Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

PFCG Role Data Empty after upgrade to BW 7.3

Former Member

‎05-18-2012 12:24 PM

0 Kudos

Hello Experts ,

After the upgrade steps , I am unable to see the role data from PFCG ' Display Authorization Data '  . The auth data is empty .However ,  All my old objects are  visible  in sap table agr_1251  with the right value status as U ,  This is really a strange behavior and would like to know the real cause of it . Is there any upgrade step w.r.t pfcg that i have missed  ?

quick response would be highly appreciated .

Reg,

Anthony

7 REPLIES 7

shivraj_singh2
Active Participant

‎05-20-2012 6:00 AM

0 Kudos

Anthony,

Under 730 settings, the objects of class RSR are no longer visible in PFCG as those settings are not supported anymore, however the same is available in AGR_1251 and SUIM. You have not missed any step, it just means that reporting objects of older, obsolete concept are not supported thus not visible in PFCG.

Regards,

Shivraj

Former Member
In response to shivraj_singh2

‎05-21-2012 8:26 AM

0 Kudos

Thank you Shivraj,

Please may i know how am I supposed to carry out a technical upgrade of the auth concept ? . I need to create analysis authorizations based on the old objects and insert them manually under s-rs-auth ? correct ?

Can I ignore the non-visibility of the pfcg data  ?

As mentioned by Bernhard below , do we have to create RSR as new object class ? I see that my system already has object class RS with old objects .

Is there a specific guide available from SAP for migrating to the new concept in 7.3 , would be glad to know .

Reg ,

Anthony

shivraj_singh2
Active Participant
In response to shivraj_singh2

‎05-21-2012 5:43 PM

0 Kudos

Anthony,

"technical upgrade of the authorization concept" may not be a correct way to phrase it, or at least I am not familiar with it. Technical Upgrade and Authorization Concept Upgrade (Security Upgrade) are two separate items: Technical Upgrade is usually referred to installing the content and Security Upgrade is when you switch from Obsolete Reporting Authorization Concept to New Analysis Authorization Concept. Up till BI 7.0 - Technical Upgrade was possible without Security Upgrade as the system supported both Reporting Authorization Concept as well as Analysis Authorization Concept. However 730 does not support older Reporting Authorization Concept so you must be on Analysis Authorizations.

- You need to create AAs, insert them manually in object S_RS_AUTH in PFCG

- You can ignore the non-visibility of PFCG data, just go to AGR_1251 and pull the information you will need to build your AAs

- To build AAs & switch to new concept, you do not need to create any object class in SU21, also RSR is already SAP namespace. And if you go to table TOBJ and check for Z objects or your reporting objects, all will show under OCLSS RSR. I am not familiar with the method Bernhard is mentioning, it may be correct, but as far as I know , there is no need to for using SU21 for switching to AAs.

- As Maligros Caballo mentioned - you need to have AA when you go for 730, GOOD NEWS - you have all the information you need in table 1251 to build AAs, so no need to collect requirement from business again.

- Specific Guide - there is no specific guide, presentations by SAP personals are main source material but these do not give you step by step instructions, step by step is not actually possible as all BW implementation are client specific. These presentations do mention automated tool RSEC_MIGRATION which is a report that upgrade and create AAs, but it is faaaaaaar from perfect. You will have to create AAs manually.

Good Luck,

Shivraj

Bernhard_SAP
Employee
Employee

‎05-21-2012 7:36 AM

0 Kudos

Hello Anthony,

to be able to maintain your authorizations, please create the authorization class RSR in SU21. Pls refer also to SAP note 1560102. b.rgds, Bernhard

Former Member
In response to Bernhard_SAP

‎05-21-2012 8:35 AM

0 Kudos

Hello Bernhard,

could you elaborate on the answer . RSR is a class in SAP namespace. I am only looking forward for a technical upgrade . and my intention is to collect the old  'Z' objects and replace it with analysis auth under s_rs_auth . If the object is not visible , would it make difference ?

please could you share any best practise ?

thank you in advance

Reg,

Anthony

garciacaballo
Explorer
In response to Bernhard_SAP

‎05-21-2012 10:53 AM

0 Kudos

Hello Anthony,

bad news: you must change your roles (better said, you must upgrade your authorization to analysis authorization) before upgrading to 7.3.

Sorry!

Regards,

Milagros

Bernhard_SAP
Employee
Employee
In response to Bernhard_SAP

‎05-22-2012 11:26 AM

0 Kudos

Hello Anthony,

the issue is, that the old authorizations still exist for the role (agr_1251-data), but you cannot see/maintain/remove them. This won't have an effect on the BW-functionality, but still you have inconsistent data for your roles. Reporting on authorizations assigned through roles will give irritating results - who will remember for instance in 2-3 years, why there are authorizations assigned in a role but you can't see it in PFCG.

b.rgds, Bernhard