Wajid,

Is the restrictions on the InfoObject for the same InfoProvider? If they are for the same InfoProvider but in different analysis authorizations they will merge and consolidate on run-time per SAP optimization. Additionally if the InfoObject is shared between MasterData objects it will have the same behavior. (ie 0ETHC_ORGIN used in 0EMPLOYEE and 0VENDOR) since its a shared master data object giving someone access to 0ETHC_ORGIN anywhere will grant access to both 0EMPLOYEE/0VENDOR if user has authorization to either.

Hope that helps or provide more details if still stuck.

Thanks.

Matt

Hi Wajid

It is indeed a interesting question as in R3 it access provided will be the intersection of two auth objects. However in BI it is the other way around.

If one Analysis Authrization(AA1) has a " : " for a particular infoobject and in another Analysis Authorisation(AA2) the value of that same info object is " * ". If both analysis authrization objects are assigned to the same user then user will be able to view the entire data for the Infoobject. I am already using a similar scenario which provides full access for the info object to the users.

Thanks.

Anjan

Hi Wajid,

This is the key difference in the earlier concepts of BW3.0 and BI . In BW, the authorization was provided as an "intersection" of Authorizations but in BI the union of the "authorizations" is provided .

Hope this helps.

Regards,

Manisha