_EMAC_TRN BCA: Employee Accounts: Transaction Types
  F_EPIC_BKC Authorizations for Bank Communications
  F_EPIC_BKQ Authorization to execute Bank Queries
  F_EPIC_BKU Authorizations for Secure Logon User Maintenance
  F_FAGL_CV Customizing: Versions
  F_FAGL_DRU General Ledger:Authorization for Rule Entries for Validation
  F_FAGL_LDR General Ledger: Authorization for Ledger
  F_FAGL_SEG General Ledger: Authorization for Segment
  F_FAGL_SKF FI: Processing of Statistical Key Figures
  F_FAST_CLS Fast Close Authorizations
  F_FBCJ Cash Journal: General Authorization
  F_FBK_SUST Vendor: Sustainability Authorization
  F_FCRD_CRD Payment Cards: Card Master Record
  F_FCRD_DAT Payment Cards: Data File
  F_FCRD_VOU Payment Cards: Card Document
  F_FDES_BUK Cash Management and Forecast: Company Code Memo Records
  F_FDES_GSB Cash Management and Forecast: Business Area Memo Records
  F_FDSB_BUK Cash Position: Company Code Summary Records
  F_FDSB_GSB Cash Position: Business Area Summary Records
  F_FDSR_BUK Liquidity Forecast: Company Code Summary Records
  F_FDSR_GSB Liquidity Forecast: Business Area Summary Records
  F_FEBB_BUK Company Code Bank Statement
  F_FEBC_BUK Company Code Check Deposit/Lockbox
  F_FICA_CCT Funds Management, Cross-Funds Center
  F_FICA_CIG Funds Management: Commitment Item Groups
  F_FICA_CTR Funds Management Funds Center
  F_FICA_CVE Funds Management: Cover Eligibility
  F_FICA_CVP Funds Management: Cover Pool
  F_FICA_EAL Funds Management: Collective Expenditure
  F_FICA_FAG Funds Management: Function Groups
  F_FICA_FCD Funds Management Fund
  F_FICA_FCG Funds Management: Funds Center Groups
  F_FICA_FMC FM - CO Account Assignment: Controlling Area
  F_FICA_FNG Funds Management: Fund Groups
  F_FICA_FOG Funds Management: Authorization Group of Fund
  F_FICA_FPG Funds Management: Authorization Group for Commitment Item
  F_FICA_FSG Funds Management: Authorization Group for Funds Center
  F_FICA_FTR Funds Management FM Account Assignment
  F_FICA_KDR Funds Management: Account Assignment Derivation
  F_FICA_KDS Maintain Strategy of FM Account Assignment Derivation
  F_FICA_POP Funds Management: authorization group posting period
  F_FICA_PPL Funds Management: Chart of Commitment Items
  F_FICA_SEG Funds Management: Authorization Group for All Funds Centers
  F_FICA_SIG Funds Management: Authorization Group Internal Funds Centers
  F_FICA_TRG Funds Management: Authorization Groups of FM Acct Assignment
  F_FICA_WCT Funds Management Within One Funds Center
  F_FICB_FKR Cash Budget Management/Funds Management FM Area
  F_FICB_FPS Cash Budget Management/Funds Management Commitment Item
  F_FICB_VER Cash Budget Management/Funds Management Version
  F_FICO_AIN FICO Individual Condition BAPIs
  F_FICO_AST FICO Standard Condition BAPIs
  F_FICO_ATT FICO Financial Conditions: Authorization Types
  F_FICO_FDG FICO Financial Conditions: Field Groups
  F_FICO_IND FICO Individual Conditions
  F_FICO_STD FICO Standard Conditions
  F_FIGM_BUD Grants Management: Authority for Budget
  F_FIGM_CLS Grants Management: Authority for Class
  F_FIGM_GNG GM: Grant Groups
  F_FIGM_GNT Grants Management: Authority for Grant
  F_FIGM_PRG Grants Management: Authority for Programs
  F_FIGM_SCG GM: Sponsored Class Groups
  F_FIGM_SPG GM: Sponsored Program Groups
  F_FKKCJ FI-CA Authorization Object for Cash Journal
  F_FM_DRRUL Funds Management: Rules of Account Assignment Derivation
  F_FM_DRSTR Funds Management: Account Assignment Derivation Strategy
  F_FM_OPEN FM: Authorization for Specially Opened Processes
  F_FMBU_ACC Budgeting: Account Assignment
  F_FMBU_DOC Budgeting: Document Type
  F_FMBU_KEY Budgeting: Keyfigure
  F_FMBU_KYF Budgeting: Keyfigure
  F_FMBU_LAY Budgeting:FMPEP Layout
  F_FMBU_STA Budgeting: Status
  F_FMBU_VER Budgeting: Version and Budget Category
  F_FMCA_IPM PSCD Installment Plan: Authorization for Mass Approval
  F_FMCA_SHE Clarification Worklist (FMSHERLOCK)
  F_FMCA_WOF IS-PS-CA: Write Off: Approval for Write-Off Reason
  F_FMCA_WOM PSCD Write-Off: Authorization for Mass Approval
  F_FMFG_DUN FM-FG: CCR Vendor Master
  F_FMMD_FAR Funds Management: Functional Area (Authorization Group)
  F_FMMD_FPG FM: Funded Porgram Sets
  F_FMMD_MES Funds Management: Funded Program (Authorization Group)
  F_FMME_ATT Funded Program authorizations
  F_FMRE_BLK Funds locking, company code
  F_FMRE_COM Funds commitment, company code
  F_FMRE_FOR Forecast of revenue, company code
  F_FMRE_PRE Funds precommitment, company code
  F_FMRE_RES Funds reservation, company code
  F_FMRE_TRA Funds transfer, company code
  F_FMSHER Clarification Worklist - FMSherlock
  F_FMSPLITG Authorization for Rule-Based Distrib'n to Multiple Acct Assn
  F_FMWF_RSN Reasons for Release and Rejection, FM Workflow
  F_FOPCMAIN MIC: Main Authorization
  F_FUNDSRES Earmarked Funds, Funds Transfer
  F_GLLO_ACG GL Loss on Receivables: Authorization Group Account
  F_GLLO_BKA BCA General Ledger - Loss on Receivables: Bank Area
  F_GLRE_BKA BCA General Ledger Reconciliation: Bank Area
  F_GLVA_ACG BCA GL Individual Value Adjustment: Authorization Group Acct
  F_GLVA_BKA BCA General Ledger - Individual Value Adjustment: Bank Area
  F_GLVA_BPG BCA GL Individual Value Adjustment: Authorization Group BP
  F_GLVA_PRG BCA GL Individ. Value Adjustment:Authorization Group Product
  F_GMBU_ACC GM Budgeting: Account Assignment
  F_GMGT_ATT Grants Management: Authorization Types
  F_GMGT_FDG Grants Management: Field Groups
  F_GMGT_GRP Grants Management: Authorization Groups
  F_GMGT_RLT Grants Management: BP Roles
  F_HMAC hmac_key
  F_HOLD_ACT BCA Holds: Activity
  F_INFO_BUK Central: Information System - CoCd, Trans. Type, Auth. Group
  F_INVPGRIR Authorization for Performing GR/IR Clearing
  F_INVRPGIR Authorization for GR/IR Journal (Inventory Info System)
  F_INVRPMAT Authorization for Material Journal (Inventory Info System)
  F_INVRPWIP Authorization for WIP Journal (Inventory Info System)
  F_ISSR_1 Transaction Authorization Check
  F_ISSR_AD
  F_ISSR_BV Position Management
  F_ISSR_BVC
  F_ISSR_CU
  F_ISSR_CUC
  F_ISSR_DU
  F_ISSR_GPC
  F_ISSR_ID
  F_ISSR_LTD
  F_ISSR_MIG
  F_IT_ALV Line Item Display: Change and Save Layout
  F_ITTC_BUK
  F_KBE__RES Funds reservation, company code
  F_KBE__TRA Payment Transfer Company Code
  F_KK_AVIS FI-CA Payment Advice Note in Contract A/R + A/P
  F_KK_CJROL Cash Journal: Maintenance of Responsibilities
  F_KK_EBPP FI-CA Special Functions for FSCM Biller Direct
  F_KK_FCODE FI-CA authorizations for GUI functions with master data
  F_KK_KUKON Authorization Check for Short Account Assignment
  F_KK_LOCK FI-CA Processing Locks
  F_KK_ODBUK FI-CA Request: Company Code Authorization
  F_KK_ODCLA FI-CA Request: Mass Approval of Requests
  F_KK_ODCLS FI-CA Request: Authorization for Request Class
  F_KK_ODTYP FI-CA Request: Authorization for Request Category
  F_KK_REPT FI-CA Receipt Management
  F_KK_SEC FI-CA Security Deposit
  F_KK_SOND FI-CA Special Functions
  F_KKCASH FI-CA Authorization Object for Payment at Cash Desk
  F_KKCC Obsolete !!! FI-CA Correspondence Generation
  F_KKCMK FI-CA - Manual Checks Lot
  F_KKCO Obsolete !!! FI-CA Correspondence in Contract A/R and A/P
  F_KKCODU Correspondence Dunning in Contract Accounting
  F_KKCR FI-CA Display Creditworthiness of a BP and Change Manually
  F_KKCR_BUK FI-CA Authorization for Check Management / DFKKCR
  F_KKDEVREV FI-CA Deferred Revenue Postings Transfer Posting Run
  F_KKDU FI-CA Dunning in Contract Accounts Receivable & Payable
  F_KKDU_BUK FI-CA Dunning in Contract Accts Rec. & Payable: CoCode Auth.
  F_KKDUTL FI-CA Dunning: Telephone List
  F_KKINDPAY FI-CA Payment Specification
  F_KKINK FI-CA Authorization Object for Collection Agency
  F_KKINSTPL FI-CA Auth. for Installment Plans in a Contract Account
  F_KKINTER Authorization for Interest Posting
  F_KKIP FI-CA Payment Specification
  F_KKKO_AEN FI-CA Document in Contract A/R + A/P: Changeable Fields
  F_KKKO_BEG FI-CA Doc.in Contract Accts Rec. & Pay.: Acct Authorization
  F_KKKO_BUK FI-CA Doc.in Contract Accts Rec.& Pay.: CoCode Authorization
  F_KKKO_GSB FI-CA Doc.in Contract Accts Rec. & Pay.: Business Area Auth.
  F_KKMA FI-CA Mass Activities in Contract Accts Receivable & Payable
  F_KKMDU Master Data Lot in Contract Accounts Receivable and Payable
  F_KKMIGRAT FI-CA IS Migration Workbench
  F_KKNR FI-CA NOC Returns Lot in Conract Accts Rec. and Payable
  F_KKPY FI-CA Automatic Payment Transactions in Contract A/R & A/P
  F_KKRD_MAS FI-CA Document Reversal - Mass Processing
  F_KKRK FI-CA Returns Lot in Contract A/R + A/P
  F_KKRV FI-CA Transfer Posting Run Receivable Evaluation
  F_KKSU FI-CA Reconciliation Key and Posting Totals
  F_KKVARI FI-CA Maintain Variants for Parallel Processing
  F_KKVK_BEG FI-CA Contract Account: Authorization Group
  F_KKVK_BUK FI-CA Contract Account: Company Code Authorization
  F_KKVK_FDG Contract Account: Authorization for Individual Field Groups
  F_KKVK_VKT FI-CA Contract Acct: Contract Acct Type Authorization
  F_KKWOFF FI-CA Write-Off Open Documents of a Business Partner
  F_KKWOFFM FI-CA Authorization for Mass Clearing of Open Documents
  F_KKZK FI-CA Payment Lot in Contract A/R & A/P
  F_KKZWF FI-CA Authorization for Receivables Evaluation
  F_KMT_MGMT Account Assignment Model: Auth. for Maintenance and Use
  F_KNA1_AEN Customer: Change Authorization for Certain Fields
  F_KNA1_APP Customer: Application Authorization
  F_KNA1_BED Customer: Account Authorization
  F_KNA1_BUK Customer: Authorization for Company Codes
  F_KNA1_GEN Customer: Central Data
  F_KNA1_GRP Customer: Account Group Authorization
  F_KNA1_KGD Customer: Change Authorization for Account Groups
  F_KNB1_ANA Customer: Authorization for Account Analysis
  F_KNKA_AEN Credit Management: Change Authorization for Certain Fields
  F_KNKA_KKB Credit Management: Authorization for Credit Control Area
  F_KNKA_MAN Credit Management: General Maintenance Authorization
  F_KNKK_BED Credit Management: Account Authorization
  F_L_ACCRUL Leasing Accounting Authorization Object
  F_LC_AUS Consolidation: Authorization for reports
  F_LC_COM Consolidation: Authorization for companies
  F_LC_ERH Consolidation: Authorization for data entry forms
  F_LC_LDNR Consolidation: Authorization for ledgers
  F_LC_SUBD Consolidation: Authorization for subgroup
  F_LC_URUN Consolidation: Authorization for update
  F_LC_VERS Consolidation: Authorization for versions
  F_LFA1_AEN Vendor: Change Authorization for Certain Fields
  F_LFA1_APP Vendor: Application Authorization
  F_LFA1_BEK Vendor: Account Authorization
  F_LFA1_BUK Vendor: Authorization for Company Codes
  F_LFA1_GEN Vendor: Central Data
  F_LFA1_GRP Vendor: Account Group Authorization
  F_MAHN_BUK Automatic Dunning: Authorization for Company Codes
  F_MAHN_KOA Automatic Dunning: Authorization for Account Types
  F_MANDATE Authorization to Process a SEPA Mandate in FI
  F_MET_BEG Loans: Authorization Group for Condition Table
  F_MIE_SKO Real Estate: Rental agreement - Authorization for conditions
  F_MNG_CON Real Estate: Management Contract - Authorization for CoCd
  F_NFBA Authority Check for Nota Fiscal Writer Brazil
  F_NTC_ACT BCA Notice: Activities for each Bank Area
  F_NTC_AMT F_NTC_AMT
  F_NTC_GRP Notice: Authorization for each Group
  F_NTC_PER F_NTC_PER
  F_PAIT_ACG BCA Payment Item: Authorization Group According to Account
  F_PAIT_ACT BCA Payment Item: Activity
  F_PAIT_ATT BCA Payment Item: Authorization Types
  F_PAIT_BDA BCA Payment item: Backdated payment items.
  F_PAIT_BKA BCA Payment Item: Bank Area
  F_PAIT_BPG BCA Payment Item: Authorization Group According to BP
  F_PAIT_GRP BCA Payment Item: Authorization Group
  F_PAIT_PRG BCA Payment Item: Authorization Group According to Product
  F_PAOR_ACG BCA Payment Order: Authorization Group According to Account
  F_PAOR_ACT BCA Payment Order: Activity
  F_PAOR_ATT BCA Payment Order: Authorization Types
  F_PAOR_BKA BCA Payment Order: Bank Area
  F_PAOR_BPG BCA Payment Order: Authorization Group According to BP
  F_PAOR_GRP BCA Payment Order: Authorization Group
  F_PAOR_PRG BCA Payment Order: Authorization Group According to Product
  F_PAYM_ACT Additional activity checks for payment items/orders
  F_PAYOH_AV Release and Rejection Reasons
  F_PAYR_BUK Check Management: Action Authorization for Company Codes
  F_PAYRQ Authorization Object for Payment Requests
  F_PERI_ACT BCA Periodic Tasks: Activity (Simulation Update Run)
  F_PMT_TRNS Real Estate: Payment Transaction - Author. CoCd/Activity
  F_POD_BEG Loans: Authorization Group for Files
  F_POH_BEG Loans: Authorization Group for Main Files
  F_PRL_BUK Payment Release: Authority object by Com.Code and Action
  F_PROD_GRP BCA/FIPR Product: Authorization Group
  F_PSDO_BEG PSCD Document: Authorization Group for Contract Object
  F_PSDO_VGT PSCD Beleg: Contract Object Type Authorization
  F_PSFA_CAT PSCD Facts. Fact Type Parts
  F_PSFA_SET PSCD Facts: Authorization for a Fact Set.
  F_PSFA_TYP PSCD Facts. Fact Set Parts
  F_PSM_DRUL Rules for Account Assignment Derivation
  F_PSM_DSTR Strategy for Account Assignment Derivation
  F_PSMEC_CR Expenditure Certification: Certification Run
  F_PSMEC_FS Expenditure Certification: Financing Source
  F_PSMEC_OP Expenditure Certification: Certifying Operation
  F_PSOB_ATT PSCD Contract Object: Authorization Types
  F_PSOB_BEG PSCD Contract Object: Authorization Group
  F_PSOB_FDG PSCD Contract Object: Field Groups
  F_PSOB_VGT PSCD Contract Object: Object Type Authorization
  F_RE_BRGRP Real Estate: Authorization Group
  F_RE_REPOR Real Estate: Reporting - Author.for CoCd/Auth.Grp/Data Type
  F_RE_TRANS Real Estate: General Transaction Authorization
  F_REAJ_AT Real Estate: Adjustment Measure
  F_REAJ_CG Real Estate: Comparative Group
  F_REAJ_PR Real Estate: Adjustment of Conditions
  F_REBD_AO Real Estate: Architectural Object
  F_REC_TAX Authorization Check for Tax Auditor
  F_RECD_CN Real Estate: Conditions - Contract
  F_RECD_RO Real Estate: Conditions - Rental Object
  F_RECN Real Estate: Real Estate General Contract
  F_RECN_ATT Real Estate: Authorization Types for General Contract
  F_RECN_FDG Real Estate: Field Groups for General Contract
  F_RECN_SKO Real Estate: Conditions for Real Estate General Contracts
  F_REGU_BUK Automatic Payment: Activity Authorization for Company Codes
  F_REGU_KOA Automatic Payment: Activity Authorization for Account Types
  F_REIT_DS Real Estate: Input Tax Distribution
  F_REIT_OR Real Estate: Option Rate Determination
  F_REIT_TC Real Estate: Correction Object
  F_RELM_JL Real Estate: Joint Liability
  F_RELM_LR Real Estate: Land Register
  F_RELM_NA Real Estate: Notice of Assessment
  F_RELM_PE1 Real Estate: Public Register: Contamination/Non-Hazard.Waste
  F_RELM_PE2 Real Estate: Public Register: Site Protection
  F_RELM_PE3 Real Estate: Public Register: Development Plan
  F_RELM_PE4 Real Estate: Public Register: Easement Register
  F_RELM_PL Real Estate: Parcel of Land
  F_RELM_RC Real Estate: Parcel Update
  F_REMM_MN Real Estate: Mandate
  F_REOR_OF Real Estate: Contract Offer
  F_REOR_OO Real Estate: Offered Object
  F_REOR_RR Real Estate: RE Search Request
  F_REORG_PL General Ledger: Authorization for Reorganization
  F_RERA_OP Real Estate: One-Time Postings
  F_RESC_PG Real Estate: Participation Group
  F_REXC_MS Real Estate: Main Rent Statement
  F_RNT_ADJ Real Estate: Rent Adjustment - Authorization for CoCd/Method
  F_RNT_OFF Real Estate: Offer - Authorization for CoCd/Bus.Entity
  F_RPCODE Repetitive Code
  F_RPROC Intercompany Reconciliation: Authorizations
  F_RPUS_ATT Retirement plan: Authorization types
  F_RPUS_FDG Retirement plan: Field groups
  F_RQRSVIEW Bank Ledger: Viewer for Request Response Messages
  F_RTP_ACT Retirement plan: Activity
  F_RTP_AGP Retirement plan: Authorization group
  F_RTP_BKA Retirement plan: Bank area
  F_RTP_BPA Retirement plan: Authorization accountholder
  F_RTP_BPG Retirement plan: Authorization accountholder (obsolete)
  F_RTP_GRP Retirement plan: Authorization group (obsolete)
  F_SEPA_MDT Authorization for Processing a Global SEPA Lock
  F_SKA1_AEN G/L Account: Change Authorization for Certain Fields
  F_SKA1_BES G/L Account: Account Authorization
  F_SKA1_BUK G/L Account: Authorization for Company Codes
  F_SKA1_KTP G/L Account: Authorization for Charts of Accounts
  F_STAT_MON Bank Relationship: Status Monitor authorizations
  F_STAT_USR Bank Communication: Assignment of Signature User ID
  F_STO_TRAN Loans: Authorization for Reversal Transaction
  F_STOR_ACG BCA Standing Order: Authorization Group According to Account
  F_STOR_ACT BCA Standing Order: Activity
  F_STOR_ATT BCA Standing Order: Authorization Types
  F_STOR_BKA BCA Standing Order: Bank Area
  F_STOR_BPG BCA Standing Order: Authorization Group According to BP
  F_STOR_FDG BCA Standing Order: Field Groups
  F_STOR_GRP BCA Standing Order: Authorization Group
  F_STOR_PRG BCA Standing Order: Authorization Group According to Product
  F_T_FBNAME Treasury: Authorization for Asynchronous Datafeed
  F_T_PART_B Treasury: Business Partners: Authorization Group per Role
  F_T_PART_R Treasury: Business Partners: Role Authorization
  F_T_TRANSB Treasury: Transaction Authorization
  F_T_VTBLL Limit Transfers
  F_T_VTBLR Limit Reservations
  F_T_VTBLV Limit
  F_T_VTBMA Master Agreement
  F_T011 Financial Statements: General Maintenance Authorization
  F_T011_BUK Planning: Authorization for Company Codes
  F_T011E Authorization for Financial Calendar
  F_T011XBRL F/S from XBRL Taxonomy: General Maintenance Authorization
  F_T042_BUK Payment Program Customizing: Authorization for Company Codes
  F_T060_ACT Info System: Account Type/Activity for Evaluation View
  F_TD_CORR controls the  correction of  an already fixed time deposit.
  F_TR_MRM_S Scenario Maintenance
  F_TRAVL Travel Planning
  F_TRAVL_RW Travel Expenses: Posting Run Management
  F_TRAVL_S Travel Planning Status Travel Agency
  F_TRAVL_TG Separation Allowance
  F_TRAVL_TP Maintain Separation Allowance Periods
  F_TXW_RA DART: Retrieve data from archive
  F_TXW_TF DART: Data extracts
  F_TXW_TFCF DART: Data extract configuration
  F_TXW_TV DART: Data view queries
  F_TXW_TVC2 DART: Data view configuration, with AuthGrp
  F_TXW_TVCF DART: Data view configuration
  F_UDM_ESCA Dispute Case: Check of Escalation Reasons
  F_UDM_GRUP Authorization for Collection Group
  F_UDM_PRUN Program with Parallel Processing
  F_UDM_SGMT Authorization for Collection Segment
  F_UDM_STGY Authorization for Strategies
  F_UDM_WLIT Worklist Items
  F_UHC_ACT Collection Case: Actions
  F_UKM_SGMT SAP Credit Management Authorization for Credit Segment
  F_UMV_BUK Real Estate: Sales-based agreement adj. - CoCd authorization
  F_VGINT Change to Posting Rule in FEBAN
  F_WEB_ADRS Display/Change of Address Data via Web Interface
  F_WEB_BANK Display/Change of Bank Data
  F_WEB_BCNF Display/Change of a Balance Confirmation
  F_WEB_BLNC
  F_WEB_EBPP Participation in EBPP Process via Web Interface
  F_WEB_ITEM
  F_WEB_MTCH
  F_WIBE Real Estate: Cost Efficiency Analysis
  F_WORKQ001 Authorization Object for Work Queue
  F_WTMG Withholding Tax Changeover
  F_XCIT_ICI Real Estate: Italian localisation - ICI
  F_XCIT_IRE Real Estate: Italian localisation - IRE
  F_ZTXT_ACT Word Processing: Maintenance Authorization
  FAGL_INST Customer Enhancements for General Ledger
  FB_SRV_DMS Financials Basis: Data Model Synchronization
  FB_SRV_GC Financials Basis: Garbage Collector
  FB_SRV_TR Financials Basis: Transport
  FD_AKT_ACT Loans: Filed Documents - Maintenance Authorization
  FD_AUS_BUK Loans: Disbursement - Company Code Authorization
  FD_AUS_GSA Loans: Disbursement - Authorization for Product Types
  FD_BAV_BUK Loans: Transfer BAV Data - Company Code Authorization
  FD_BEL_ACT Loans: Collateral Value - Maintenance Authorization
  FD_BO_BUK Activity Authorization Based on Business Operation Category
  FD_BUK_LAY Loans: Changing and Saving ALV Layouts
  FD_CHARAC Loans: Authorization for Processing Characteristics
  FD_CLI_GRP CL CLI: Authorization Group for Changes to a CLI Policy
  FD_COT_GRP Loans: Authorization Group for Condition Table
  FD_COT_PRD Loans: Assignment of Product to Condition Table
  FD_DAR_ACT Loans: Transaction Check for Product Category
  FD_DAR_BEG Loans: Authorization Group for Loan Contracts
  FD_DAR_BUK Loans: Company Code Authorization
  FD_DAR_DIS Distribution Channel
  FD_DAR_GSA Loans: Authorization for Product Types
  FD_DAR_RBD Loans: Authorization Check for Reserve for Bad Debts
  FD_DAR_SBW Loans: Flow Type
  FD_DAR_STA Loans: Status Authorization
  FD_IA_ZANF Loans: Investor Account - Payment upon Request
  FD_MAN_BUK Loans: Manual Debit Position - Company Code Authorization
  FD_MAS_BUK Loans: Automatic Debit Position - Company Code Authorization
  FD_MET_BUK Loans: Rollover Methods - Company Code Authorization
  FD_OBJ_ACT Loans: Collateral Objects - Maintenance Authorization
  FD_POD_BUK Loans: Rollover File - Company Code Authorization
  FD_POG_BUK Loans: General Rollover File - Company Code Authorization
  FD_POH_BUK Loans: Main Rollover File - Company Code Authorization
  FD_POK_BUK Loans: Configure/Fill Rollover File - Company Code
  FD_PROD_BG Loans: Authorization Group for Products
  FD_SET_STA Loans: Automatic Status Transfer
  FD_STOP_CD Loans: Authorization Check for Stop Code
  FD_UMB_BUK Loans: Transfers - Authorization for CoCd / Product Type
  FDT_ADMN BRFplus: Administration/Monitoring
  FDT_OBJECT BRFplus: Authorization Check on Object Level
  FDT_PROC BRFplus: Processing (Web Service/RFC)
  FDT_TRACE BRFplus: Authorization Check on Trace
  FDT_WORKB BRFplus: Authorization Check for BRFplus Workbench
  FI_ABR_BUK Real Estate: Settlement unit - Company code authorization
  FI_BAV_BUK Real Estate: Transfer BAV data - Company code authorization
  FI_BEW_ACT Real Estate: Application - Maintenance authorization
  FI_BKA_BUK Real Estate: Operat.costs stt. - Company code authorization
  FI_FAG_BUK Real Estate: Free rent adj. commerc.agrmnt - CoCd authoriz.
  FI_FAW_BUK Real Estate: Free rent adj. resid. agrmnt - CoCd authoriz.
  FI_GAR_BUK Real Estate: Rent adj. of garage rent - CoCd authorization
  FI_GBU_ACT Real Estate: Land register - Maintenance authorization
  FI_GEB_BUK Real Estate: Building - Auth. for CoCd/business entity
  FI_GRU_BUK Real Estate: property - Author.for CoCd/business entity
  FI_HEI_BUK Real Estate: Heating system - Company code authorization
  FI_HKA_BUK Real Estate: Heating expenses stt. - CoCd authorization
  FI_IND_BUK Real Estate: Index-linked rent - Company code authorization
  FI_KUE_BUK Real Estate: Notice on lease-out - Author.for CoCd/BE
  FI_ME1_BUK Real Estate: Rental unit - Authoriz.for CoCd/business entity
  FI_MIE_BUK Real Estate: Rental agreement - Authoriz. for CoCd/BE
  FI_MIS_ACT Real Estate: Repr.lists of rents - Maintenance authorization
  FI_MIS_BUK Real Estate: Repr.list of rents adj. - CoCd authorization
  FI_MOD_BUK Real Estate: Modernization adjustment - CoCd authorization
  FI_RAU_BUK Real Estate: Rooms - Authorization for CoCd/business entity
  FI_VBE_BUK Real Estate: Comparative group - Company code authorization
  FI_VWO_BUK Real Estate: Comparative apartment - Company code authoriz.
  FI_WEI_BUK Real Estate: Business entity - Authoriz. for CoCd/BE
  FI_WT_VEN Authorization object for vendr data enhancement
  FI_ZAH_BUK Real Estate: Debit pos.payment transactions - CoCd authoriz.
  FI_ZLG_BUK Real Estate: Surcharge adjustment - Company code authoriz.
  FI_ZUO_ACT Real Estate: Assign RU/applic. - Maintenance authorization
  FINB_ACINS Obsolete!!! Authorization with Reference to Accounting Inst.
  FOT_B2A_V Admin. Report Electronic Data Transmission to Authorities
  FPIA_GROUP Evaluate user groups (Gestinaire, Comptable, Super User etc)
  FPP_ALL Authorization Object for All FPP Activities
  FPP_CUST Authorization Object for Maintaining ParaProcessing Objects
  FPP_USE Authorization for Using FPP Service Modules
  FSCM_BCCE
  FW_AKS_BUK Securities: Stock Split - Company Code Authorization
  FW_BAV_BUK Securities: Transfer BAV Data - Company Code Authorization
  FW_BES_BUK Securities: Position Indicator - Auth. for CoCd/Prod. Type
  FW_BEZ_BUK Securities: Subscription Right - Company Code Authorization
  FW_DEP_BUK Securities: Securities Account - Authorization for CoCd/TTy
  FW_GAT_ACT Securities: Class - Transaction Check Prod. Cat./Activity
  FW_GAT_GSA Securities: Class - Authorization for Transaction Types
  FW_JUA_BUK Securities: New Stock - Company Code Authorization
  FW_KAB_BUK Securities: Capital Reduction - Company Code Authorization
  FW_KER_BUK Securities: Capital Increase - Company Code Authorization
  FW_MAS_BUK Securities: Automatic Debit Position - CoCd/Product Type
  FW_ORD_BUK Securities: Order - Company Code Authorization
  FW_ORD_GSA Securities: Order - Authorization for Transaction Types
  FW_ORD_STA Securities: Order - Status Authorization
  FW_OSA_BUK Securities: Exercise WA - Authorization for CoCd/Prod. Type
  FW_OST_BUK Securities: Detach WA - Company Code Authorization
  FW_SON_BUK Securities: Other Postings - Company Code Authorization
  FW_UMB_BUK Securities: Balance Sheet Transfer - Co. Code Authorization
  FW_UMD_BUK Securities: Securities Account Transfer - CoCd Authorization
  FW_WAN_BUK Securities: Exercise Convertible Bond - Company Code Auth.
  FZ_BAV_BUK
  FZ_FRG_KOM Release: Authorization Check - Release Object/Authoriz. Amnt
  FZ_FRG_OST Release: Authorization for Release Object/Release Status
  FZ_IND_ACT Index data: Maintenance authorization
  FZ_PRT_ACT Partner Management: Partner - General Maintenance Authoriz.
  FZ_PRT_AUS Partner Management: Partner Role - Selection Authorization
  FZ_PRT_BEG Treasury: Business Partners: Authorization Group for Partner
  Thanking you
  Regards
  Mahesh

• Migration of Authorisation Objects

  Dear Team,
  I have to migrate the existing BW3.1 authorisation objects to new BI7 analysis authrisation objects. How to get the documentation of the existing authorization setup (for example, to define user groups for the migration)
  Best Regards,
  SG

  https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/ded59342-0a01-0010-da92-f6b72d98f144
  https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/659fa0a2-0a01-0010-b39c-8f92b19fbfea
  Hope it Helps
  Chetan
  @CP..

• BI Role with Analysis Auth Object

  Hi
  How can i use Authorisation Object created in RECADMIN with all the list of Infoproviders in S_RS_COMP and S_RS_COMP1
  So that user can perform mentioned action on the data providers mentioned in analysis authorization object.
  As i need one place to list all the data targets user can access insted of maintaining in S_RS_COMP and S_RS_COMP1 and in Analysis Authorization object
  Thanks in advance

  Thanks Everybody for giving suggestions; I really appreciate alll your efforts.
  I followed step by step book of kamaljeet and findout that , I was missing to add related info objects of the inforprovider .added those info objects to auth analysis object.
  Now query is working fine without errors;
  problem is i am not able to restict the query since it showing all the data ; i am trying to put only few values in "0wbs_elemt "  .
  I added 0wbs_elemt in my analysis auth object;
  Clicked on 0wbs_elemt and kept values in value authorizations and also kept wbsh in hierarchy name , selected type 1, HI 0.
  still i am unable to restrict the data;
  Functinal consultants build WBSE  set up on a hierarchy. like
  18ICT-07/2011
        18ICT-07/2011-1
              18ICT-07/2011-1-AUDTM
                    18ICT-07/2011-1-AUDTM-01
              18ICT-07/2011-1-CETX_
                    18ICT-07/2011-1-CETX_-01
  they want to restrict like if we are giving 181ct-07 then they want to access every thing under it;
  same way like 181ct-08  etc etc..
  looks like they want to restrict the date very granuler level like  restriction on " Attribute Navigation   "
  Can anybody please do let me know how can we achieve  Navigation Restriction.
  Thanks.

• Doubt in Analysis authorisations

  i have implemented analysis authorisations in BW 7.0 System
  After that when i login to the query using a user id where analsysis authorisation is implemented,
  I could not see the Report directly. I have to apply filter and then only i was able to view the report.
  My question is, when u implement analysis authorisations , you will be able to view the report direcly or you will be able to view the report only after applying filters

  > You need a authorization-variable in your filter for
  > the infoobject IO_DEPT.
  Be aware that there is no need to use authorization variables in SAP BI 7.0!!!
  This is one of the great GREAT advantadges of using analysis of authorizations.
  What you need is to define the adequate authorizations to access query/workbook and funcionality. Analysis authorizations does not relate with funcionality access, only with providers and data access.
  Q: "When ever u implement Analyis Auth, you will be able to see filtered data directly or you have to do that Filter changes and only view the data. "
  A: You only view the data, no need to filter. Once again, use the log from the analysis authorization to see the information the system provides.
  I defined the following technical objects in a
  separate "technical authorization":
  0TCAACTVT Activity in Analysis Authorizations
  0TCAIPROV Authorizations for InfoProvider
  0TCAKYFNM Key Figure in Analysis Authorizations
  0TCAVALID Validity of an Authorization
  Message was edited by:
          Miguel Costa

• Two analysis authorisation

  Dear Gurus,
  I have the turned two navigation attributes as auth. relevant,
  global cost center: this is based on hierarchy authorisation
  local cost center: this is based on value authorisation.
  There is one-to-one mapping between glocal cost center and local center. Users would request authorisation on either of them but they can ask for authorisation for more than one role with different combination.
  I have created three analysis authorisation for the below scenarios:
  1: Role_1 has Auth_1 with the below values
  global cost center: X (node)
  local cost center: * (as users have no knowledge about the mapping)
  This works fine.
  2: Role_2 has Auth_2 with the below values
  global cost center: * (as users don't know the mapping)
  local cost center: A
  This works fine as well.
  3: Role_3 has auth_1 and auth_2.
  This doesn't work. It throws authrisation error.
  Can you please suggest how can scenario 3 work.
  Thanks in advance
  Regards

  Hi Max,
  Unlike ECC Auth Objects, Analysis Auths always work on the concept of Intersection. Which means when you run query for a particular input selection and you have multiple analysis auth assigned, then queries will only be executed if input selection falls within the intersected region for the characteristics in two analysis auths.
  Therefore effectively when you assign auth_1 and auth_2 to an user, user gets the following access:
  global cost center: Node
  local cost center: A
  Can you confirm if the user is selecting the above values while executing queries and still getting authorization error?
  I didn't understand the requirement of Role_3 = Auth_1+Auth_2 though, but if you can explain the requirement, I can try to suggest some solution.
  Thanks,
  Deb

• Deleting Automatic Generated Analysis Authorisation

  Dear All,
  We are generating Value and Hierarchy analysis authorisation automatically with the help of DSOs 0TCA_DS01 and 0TCA_DS02.( through RSECADMIN )
  Upon generation everytime, it first deletes all the previously generated analysis authorisation ( for the users that are available in these DSOs ) and creates new ones with the name starting as RSR_*.
  If the username for a particular user is not present in these DSOs, system will not delete / create anything for those users.System deletes / creates analysis authorisations only for those users that are available in these DSOs.
  Suppose a user a going out from the organisation, in that case we need to manually find out all the analysis authorisations ( RSR_* ) that were previously generated for that user and delete the analysis authorisations manually.
  This is time consuming process.
  Could you please advise any automatic / simpler way for deleting previously generated analysis authorisations for such users.
  Assume that these users are not available in the new data loaded in these DSOs.
  Thanking You,
  Tarun Brijwani.

  Hi Tarun,
  If a data record with the user name 'D_E_L_E_T_E' is loaded into the DataStore object 0TCA_DS01, first the generated authorizations for all users in the BI system for the DataStore object record are completely deleted (separated by the first part of the name before the digits) and then generated for the rest of the data.
  Please refer the following link for more information.
  http://help.sap.com/saphelp_nw70ehp1/helpdata/en/55/46eb411a7f6324e10000000a1550b0/frameset.htm
  Thanks,
  Krishnan

• Regarding the analysis authorisations.

  Hi experts,
                       I was new to concept analysis authorisations .Actually i am creating the authorisations for the company code we are having 10 company code among that one for 1100 i am creating the authorisations for to restrict the data of the 1100 to an particular user .Using the analysis authorisations i created and passed the parameters 0tctactv ,....ect like this on which infoprovider,and on which company code i am making the restrictions to the particular user .when i am executing the particular user all the reports what ever it is having on the cube is comming but here i need to get the report based up on only the company code 1100 .but i dont need the data from the 1000,2000,like that for that user.can you tell me experts where exactly i am doing the mistake .if it is possible can you give me the screen shots for the analysis authorisations .
                                                     bye.

  Hi,
  Use following link to create role and auth object
  http://help.sap.com/saphelp_scm50/helpdata/EN/0c/515bb287fe41829556fb4227820e52/content.htm
  Regards
  Pramod

• BI7. Analysis Authorisations: 0TCA_DS01 to 0TCA_DS05

  Good day
  For those who have already implemented Analysis authorisations, PLEASE help?
  I am investigating analysis authorizations and also need to implement at our site.
  What I need to know is what objects are delivered with the template DSO's 0TCA_DS01 to 0TCA_DS05? Should they have any transformations, DTP's and datasources?
  I am a bit lost on how this should work. I have gone through numerous links and instructions, with no success at all. Seems as if this whole concept of analysis authorisation is escaping me.
  Please assist with any detailed information regarding the HOW TO, or STEP-BY-STEP instructions.
  Thanks in advance.
  Cj

  Hi Cornelius,
  you're right, there is no data flow available for those DSO objects. What dataflow would you expect? You want to upload the auth data via flat file? Or you want to load from another source system by an dedicated logic or perhaps with an workflow as a trigger? You see, it's not that simple to deliver "the one and only" dataflow. The mentioned objects are templates as the program to generate the analysis auth expects a special order of the fields which are given when you use the ODS objects..
  Read more here, http://help.sap.com/saphelp_nw70/helpdata/en/59/fd8b41b5b3b45fe10000000a1550b0/frameset.htm
  You have to create the dataflow by your own, regardless if you want to use 3.x dataflow or 7.0. The only thing you have to ensure is the correct order of the field in the DSO whit the values you want to use later in the generation.
  Hope that helps a bit.
  Best regards,
  Maik.

• SRM 7.0: Authorisation object? Aliases for services in java portal?

  Here's how we did in old SRM 5.0 system (the old and working scenaio):
  In SRM 5.0 we employed S_ICF object to determine, whether a particular user who has just logged in to a system via web using a particular alias - is authorised to use this service.
  We want external and internal users to use different ways to get into system. We have two aliases:
  for internal users: http://srm5.domain.com/srmint
  for external users: http://srm5.domain.com/srmext
  We make aliases using transaction SICF:
  /srmext
  /srmint
  to service /default_host/sap/bc/gui/sap/its/bbpstart
  For alias /srmext we set field  SAP Authoriz. = EXT.
  For alias /srmint we set field  SAP Authoriz. = INT.
  We make 2 roles, both containing just a S_ICF auth object with differend values of field ICF_VALUE, an appropriate role to a user. If a particular user logs in to the system using an alias matching to the authorization value set in his role, he gets in, otherwise he gets an error upon logon. So that his logon is only successful if he used the right alias in URL (provided correct login name and password of course).
  Question. How do we apply similar scenario in new SRM7?
  Is there an authorisation object for java portal in SRM 7.0 - similar to S_ICF object for ABAP portal in SRM 5.0?
  Is it possible and how to make an aliases to java portal, or otherwise automatically detrermine at runtime upon logon, which way (which URL or using some parameter in address line) the user has logged in?

  This question has been answered by the following blog:
  /people/ulli.hoffmann2/blog/2009/10/07/srm-70-running-it-without-the-portal

• Analysis Authorization Object not working

  Hi Gurus,
  I m working on BI 7.0, I have created an analysis authorization object zz_div for 0DIVISION characteristic.
  For a given report i want a given user to view only data for '32' and '33' 0DIVISION.
  I have followed the below steps but still the report shows all data instead of restricted one.
  1)RSECADMIN -> Maintenance ->zz_div ->Create
  2) Add 0DIVISION in Auth structure , and in details 
  I     EQ     32
  I     EQ     33
  3) Add 0TCAIPROV with I     EQ     0SD_C03
  4) Add 0TCAACTVT, 0TCAKYFNM, 0TCAVALID,  this having details as
  I     CP     *
  5) Then in User tab -> Assignment -> User -> Change-> Inserted ZZ_DIV-> Save
  6) In Query created a Authorization variable(with no input prompt) and restricted 0DIVISION.
  Following are the authorization object in that user's Role (Reporting Only)
  S_RFC 
  S_TCODE
  S_GUI
  S_BDS_D  
  S_BDS_DS 
  S_OC_SEND
  S_RS_AUTH - only having zz_div
  S_RS_COMP
  S_RS_COMP1
  S_RS_ICUBE
  S_RS_RSTT
  S_RS_TOOLS
  S_RS_PARAM
  I have surfed lots of thread for this issue but not getting a solution
  Tell me what i m missing in above or any additional setting need before creating analysis authorization
  Edited by: Sonal Patel on Apr 18, 2009 8:10 AM

  Hi
  Thanks a Ton for ur reply
  I have checked in SPRO : Analysis Authorization
  where the authorization mode is " OLD obsolete Concept With RSR  Authorization Objects "
  We have to do the same in Production system .Can u please how its going to effect to others authorizations if change it to New Concept
  Thanks
  Sonal....

• Populating a authorisation object at runtime...

  Hi,
  how to populate a authorisation object at runtime? is it possible to have a variable etc that can be populated a runtime?
  I have a object zsales_off which has different values for different users. i need to create separate roles just to have different values for sales office for different users. i would like to avoid this by having a single role with the zsales_off getting populated at runtime.
  Details steps with code will be appreciated.
  thank you.

  Hello AHP,
  i am not still very clear about the detailed steps to be carried out as i am a novice in abap.
  i have created the authorisation variable and am using it in the query. if i manually assign values for sales office in the role, it is working fine.
  i want to assign values at run time. i am confused with the process as such.
  few doubts like:
  1> the variable should be of "authorisation" processing type or "customer exit" processing type.
  2>what to use I_step=0 or I_step =1? how to use? where to use?
  3>to write a abap code or use a func module, which one? how to use.
  any example(like in my case different sales office values for diffrent users) with DETAILED STEPS & CODE would be appreciated.
  also i need to have multiple single values for each user(but not interval).
  Please help.

• Authorisation object for "PO text in the material master"

  Hi,
  My requirement is as below:
  "All users can see the Purchase Order Text as usual, but only a few users should be allowed to create / change the PO Long Text.
  For other users, the same should appear in display mode only (both in creation & in change mode, MM01 & MM02)."
  Please let me know, How to map this.
  As per my knowledge thsi is possible only thru authorisation. But I want to know what is the authorisation object for "PO text in the material master" (Pl note that only for PO text in the material master field). we want control on "PO text of material master"
  Regards.
  Chinna

  Hi,
  The authorisation object is "M_MATE_MAT", pl check
  Regards
  Merwyn