Creating Authorization in BW System
Steps for creating authorization
RSD1-To maintain info object authorization relevant.
PFCG – To maintain roles
RSECADMIN – To maintain analysis authorization and role assignment to user
1. Make a variable authorization relevant.
2. Create roles.
3. Create BI Analysis Authorization.
1. Make a variable authorization relevant
Go to RSA1 select info object target and go to business Explorer and check the box for authorization relevant
2. Create BI Analysis Authorization
Use transaction RSECADMIN
Select AUTHORIZATION Tab
Give the name for the authorization and click create
Give the short text
Below characteristics are mandatory while creating authorization object.
1. 0TCAACTVT: This characteristic handles the general activity like create, change, display etc.
2. 0TCAVALID: This characteristic handles the authorization for Info Provider by default it gives access to all the Info Providers i.e. full access. We can restrict authorizations for particular Info Providers using this characteristic.
3. 0TCAVALID: This characteristic handles the validity of an authorization. Always valid (*) is set as the default for validity. You can restrict this validity. You can also specify a single value or an interval.
Insert new row and add the dimension and give a value
- For giving values double click the intervals cell
Add a row and give the value depending upon the requirement
Save the authorization
3. Creating the role
Select user tab
Select Role maintenance
Give the role name and select either single role or composite role (in my case I selected single role)
Select menu tab
Give the transaction to be allowed
Ex- RSRT – Query monitor
Select Authorization Tab
Add the authorization created to S_RS_AUTH
Generate then Save
Select the user tab
Add the users which has the role
Then do user comparison
Creating Authorization variable
Open query designer
Creating authorizing variable
In Query Designer Put the authorization variable under filter panel.
Checking the authorization
Go to the analysis tab -> select execute as -> give the user (EX – RETUSER1) -> select with log
Select start transaction -> select the authorization query -> execute
Then run as the user to which role was assign then run the query
Query display as HTML
Now check the below out only for the RUKSHAYA