Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Profit Center Authorization in 3.5 and BI 7

Former Member

‎08-09-2010 2:09 PM

0 Kudos

Hi SAP Guru,

We are in process of migration of BW 3.5 Authorization to BI 7 New analysis Authorization.

We have one scenario where as in One Object in 3.5 let say Auth Object ABC having two fields 0Profit_CTR and 0TCTAUTHH Authorized on Finance Cubes. We have another Object XYZ also having 0PROFIT_CTR authorized on SALES Cubes in 3.5.

In New solution we want only to give the access same way as it is now , the only problem we see with our new design is that when we add * to 0Profit_CTR as part of XYZ then user get more access for all profit Center and for ABC as well.

Can you please suggest me how to proceed so that users donu2019t get more access to Profit Centers.

Fyi, we have maintained infocubes access in separate Role and planning to maintain ABC or XYZ as Analysis authorizations in Separate.

Thanks in advance for time.

Br,

Deepak

4 REPLIES 4

Former Member

‎08-09-2010 4:43 PM

0 Kudos

Deepak,

With one role(0Profit_CTR : *) and another with value will over ride(more access),whether you create two roles or one role and add it the same user buffer. (in other word more access).

Other option is you can restrict on query name / Query Owner.

Thanks,

Sri

Former Member
In response to Former Member

‎08-10-2010 6:48 PM

0 Kudos

Hi Deepak,

In BW 3.5, Apart from custom authorization objects, S_RS_ICUBE object was used to control the access to cubes

In BI7, you need to ensure 0TCAIPROV with specific values to allow users access to those cubes

- Maintain Profit Center authorization object in two separate Analysis authorizatios

a) With * value

b) specific value you want to restrict upon

- Now to restrict the access for users based on Infocube

a) Ensure to restricit S_RS_COMP (Field RSINFOCUBE) to a particular cube name

- Ensure you restrict cube access using 0TCAIPROV

Kind Regards,

Sheenam

Former Member
In response to Former Member

‎08-13-2010 3:10 PM

0 Kudos

Hi ,

1.Note that in BW3.5 the authorization relevance is per infoObject and infoCube

in BI 7.0 its only infoobject setting

2.For infoProvider authorization BW3.5 sepparate authorization objects are used ( S_RS_* )

in BI 7.0 its included in authorization.

Even if you follow all the steps mentioned by sheenan I still think "*" will give full authorization.

if the infoProviders are different why dont you grant authorization to those two infoproviders using its possible values like

EQ/BT/CP

I will strongly consider Sri's response/idea.

Regards

Former Member

‎10-05-2010 7:53 AM

0 Kudos

Thanks Everyone for reply, Issue now resolved.