on 04-07-2016 10:40 AM
Hi guys,
I would like to create an authorization role to give full data access to a multiprovider.
I found standard authorization objects : S_RS_ICUBE and S_RS_MPRO, but they are not supported anypore.
Are they any other solutions?
Thanks.
Amine
Hi Amine,
Of course there is. Just handle the InfoProvider characteristic (0TCAIPROV ) in your analysis authorization.
Analysis authorization are now to be used to manage authorization for accessing infoProvider (instead of the old S_RS_MPRO, ICUBE, ISET etc.).
Regards,
Frederic
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Amine,
Yes you need to create analysis authorization object with Rsec admin and provide multiprovider value in that.
Include other characteristic which are authorization relevant in this multiprovider.
then you can include this object in assigned role so that user will able to execute reports on top of this mutiprovider.
you can identify missing authorization using execute as and then correct the missing authorization.
Regards,
Ganesh Bothe
Thanks a lot guys.
Amine
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Amine,
The authorization objects S_RS_MPRO, ICUBE, ISET etc. are not obsolete but serve another purpose. BW backend administrators and developers will need the authorization.
However, for data authorization the business user will need appropriate Analysis Authorization. It depends if Characteristic 0TCAIPROV is authorization-relevant (which is usually the case). If yes, then you have to include it in the Analysis Authorization object(s). Depending on your authorization concept, you have to supply full access (i.e. CP *) or restricted to certain InfoProviders (with or w/o using wildcards).
Be aware to analyze which other authorization-relevant Characteristics (and Key Figures) exist in the InfoProvider. You will have to authorize them as well in Analysis Authorizations. The authorization trace functionality within RSECADMIN will guide you to determine which authorization-relevant Characteristics need authorization.
Best regards,
Sander
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
83 | |
10 | |
10 | |
9 | |
7 | |
6 | |
5 | |
5 | |
4 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.