on 09-24-2008 10:48 AM
Hello Experts,
In our BI7.0 system we are trying to display data in one of the infosets.When we are trying to display the same we are coming across an authorisation error saying " User doesnot have authorisation for infoprovider (ABC)". After recieving this message we execute SU53 tcode but the missing authorization shown is S_RS_AUTH with value 0BI_ALL.When we switched on the trace through ST01 even in ST01 report it is checking the same object S_RS_AUTH with value 0BI_ALL.
In our authorisation structure we have maintained a analysis authorisation in which infoarea and infoproviders are maintained as *, we have also maintained the authorisation object S_RS_ISET with value as * in infoset field. Can anyone please help us with this issue. We are not able to display data in an infoset.
Thanks in advance.
Hi,
Check below link:
part of the link
" There are two ways to assign an analysis authorization to a user: In RSECADMIN, under the tab "Manual or Generated", which you have done....
or, by using the object S_RS_AUTH in a role, in transaction PFCG.
The 2nd tab (Role-Based) displays all analysis authorizations that were assigned using S_RS_AUTH.
So, check in the user's roles assigned in PFCG, and one of them should contain the value 0BI_ALL. "
Regards
Daya Sagar
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello Daya,
Thanks for your response.This is what we are avoiding i.e assignment og 0BI_ALL to the user. Assignment of this analysis authorisation becomes an compliance issue and that is the reason we dont want to give this access to the user.
We tried assigning 0BI_ALL and the user is able to see the data in the particular infoprovider. But we think this will not be the proper method of maintaining security.
Thanks.
Best Regds,
Suyog Chakot.
Hi,
You have the problem due to missing authorization objects: S_RS_COMP and S_RS_COMP1.
Use the infoset technical name as the infoprovider in those objects.
S_RS_COMP:
The object contains four fields:
InfoArea: Determines which InfoAreas a given user is allowed to process.
InfoProvider: Determines which InfoProviders a given user is allowed to process.
Component type: Determines which components a given user is allowed to process.
Calculated key figure (Type = CKF)
Restricted key figure (Type = RKF)
Template structure (Type = STR)
Query (Type = REP)
Variable.....(Type = VAR)
Name (ID) of a reporting component: Determines which components (according to name) a given user is allowed process.
Activity: Determines whether the user is allowed to
Create (Activity = 01)
Change (Activity = 02)
Display (Activity = 03) or
Delete (Activity = 06) a component.
The activities 16 'Execute', and 22 'Save for reuse' are not currently checked by the query definition.
S_RS_COMP1:
Name (ID) of a reporting component: determines which components (according to name) are allowed to be edited by the user
Type of reporting component: determines which component types are allowed to be edited by the user
Calculated key figure (Type = CKF)
Restricted key figure (Type = RKF)
Structure (Type = STR)
Query (Type = REP)
Variable (Type = VAR)
Reporting component owner: determines whose components are allowed to be edited by the user
Activity: determines whether the user
is allowed to change a component (Activity = 02)
is allowed to display a component (Activity = 03)
is allowed to delete a component (Activity = 06)
Thanks,
Tomer .
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
78 | |
9 | |
9 | |
7 | |
7 | |
6 | |
6 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.