Technology Blogs by Members
Explore a vibrant mix of technical expertise, industry insights, and tech buzz in member blogs covering SAP products, technology, and events. Get in the mix!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Authorization in BI 7 - Part 2

former_member182510
Participant
‎05-29-2012 1:04 PM

http://scn.sap.com/community/data-warehousing/netweaver-bw/blog/2012/05/22/authorization-in-bi-7 - Authorization in BI 7 - Part 1

In Authorization Part - 1, we have seen the creation of Authorization object. Now, part 2 will explain steps to create Authorization role.

  • Go to t-code RSECADMIN-> User tab and click Role Maintenance i.e. General Role Maintenance PFCG as shown below.

  • Next screen for the Role Maintenance will get open where you have to give Technical Name for the authorization role and click on Create Single Role.

  • Next screen of create roles will open where you've to give Description of the role.
  • Few tabs are given in the screen, out of which you've to select Authorizations tab to generate authorization profile.
  • Pop-up window will appear to ask you to Save the current role and then proceed.
  • Now click on the Change Authorization Data option to get into the auth value maintenance screen.
  • Change role: Authorizations screen will appear where template selection window will popup, click on Do not select templates
  • Now, we've to enter all the required authorization roles manually so click on Manually (Ctrl+Shift+F9) button.
  • Window will popup where you can either directly enter authorization role name or search using F4.
  • Following roles are compulsory for reporting authorization.
    • S_RFC

    • S_RS_AUTH

    • S_RS_COMP

    • S_RS_COMP1

  • Once objects are entered, you are back to the main screen with all the values in YELLOW which indicate values to be maintained for all of them.
  • Drill down for each object and fill up the required values.
    • S_RFC (Authorization Check for RFC Access)
      • Activity
      • Name of RFC to be protected
      • Type of RFC object to be protected
    • S_RS_AUTH (BI Analysis Authorizations in Role): Here you have to give technical name of authorization object(s) which we've created earlier. You have option to give *constant values also, again single, multiple-single and range values can be given for authorization.
    • Once you enter value, Save it.
    • S_RS_COMP (Business Explorer - Components): This role is used to restrict access for infoarea, infocube & reports.
      • Activity: You have to assign appropriate value(s) out of the list given. Value 16 & 22 are used majorly
        • Options
        1. Create or generate
        2. Change
        3. Display

                         6.  Delete

                        16.  Execute

                        22.  Enter, Include, Assign.

      • InfoArea: one or more single, multiple-single or range values can be mentioned here.F4 help available to select values.
      • InfoCube: one or more single, multiple-single or range values can be mentioned here.F4 help available to select values.
      • Name (ID) of a reporting component: one or more single, multiple-single or range values can be mentioned here.F4 help available to select values.
      • Type of a reporting component: value * is used as the list contains all the components of query.
    • S_RS_COMP1(Business Explorer - Components: Enhancements to the Owner): In this role, values similar to S_RS_COMP role should be maintained.
  • Once you assign all the required values, YELLOW objects will turn into GREEN now, SAVE the role and GENERATE the role.
  • Click on SAVE (Ctrl + S) new window will pop up, just hit ENTER.
  • Message will appear in status bar Data was saved.
  • Click on Generate (Shift + F5) button.
  • Message will appear in status bar Profile(s) created.
  • Once you generate the role, do not click on SAVE button.
  • Now click on F3 / Back you are back to the main screen where now go to Users tab.
  • Enter BW User Id in User ID field and hit enter, name & other details will appear.
  • Click on User Comparison button to update user profile with the given role.
  • New window will pop-up where you've to select Complete comparison.

  • Message will appear in status bar - User master record for all roles adjusted.
  • Save the role and exit.


* Constant values for authorization: One should not use constant values for authorization because maintenance will increase as you've to go and change such values in each & every role. 

2 Comments
Labels in this area
Popular Blog Posts