- SAP Community
- Groups
- Interest Groups
- Application Development
- Discussions
- BI security about Hierarchy level restriction
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
BI security about Hierarchy level restriction
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-07-2012 4:03 PM
Hi Experts,
I am a beginner in SAP BI security. I have a small confusion hope I can get it clear here.
In SAP BI 7, we use authorization object S_RS_HIER to restrict the users to view the hierarchy..
We also restrict it through RSECADMIN by creating an analysis authorization.
What is the difference between S_RS_HIER and an infoobject restircted through RSECADMIN(hierarchy).
Request you to kindly help me on this?
Regards
Julius
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-07-2012 5:36 PM
Hello Julius,
the authorization object which u create in RSECADMIN and you have to assign in S_RS_AUTH. this will restrict the users specific to the data.
in RSECADMIN you can specify the values to restrict the data of the particular object.
But S_RS_HIER is to mantain hierarchies (transaction rsh1).
Also go through link : http://help.sap.com/saphelp_nw70/helpdata/en/ad/8f7842fdb70f53e10000000a155106/frameset.htm
Regards,
Amit Barnawal
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-07-2012 5:36 PM
Hello Julius,
the authorization object which u create in RSECADMIN and you have to assign in S_RS_AUTH. this will restrict the users specific to the data.
in RSECADMIN you can specify the values to restrict the data of the particular object.
But S_RS_HIER is to mantain hierarchies (transaction rsh1).
Also go through link : http://help.sap.com/saphelp_nw70/helpdata/en/ad/8f7842fdb70f53e10000000a155106/frameset.htm
Regards,
Amit Barnawal
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-07-2012 5:43 PM
Hi Julius,
RSECADMIN and S_RS_HIER are two different subjects and has little interrelations.
RSECADMIN is used for administration of Analysis Authorization (Creation, Maintenance and Assignment). Within an analysis authorization you can restrict infoObjects by either value authorization or by Hierarchy. Assignment of analysis auth to an user can be done directly using RSECADMIN or indirectly through roles. The relevant auth object is S_RS_AUTH.
Based on the Hierarchy maintained in analysis auth, user gets relevant access during reporting.
S_RS_HIER is the object to control access for administration of Hierarchies. This is required by the BI team while creation and maintenance of hierarchy nodes etc.
In simple terms:
With RSECADMIN you can select an user to report on specific Hierarchy Nodes and with S_RS_HIER you can control access on creation and maintenance of Hierarchies in the system.
Hope this answers your question.
Thanks,
Deb
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-07-2012 6:02 PM
