Business Requirement: All HR employees sees all employees in the organisation except HR.

Present situation: in ECC (R/3 HR) system: HR Structural Authorizations have been implemented in ECC system only for Managers. So the Manager can view his employees. To View the rest of employees in the Organisation, we are using a concept of ORG_KEY = Job key where we will restrict them depending on the job key and this field is available in P_ORGINCON object. It works fine in HR system.

My Proposal in BI to my Manager:

In BI, we have the same ORG structure. So my approach was to create two analysis authorizations

a. For Non-HR - In the hierarchy authorizations tab, I have dragged all the nodes other than HR and I assign these analysis authorizations to a role and gave access to all HR employees.

b. For Manager in HR:

I have followed a sap document on how to migrate ECC structure authorizations to BI and the procedure is given below

SAP Solution: In the SAP Business Content 2 DataSources (0HR_PA_2 & 0HR_PA_3) are available to bring the Structural Authorizations to BI. The input are the R/3 table T77PR, T77UA & T77UU and the eventual output are the generated analysis authorizations in BI

This method is described in these white papers:

BW/HR Authorization ASAP for BW Accelerator (BW 3.0)

BW 3.0 Authorizations, page 6-34 (BW 3.0)

I have tested for one Managers Org Unit node manually and it works fine. So it manual effort to create roles for all the managers. So we decided to go with custom code to get the node values for the Org unit node hierarchy. So the procedure is, for the query we planned to create a custom exit variable and we are writing a custom code using the SAP Enhancement RSR0001 and the logic behind the code is it get the Org unit node value from the data source 0HR_PA_2 and assigns it to the query during the run time to the custom exit variable we created during the query.

This Solution works fine, but the main problem for my manager is if we are adding any new Org. unit node, we have to manually add this to the analysis authorization every time. So my manager wants a different solution where we can use the ORG-KEY concept which was used in ECC, so that we can stop the manual procedure of maintaining the Org-Unit every time.

So I tested with the Org-Key field for Non-HR and HR separately. It worked fine separately. But when I test it together all Non-HR employees whose org key values are maintained works fine. For HR employees who report to the HR Managers I can only see those HR employee whose org key values are maintained in the role but Managers cannot see those employees who have different Org Key values and these Org key values cannot be maintained in the role.

Question: So I was trying to figure out how to use the Structure authorizations that we have in ECC for this query as I tested for this query with Org-unit = *. So is there any other field where we can get the structure authorizations. The fields which are used for this query are:

0CALDAY

0CO_MST_AR

0EMPLOYEE

0HRPOSITION

0MAST_CCTR

0ORGUNIT

0ORG_KEY

0TCAACTVT

0TCAIPROV

0TCAKYFNM

0TCAVALID

or else can anybody please give any document which will guide me using the structure authorizations apart from the 0ORGUNIT field. A Colleague of mine told me that it wont work this way as we get only those values which have Orgunit and Orgkey in common. I just wanted to know whether we can achieve the output what I am looking for.

Thanks in advance

Best Regards

-Ramesh

405-639-8036