10-29-2009 3:28 AM
Is 0BI_ALL= SAP_ALL?
1)If you have a Hierarchy with company code and gave access to one node for a user X. Does adding 0BI_ALL into S_RS_AUTH gives access to complete hierarchy?
2)if you create authorization object in RSECADMIN with infobject X and gave value 1 to it.Does adding 0BI_ALL to S_RS_AUTH gives access to all values defined for X.
Sorry if these are very Basic questions,i need your help to resolve a problem.
10-29-2009 3:40 AM
Hello,
0BI_ALL gives auth to all auth relevant objs in BI.
Giving this to S_RS_AUTH would give access to all those characteristics which are auth relevant, you can check if a characteristic is auth relevant or not in rsa1
I have a link http://wiki.sdn.sap.com/wiki/display/BI/AuthorizationinSAPNWBI, go through this.
Regards,
Brahmeshwar.
10-29-2009 6:30 PM
Srinu,
In BI we have two types of security.
One is administrative
second one is reporting.
In ECC we use SAP_ALL to grant full access for all authorization.
Similarly we use 0BI_ALL in S_RS_AUTH to give full access on reporting.
So if you give 0BI_ALL there won't be any errors on Reporting.
for everything on Queries you get access.
In your case, for both scenarios they will get complete access without restriction.
Thanks,
Kshriram
10-29-2009 6:41 PM
I was not able to get any information through portal from BI and it complaints about missing 0BI_ALL in ST01.If i give 0BI_ALL i cannot have any restrictions.
10-29-2009 7:09 PM
Srinu,
How did you assign 0BI_ALL?
For reporting missing authorizations ST01 will not help you. Use RSECADMIN.
thanks,
Kshriram
10-29-2009 8:02 PM
10-31-2009 6:10 AM
HI,
Create new analysis auth. role and link that role name in S_RS_AUTH auth . object.
Provide necessary authorization values for required characteristics in the analysis auth. role.
Regards
Imran