on 05-09-2014 8:07 AM
Hi,
The user have no access to his data while using custom authorization object.
When I run RSECADMIN/Analysis/Execute as/(user=TESTEREK,use log=active,RSRT) / RSRT (query name , execute) i receive "No authorization" message. Then under SU53 I see information about no access to 0BI_ALL.
Thats strange because the role is associated with custom ZFI_1002 authorization object.
May be in addition to changes in authorization object and role the user should be associated with ZFI_1002 authorization object in some way ?
Any help appreciated.
Leszek
============================================================================
WHAT I DID SO FAR:
1. Made the authorization object where I restricted access to 0co_area=1002.
(restriction)
2. Copied role from another one and because the old role was tied to 0BI_ALL authorisation object I changed it to my new authorization object
here
and here
3. Generated profile
3. In my query I use the variable processing by authorization
and run the query as usuall (restricting the 0co_area to value 1002).
Hi Leslaw
Could you paste the log of transaction code RSECADMIN analysis error. it may show the missing authorization.
["I run RSECADMIN/Analysis/Execute as/(user=TESTEREK,use log=active,RSRT) / RSRT (query name , execute) i receive "No authorization" message "]
and also you can refer the link end user authorization object in Transaction PFCG
Authorization in SAP NW BI - SAP NetWeaver Business Warehouse - SCN Wiki
BR
SS
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Indeed, in error log I see the need for restricting by 0COMP_CODE (which we dont use in controlling - the authorization objest is a bit uiversal).
I added in query restriction for that.
It solved the problem with 0comp_code but I have no idea why I see problems with attribute of 0debitor and 0creditor here. In my authorization object I didn't use those characteristics (see picture above).
Hi
Authorizations is missing in aggregation.
With your refer screen shot, In authorization object "ZFI_1002" just do the follows:
1. Just add those missing characteristics and set the value " *' which is showing in the screen shot
2. In case if the value are there, just add another one more value "EQ : " as mention the below screen shot
3. Once again check the authorization in T code Rsecadmin
Regards
Sriram
User | Count |
---|---|
84 | |
10 | |
10 | |
10 | |
7 | |
6 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.