Hello Xperts,

have a scenario in which there is one user ABC who has access to data in the reports except for that he can view only

1) All data for Personal Admin Area except for values LP2 and LP3

2) All data for Personnel Sub Area

3) All data for Emp Sub Gropu except Emp Sub Grp 15.

To achieve the above, I have created 3 authorization objects for above 3 InfoObjects.

1) Role for (1) has S_RS_AUTH which has the corresponding authzn object for all values except LP2 and LP3

2) Role for (2) has S_RS_AUTH which has the corresponding authzn object for all values

3) Role for (3) has S_RS_AUTH which has the corresponding authzn object for all values except Emp Sub Grp 15.

All the roles have been assigned to the respective user along with one more role which is used for normal BI query execution ( Z_Qry_Usr).

Interesting point is that , in the query user role(Z_Qry_Usr) if I remove the S_RS_AUTH = 0BI_ALL value i start getting the message - you do not have authorization.

Please let me know how to deal in such a scenario as I cant give 0BI_ALL as it then makes no sense for restricting the data.

Help required ASAP

Regards

Rohit