Variable Authorization Issue..

Hi,
   i created narly 20 variables. When user trying to save the Query with new Variables. he is getting " You do not have Authorizations to add or create.
How can i restrict Users to use these Variables. What r u the spets i need to take care.?
Could you please help me out from this.
Nagesh.
Message was edited by: Nagesh Ganisetti

Hi,
I think that it is a restriction for saving queries, not using variables.
Restriction for working with queries arec determined in S_RS_COMP & S_RS_COMP1 auth objects.
Best regards,
Eugene

Similar Messages

  • BI Variable authorization issue

    Hello Experts,
    Please help me with the below issue. I have implemented Variable authorizations as below.
    1)I have marked Cost Center and Profit Center info objects as Auth relevant.
    2) Created a global Variables for CC and PC with processing by authorization & user exit.
    3) Created analysis authorization for the info object 0cost center and Profit Center and added value as $ ZCOST.
    4) Created the include program ZSECTEST in the user exit to check the Variables.
    I have created only one analysis authorization with both CC and PC fields and restricted to Variables.
    Scenario 1: If the Query that was built on the Cube has only CC data authorizations are working fine by picking the values from the table. u2013 Working
    Scenario 2 : I have a query that was created on MP which has cube A with CC and cube B with PC data.
    (system checks if the user has access both info objects since both were auth relevant fields)
    When user ran the query u2013 custom code checks the table and gets the CC and PC values to the query variable screen.
    Issue: If the query has both CC and PC data for the given date it was showing results fine.
    If the query has only CC data and no PC data then query is giving message saying no data available.
    My requirement is even there is not PC data for that date I want to display the CC data.
    Thanks in Advance.
    Thanks,
    Kumar.

    Hello Sandipan,
    Thanks for the quick response.  Primary key has been already defined in the table.  Issue is I have only one analysis authorization created with fileds  CC and PC restrcited to variables VAR1 and VAR2 respectively.
    When I execute the query in the variable selection screen values are coming fine as below from the custom table. (works)
    Variable selection screen :                   
    Cost Center   -    1,2,3,4
    Profit Center   -     A,S,D,F
    Date               -   10/2010
    In the above example if the query has only CC data for that date - I get error no data available because system is fetching for the  combination of CC 1,2,3,4 and PC A,S,D,F .  I guess some aggregation auth are missing.
    When I execute the same query with SAP_ALL and BI_ALL I get results with only CC - because PC data on this query was not available for that date.
    My requirement is  even if the PC data was not avaiable for that date I want to display all the CC realted  data.
    Thanks,
    Kumar.

  • Variable screen/variant screen authorization issue

    HI All,
    We have implemented standard Cost Center Overview Report(0SR_C02_Q0002) in BI 7.
    We have three selection fields:
    1.Company Code which is mandatory
    2.My controlling Area which is also mandatory
    3.Costcenter which is not mandatory
    The requirement we are facing over here is that in the Variable screen/variant screen when I enter a company code, then I need to display dynamically only those "My Controlling Area" values which are assigned to that particular company code and not all. In the same way after selecting the appropriate "My controlling area" value, I need to display only those cost centers in the cost center selection field which are assigned to the selected company code and My controlling area combination and not all.
    can anyone guide me on how to go about on this authorization issue at the variable screen itself.
    Please treat this issue/requirement on high priority.
    Appreciated in advance.
    Regards,
    raps.

    Hi,
    I think that an alternative to solve your concern could be using Web Application Designer (WAD).  In this respect, there are several design options, with different levels of complexity.
    As the simplest alternative, you could create a WAD including your query and three Dropdown Boxes: one for Company, a second for Controlling area and another for Cost center.  The four mentioned elements should be linked to the same dataprovider so, when you select a company, the options in the other two Dropdown boxes and the information in the query are updated.
    In order to enforce mandatory filter selection at Company and Controlling area level, you should set NO_REMOVE_FILTER='X' in both two Dropdown boxes, so that "All values" option -which would mean no filtering- is not offered.
    I hope this helps you.
    Regards,
    Maximiliano

  • Authorization issue to execute query via analyzer

    Dear,
    We are experiencing an authorization issue that we can not solve...
    We have grant to user the expected objects to execute query (S_RS_COMP & S_RS_COMP1) and the central objects like S_GUI, S_USER_AGR.
    When we test in RESCEADMIN, everything is fine. We can execute the query.
    When we test it in the analyzer, the variable screen does not pop-up and we get the error message:
    "There is no variable in the workbook, which allows user input"
    Does anybody have a direction to help us to orientate our investigation?
    Many thanks,
    Rodolphe

    Hello,
    What is the basic settings you have in the Query Properties basic setting tab
    Try making it mandatory
    Regards
    Nitin Bhatia

  • Authorization issue in BPS

    Hi guys,
    I've the authorization issue in a BPS application, where a user can upload a flatfile into a BPS-cube, but only when I select in the authorization object S_RS_AUTH 0BI_ALL.
    Without selecting 0BI_ALL (another analysis authorization) yields to the message, that the user has not enough authorization...
    Now the user gets access to data in the BW reporting to all the organizational marks like the organization unit (0ORGUNIT).
    How is it possible to design the authorizations / analysis authorization, that the same user can upload data via flatfile, but gets only access to transaction data for organizational data which he should see???
    How should the analysis authorization should be designed? Has it something to do with the techn. char. like 0TCAACTVT?
    THX in advance!
    Clemens

    Hi,
    Have you tried creating Authorization Variable for organizational Unit ?
    This will give restricted access to data based on the authorization assigned .
    Thanks
    Pratyush

  • Authorization issues in Bex Analyzer

    Hello,
    Can somebody help me with an authorization challenge I’m working on? For certain reports a user should me authorized to see key figures for a certain area and this area is divided into several units. This is the high level report authorization. But when they want to see more detail in the report (the can drill down the person responsible or the customer for example) the user is only allowed to see the key figures of his own unit. To make this possible we have created two authorization roles:
    Role 1
    Area                          *     
    Unit                          11
    Person Responsible          *
    Customer               *
    Role 2
    Area                    *
    Unit                    *
    Person Responsible          :
    Customer               :
    When executing the query with the characteristics ‘area’ and ‘unit’ in the rows and ‘person responsible’ and ‘Customer’ in the free characteristics there are no authorization issues. But when in the query result the user wants to drill down ‘person responsible’ the error message “You do not have authorization to read object XXX”. I expected that the details would only be shown for unit 11. To be able to show the details the user must now first remove the drill down, filter the unit they have authorization for and then drill down the ‘person responsible’ again. This is considered a workaround but not desirable. Is there a different way to solve this issue?
    Kind Regards,
    Petra van Noort

    Hi,
    Have you tried to include a authorization variable on your report that filters 'Unit'?
    I'm not sure of what will happen if you use it (maybe you'll always filter your report on '11' unit, or maybe you get different filter values depending on your drill down status, which is what you want).
    It's just a thought...
    Regards,
    David.

  • Authorization issue regarding Bex Query

    Hi All,
    User Requirement: When ever the user is executing the report in Design Studio, user can able to see all the company codes (summary data) in the main page of the dashboard. If user wants to drill down to a particular Comp code, then user should access only which are authorized. Ex: If the user Test4444 is executing the report, then he/she can able to see all the comp codes data in the main page of the dashboard. If the user wants to drill down further to see the comp code wise data, then he/she should not allowed to see except comp code-4444 or what and all authorized .
    Back ground work:
    I have a Bex query, which is using the Design Studio. In this query, "0COMP_CODE" is a char InfoObj and I have created a Auth variable on this InfoObj. There are 4 autho objects created based on this "0COMP_CODE". And also 4 Roles and 4 users have created.
    Each autho_Objet has assigned to that corresponding Role and that Role is assigned to that correspond User. Details are as follows.
    Autho_Objet
    Role
    UserID
    ZTEST_MAIN (which includes all - 23 compny codes)
    ZMain_Role
    All users have to access this role
    ZTEST_1111 (which includes only CC- 1111
    Z1111_Role
    Test1111
    ZTEST_2222 (Which Includes only CC - 2222)
    Z2222_Role
    Test2222
    ZTEST_3333 (Which Includes only CC - 3333)
    Z3333_Role
    Test3333
    ZTEST_4444 (Which Includes only CC - 4444)
    Z4444_Role
    Test4444
    To achieve this requirement, I have created 1 auth.object for all Comp.Codes and assigned to one main role and this role is assigned to all users. This looks fine and hopefully it will work.
        The problem is the next step of drill down to comp.code. Here I have created individual autho.object per Role per User and mapped accordingly. Unfortunately, user can able to access all the comp.codes data because of the main role assigned. I got stuck here in this second level restriction. Could some one can through a light how we can achieve this in authorization. It would be a great assistance if some one help here. I would be much appreciated and grateful to your assistance and inputs. Thank you in advance!
    BR
    Venkat...

    In the role ZTEST_MAIN,
    You need to remove all company codes as this is overriding the rest
    Then add aggregate authorization, ie "0COMP_CODE" = ":"
    This is a special authorization which grants authorization to see the summation of all the 0COMP_CODE without giving detailed authorization to any.
    The rest of your design is fine.
    You should then use RSECADMIN to check any authorization issue you have.

  • Secured WebDAV Mounted Volume Authorization Issues

    I use a secure WebDAV mounted volume from myDisk.se and up until the latest Security Update have had zero issues being able to manipulate files and folders as I would on a normal volume. However, since the installation of the Security Update (2009-004 (PowerPC) 1.0) I find weird things happening with this mounted volume:
    1) I am able to mount the secured WebDAV share using my security credentials.
    2) I can create a default "untitled" folder but when I try to change its name, the WebDAV authorization dialog pops up and despite entering the same credentials (why, I am not sure as the volume has already been properly credentialed in order to be mounted), access is denied.
    3) Trying to create a file within a folder on the mounted WebDAV volume I previously created pre-update causes the same authorization issue.
    I have no other WebDAV shares I can try to mount from any other companies so I am not sure if this is a myDisk issue or one borne from the Security Update. I am not a .Mac/MobileMe user and that info is not filled out in System Preferences. The internal hard drive has been meticulously maintained with Disk and Permissions repair being run both before and after each and every software update installed. Likewise, the volume's structure is also checked both before and after and shows no need for repairs.
    Any ideas? Perhaps there is a corrupted file somewhere that's affecting the authorizations needed by this third-party WebDAV volume?
    The machine that has this problem is the last model iBook G4/1.33GHz 12" display, 1.5GB RAM, and a 100GB 5400rpm HD which replaced the stock OEM 40GB 4200rpm drive about one year ago.
    I'm not willing to do an Archive and Install at this point as the loss of the WebDAV access to my online volume is not critical. Inconvenient as heck but not to the point where I'm willing (or able) stop my normal work to spend the hours it will take to get WebDAV access back.
    Thanks in advance for any insights.

    same problem here with webdav, I can't mount my idisk from university network on Mac Pro 10.5.3 (although it mounts fine from home network on both ibook and PMG5 10.5.3). Everything was fine with 10.5.2 and I already re-installed 10.5.3 combo. Other bugs as well with .Mac prefs (keeps crashing, sometimes it shows the available space on idisk but still no mounting, with error -35 or -8086), but .Mac sync is OK
    Jun 11 12:34:21 webdavfs_agent[579]: mounting as authenticated user
    Jun 11 12:34:22 kernel[0]: webdav server: http://idisk.mac.com/[username]/: connection is dead
    Jun 11 12:34:22 KernelEventAgent[75]: tid 00000000 received VQ_DEAD event (32)
    Jun 11 12:34:22 kernel[0]: webdav_sendmsg: sock_connect() = 61
    Jun 11 12:34:22 KernelEventAgent[75]: tid 00000000 type 'webdav', mounted on '/Volumes/[username]', from 'http://idisk.mac.com/[username]/', dead
    Jun 11 12:34:22 kernel[0]: webdav_sendmsg: sock_connect() = 61
    Jun 11 12:34:22 KernelEventAgent[75]: tid 00000000 found 1 filesystem(s) with problem(s)
    Jun 11 12:34:22 kernel[0]: webdav_sendmsg: sock_connect() = 61
    Jun 11 12:34:52: --- last message repeated 1 time ---

  • BI 7.0 Analysis Authorization issue: some reports displaying a blank page.

    Hi All,
    This is regarding BI 7.0 Analysis Authorization issue.
    Overview:
    we have restricted some queries at infoobject level.
    Issue:
    a. For some of the queries, we can see the selection screen but when we try to execute the query by clicking on the execute button (Queries WAD) we get a blank page, meaning nothing is displayed on the output (white/Blank screen).
    b. When we execute the same query through RSRT, we get a message which says "Disconnecting from BW server..".
    c. Let me explain further on this. Basically we are doing this in order to have limited access to Auditors at the client side. At the same time normal users should not get impacted due to this, hence we created two roles. One for normal users and other for Auditors.
    d.  Now the thing is that we execute the same report with normal user ID's the report executes properly and displays the output. it does not show the blank page.
    e. But when we execute the same report with Auditors ID then we get a blank page.
    Any idea why this is so?

    Hi Neha,
    I tried the below also,
    GL Acnt
    I EQ 0000134010
    I EQ :
    but still it didn't work.
    No Infoobject is missing in Authorization Object.
    For your point, "rsecadmin - > analysis -> execute as -> check for the desired user & analyze the log" it didnu2019t allow me to analyze, since as soon as click on execute button a pop-up comes up saying "Disconnecting from the BW server..."
    As mentioned earlier also it is giving me the below message,
    ""I>> Row: 103 Inc: AUTHORITY_02 Prog: CL_RSR_RRK0_AUTHORIZATION                                                                       RS_EXCEPTION        301CL_RSR_RRK0_AUTHORIZATION                         AUTHORITY_02"
    Kindly suggest, since this is a show-stopper for us!
    Thanks,
    Ishdeep Kohli.

  • Authorization issue - help request

    Hi guys,
    One of the consultants is having an authorization issue ( He is not abele to run a t-code)
    I ask him to run a su53 report and i am not sure how to proceed with this.
    Please help.
    Here are the details from the SU53 report.
    DISPLAY AUTHORIZATION DATA FOR USER VYXXXX
    User : VYXXX                       profile parameter authorization buffering    4
    Authorization Object: F_KNA1_GRP
    Description
    Authorization check failed:
          + Authorization object F_KNA1_GRP Customer Account Group Authorization
                Activity                                08
                Customer Account Group     ZM01
    Users Authorization Data :
          +  Authorization object F_KNA1_GRP Customer Account Group Authorization
                   Authorization  T-PD19002300
                  Authorization  T-UG39000900
                  Authorization  T-UG39001000
    Please help me guys what need to  be performed.
    Regards,
    Vamsi.

    Hi Vamsi,
    SU53 shows us the last failed authorization for a user. However, it might not only be the failed authorization object failed.
    Hence, "just to learn" , you can use transaction ST01 to enable and run a trace for particular users. Be sure to use in a test environment first, and with proper filters. (for a particular user only).
    Then check-> which auth object is failing.
    RC=4 means a object value is failing.
    RC=12 means an object is missing!
    Check, which tcode is calling that object and this tcode is present in which role. Then.........proceed.
    You can check the SAP documentation on running traces on the help portal of SAP.  I think you will find the answer yourself by troubleshooting more and may be massaging some test roles here and there!
    Likewise, if you are new to security, I would encourage you to start by reading some books on SAP security. Authorizations made easy is a good book to start with.
    Let me know if you have any questions
    EOD for me :P . take care
    Abhishek

  • Authorization issue during Jump

    Hi all,
    I am faced with an authorization issue when I am jumping from a BW report into an ABAP report in R/3. The particular BW report is built on a Multiprovider and when I jump to the R/3 report it displays a message saying that I have no authorization to display the R/3 report. Now the issue is that when I run the same report on the base infocube and perform the jump there is no problem. It works just fine.
    Both the multiprovider and the base infocube have the same authorization objects checked.
    Can someone please help?
    Regards,
    Ashmith Roy

    Pls have a look on the below thread:
    Authorization by InfoArea
    Regards
    Ganesh
    *Assign points if this helpful

  • Authorization issue in Info spoke

    Hi all,
    I am facing some authorization issue when executing info spoke in process chain.
    Info spoke is working fine in direct Scheduling (both background and Dialog).
    Am getting this error after execution of process chain
    "System error: RSDRC / FORM AUTHORITY_CHECK RSDRC / FORM AUTHORITY_CHECK R"
    "System error: RSDRC / FUNC RSDRC_BASIC_CUBE_DATA_GET RSDRC / FUNC RSDRC_B"
    "System error: RSDRC / FORM DATA_GET RSDRC / FORM DATA_GET RSDRC / FORM DA"
    "Extraction Cube : Error in DataManager API".
    I dont know why this problem comes.
    Can anyone tel me what went wrong and how to solve it.
    Thanks in advance.
    Kind regards,
    Shanbagavalli.S

    Hi All,
        The above issue is getting due to # character in text at end(e.g ljdfsaa##). After removing # characters in text issue got resolved.
    Thansk,
    Manjunatha

  • Authorization issue after the Support packs upgrade

    We're having problem on authorization issue after the SP upgrade.
    One issue if "You are not authorized to call up line item display" using FCH1 and FS10N tcodes.
    And the SU53 showing problem on S_TCODE FAGLL03.
    How are we going to solve this issue? We dont want to add this missing auth object on all our finance roles.
    Thank you in advance.

    How can i send you the trace file? What is your email address?
    If I were you, I won't do that. Did you not ever sign some confidentiality agreement? I wonder.
    Anyhoo... (copy right @ David)
    What are the objects been caught in category RC=4, RC=12?
    Relate them with functional aspect of the transaction (error screen)
    Edited : You can paste RC=4, RC=12 objects here without customer specific value if you want to.
    Regards,
    Arpan Paik
    Edited by: P Arpan on Aug 23, 2011 2:36 PM

  • Authorization issue - need to know the Role providing this access

    Hi,
    User is facing an authorization issue below:
    "You donot have authorization to display DataSource 2LIS_06_INV, Component MM" and
    "You donot have authorization to display DataSource 2LIS_11_VAITM, Component SD"
    Kindly let me know what Role is missing from the user's profile?
    Thanks and Regards,
    Sachin
    SAP Security Consultant

    Hi Murali,
    It helped.
    I found out the BW Data Support role for the object S_RO_OSOA and when checked it was already in user's profile but the missing part was user Comparision for that role.
    I did user comparision and then user is able to view the below DataSources....
    Thanks for your help, it triggered to find the root cause.
    Thanks
    Sachin

  • Authorization issue to view cube contents

    Hi Gurus,
      I am getting Authorization issue to view cube contents in Production server, When I execute the cube it is showing me the following statement.
    "You do not have sufficient authorization for the infoprovider ZMMG_C05".
    Please provide me a possible solution for this.
    Thanks,
    Jackie.

    Hi,
    Two things to be checked with respect to authorization for this one.
    1) Functional Roles: Check whether Info cube is present in the functional roles that are assigned to you.
                                  If not you need to get the functional role in which the Infocube is assigned.
    2) Data Access Roles: Check in the data access roles assigned to you, whether you have the access
                                      to the selection that you are using to see the data in the info cube. Else, request
                                      BASIS team to assign the appropriate data access roles to you.
    Hope this helps.
    Regards,
    Bharat

Maybe you are looking for

  • Best Photo Organizer?

    Relatively new to Macs but have gone in with both feet and replaced all PCs in the house. Was using Kodak Gallery - now iPhoto but iPhoto has a ton of limitations. Ideally I would like to set up a photo repository that could be accessed by all Macs i

  • Log In Error in Internet Sales R/3 Edition

    Hi, I´m working with Internet Sales R/3 edition, not CRM. I´ve created a contact (Ej.'1') assign to a customer. I´ve created an internet user (tx SU05) with the same contact code ('1'). When I try to access to the web, I enter '1' in the user name an

  • PC 10.0 - Unable to add Regulation to an Org Unit

    Hi All, I added the org through Root Org hierarchy, but when i tried to modify and add the regulaiton to the Org unit - there is no add button available in the Org Unit for reguatlions. Only Remove button is available. Is any authorization missing fo

  • No operand values were found for operand MET_KVAT2C

    Hi, I am getting following error while doing billing, pls help.... No operand values were found for operand MET_KVAT2C Message no. AJ013 Diagnosis No operand value was found for operand MET_KVAT2C for the period 03.06.2009 -- 24.06.2009. Procedure As

  • Transaction Descuentos por Linea en la ORDR

    Buen dia Expertos quiero realizar un transaction para que valide los descuentos que se realizan en un pedido en SAP el porcentaje se rige con las escalas de descuentos que tenemos en la tabla SPP2, el objetivo de este transaction es mantener la integ