Restrict user group authorization on reporting

Similar Messages

• How to create Infoset&user group query--(query report)

  Hi Guys,
    how to create Infoset&user group query--(query report),
    Pls send me the exact procedure with Example....
                                                                            Regards:
                                                                            Kumar .G

  goto SQ03 and create an User Group If U want to create Ur Own.
  Goto SQ02 to create Ur Infoset by Giving Logical database name or Simple Database table
  Then Choose What ever data U need to be included in The Qurey in field Groups.
  Then Generate the Infoset
  Now Assign the infoset to user group
  Now goto SQ01 and Click on Other user group Button and choose Ur user Group.
  Then in the USer group select Ur Infoset and then create Ur own Query and save this.
  Now select the infoset query and goto More functions under Query menu and Generate report name.
  Now Create a transaction code for the report name generated.
  Now use the Tcode.
  Hope U have got the basic idea of creating Queries.
  ~BiSu

• Not able to restrict user groups from accessing certain entities

  We have created user groups and are trying to give them restricted access to certain entities so that they can perform consolidations only for those entities. But even after creating Security Classes (and assigning them to the entities in the metadata) and assigning [Default] security class access as Read Only, the users are still able to access and consolidate all the entities using process control.
  Can anyone please let me know how to restrict consolidation to only certain entities?

  To solve this you need the following information:
  -- What roles do the users have? Anyone with the Administrator role has full access to all classes.
  -- Examine the groups. If any users are members of a group which has more access than the users have as individuals, they get the greater access level. You can generate a report which shows all roles for all users including the derived roles.
  -- Examine your metadata. Do the entities in question have the classes you intend? If you omit a class (the field has been left blank), HFM treats it like the [Default] class.
  With this information we could help you troubleshoot the issue.
  --Chris                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   

• Restrict User to Create Custom Reports

  Hi
  Can we restrict a user from creating custom reports in SPM, If yes how? We want that user can does not see the Create New Report Option
  Regards
  Neel

  HI,
  If the dashboars and reports for users are already so well defined, wouldn't offline Briefing Books give them the same information?
  Also, if ad-hoc reporting and business user empowerment is not what you are looking for, it would also be easy to use SAP BusinessObjects BI tools, such as Xcelsius, on top of SPM data to provide those centrally defined dashboards and reports.
  Finally, BW authorizations are very flexible and comprehensive. You can limit a user to a few dimensions on which he can drill down, to certain Key-Figures, to specific levels of the hierarchy. If you don't have such authorizations in place and want to control instead the selections the user can do, then using Xcelsius on top of SPM could give you that possibility.
  Regards!
  Ricardo Vieira

• TMG2010 - Exhcange 2010 - Restrict User Groups

  Hey Guys, 
  We have TMG2010 currently reverse publishing OWA however no Pre-Auth is being used, the Exchange 2010 Auth Form is being used. 
  The TMG box is not Domain Joined, however if we joined it to the domain would we be able to use AD Security Groups to restrict access to certain services such as OWA?  Without enabling the "Pre-Auth" Functions of TMG? 
  Thanks, 
  Robert 
  Robert

  Hi,
  yes it is possible to restrict access to specific services like OWA/EAS/OA on the TMG Server for specific user/groups if the TMG Server is a member of the domain. You can also use pre-auth if the TMG Server is a member of a workgroup if you use LDAP
  on the TMG Server:
  TMG publishing:
  http://www.microsoft.com/en-us/download/details.aspx?id=8946
  TMG and LDAP:
  http://www.isaserver.org/articles-tutorials/configuration-general/Microsoft-Forefront-TMG-Using-LDAP-RADIUS-Authentication.html
  regards Marc Grote aka Jens Baier - www.it-training-grote.de - www.forefront-tmg.de - www.galileocomputing.de/3570

• Restrict users to selected BAM reports

  Hi All,
  I need to know how I can restrict selected users to selected BAM reports?
  Thanks for your help in advance.

  With your administator user in BAM you have to go to the folder where you have your Reports (in the Active Studio), click on your folder, and add your user and the permissions that you want your user to have

• Is there User Group and Role Reporting in SAP Enterprise Portal?

  I want to know if there is a way to pull users statistics our of SAP Enterprise Portal like you can out of the R3 backend systems.
  I would like functionality similar to the SUIM transaction. I know through user administration you can access any user, even a list of all users, and you can do similar lists with roles and groups. You can then access any of these things individually and look at their assignments. However, I want to do this on a large scale. I want to know for example every group that has a user assigned to it. Evergroup that has roles assigned to it. Or groups that have no user or role assignments. We have approximately 1904 groups in our Production Portal system and I am trying to clean up the groups that have no user assignment, but I don't want to look through them one by one.

  Hi Chris,
  There is no standard report available for this purpose. However all this information is stored in table UME_STRINGS.
  You can write your own SQL queries to generate such reports. However please note that this table is not normalized, and it's a master UME table. You should use it strictly for READ ONLY purpose.
  For a sample code you which i wrote some time back, you might refer:
  http://forums.sdn.sap.com/thread.jspa?threadID=2088099&messageID=10859334#10859334
  Thanks
  Prashant

• User Wise Authorization/profile report needed

  Hi Gurus,
  I need a Report where in Input screen user name is provided & in the output I required User wise
  Profile , Authorization & transaaction code assigned to this user .
  can i get similar type of Report developed by some of the gurus .
  Is there any BAPI is availavle for this .
  Thanks & regards.
  Kiro

  Hello Kiro,
  You can trace down table for any SAP object by pressing F1 (help) and selecting technical information.
  you will either get value table in data element --> data domian or it will directly give you transparent table name.
  For example:
  For table objects we can locate them in table DD02L and DD03L.
  In same way you can try for other object like reports, function modules etc.
  Hope this helps!
  Thanks,
  Augustin.

• Restrict users to see some colums from an report

  Hi,
  is there a way to restrict users (group of users) to see some columns in a report.
  For example:
  mr X to see both quantity and price columns
  and mr Y to see just quantity column
  in the same report
  or I have to make 2 report one with both columns and one with just an column.
  Thanks in advance
  best regards
  Nicolae Ancuta

  Hi Nicolae ,
  Security is enforced on two levels:
  Object-level security controls access to Metadata Repository objects (configured in
  Administrator Tool), and Web Catalog objects such as Folders, Filters, and Dashboards, etc. (configured in BI Answers Web Application). Data-level security controls access to content and data in end-user Reports and Dashboards (configured in Administrator Tool). Administrator Tool Manage Menu item Security Manager is used to define Users and User Groups and define Repository permissions.
  Data-level permissions can be set to above Groups and Users from the Presentation Table properties dialog box of each Subject area.BI Answers Web Page, Settings Menu
  Administration, to view and administer privileges associated with various components of the Answers Web application.
  More here in the documentation
  http://download.oracle.com/docs/cd/E10415_01/doc/nav/portal_booklist.htm
  Regards,
  Mohammad Farhan Alam

• Report links by user group

  hi, is it possible to set the "report links" per user group
  for example, the report links are Download, Refresh for user group Sales.
  the report links are Download, Refresh and Modify for user group Sales Admin.
  Just wanna know whether this can be done.
  thanks!

  If "Sales" doesn't have the Answers privilege, then the "Modfiy" link won't be rendered even if specified for the request. So you can just keep it in and all users having access to Answers will see it. Read-only users (i.e. no Answers) won't.
  Cheers,
  C.

• Create User Groups and assign Access privileges in Reports

  Hi All,
  Could you share the document or explain which explains about the Standard method to create User Groups in CMC for BOBJ XI 3.1 architecture.
  And how to assign privileges to user groups like view reports, folders, privileges to create/edit reports etc.
  Environment:
  - Backend - BW
  - and  BO XI 3.1 sp3
  Thanks,
  AK

  BO XI 3.1 Administration guide
  http://help.sap.com/businessobject/product_guides/boexir31SP3/en/xi31_sp3_bip_admin_en.pdf

• Cost element group authorization check on controlling area level

  Hi!
  When maintaining cost element groups (KAH1, KAH2, KAH3) is it possible to run an authorization check on controlling area level?
  We have one global chart of account but several controlling areas. When we create a cost element group it is created at chart of account level for all the controlling areas. When someone changes a cost element group it changes in all controlling areas. I cannot restrict user's authorization to be able to change cost element groups only in their own controlling area.
  Is it possible somehow?
  Thanks for your help.

  Hi,
  Like how the global chart of accounts is at the client level, the cost element groups are also independent of the controlling areas.  Infact, the cost element groups are created at the global COA level. 
  In such a case, I don't think it is possible to restrict the authorizations to amend the cost element groups at controlling area level.
  Thanks and Regards,
  Bhuvaneswari.S

• OIM 9.1.0.2 - User group permission conflict issue

  Hi Gurus,
  IHAC who have faced a strange behavior about permission conflict.
  User has been assigned to a user group (ANALISTA DRSI) who have permission to disable resource of the users he administrates. The user group has been assigned to resource's administrator.
  The same use has been assigned to other user group (ANALISTA ADM DRSI) who have other permission. The user group has been not assigned to resource's administrator.
  If the user has been only assigned to ANALISTA DRSI user group the user is able to see records on Rogue Account report. If the customer has been assigned to both ANALISTA DRSI and ANALISTA ADM the user is not able to see the record on Rogue Account report. He got a display error message (You do not have permission). Both user groups have the Report menu item assigned.
  My question: if the customer is assigned to a user group who have permission to see the reports, should not the user is able to see the report even though he is also into the other group who do not have permission?
  Is there conflit in the OIM???
  Any tip will be very appreciated.

  Orgnaization > Manage > Select Org in which users are getting created > Administrative Group (Drop Down) > Select Group for which users are not coming.

• How to find user group from tcode

  Hi Experts,
  I have custom tcode from this i found report name as AQIDSYSTQV000001SD_RR_03======
  I am unable to find Queryname in SQ01 from this.
  When i saw some of the forums i  understood that IDSYST is the user group for my query but i am unable to trace such user group in SQ01.
  Please guide me how to find user group for my report
  Thanks&Regards,
  narasimha.

  Hi ,
  I found in table AQGQSTRUC but i didnt find the specified query
  Previously 401 client is there but at present it is not there .How can you justify it that it is 401 client.
  As 401 client data is moved to someother client is it the problem why i am not able to find query??
  Thanks&Regards,
  narasimha.
  Edited by: narasimha02 on Dec 7, 2010 9:54 AM

• How many ways we can create authorization for user groups in sap query reports

  Hi Gurus, I am getting a problem when I am assigning users to user group in sap query report .The users other than created in user groups are also able to add &change  the users .So please suggest me how to restrict users outside of the user group.
  Please send me if u have any suggestions and useful threads.
  Thank You,
  Suneel Kumar.

  I don't think it can be done. According to the link below 'Users who have authorization for the authorization object S_QUERY with both the values Change and Maintain, can access all queries of all user groups without being explicitly entered in each user group.'
  http://help.sap.com/saphelp_46c/helpdata/en/d2/cb3f89455611d189710000e8322d00/content.htm
  Although I think you can add code to your infoset and maybe restrict according to authority group, i.e.:
  Use AUTHORITY-CHECK to restrict access to the database based on user.
  Press F1 on AUTHORITY-CHECK to find out how to use it in the code