I'm trying to understand the generation of analysis authorizations by using the RSEC_GENERATE_AUTHORIZATIONS report. Well, in order to do this, the steps were:
1.- I have Activated the ODS 0TCA_DS01 and then I've copied it.
2.- I've defined the authorization and then I've loaded it into the ODS (with CSV file).
3.- I ran the RSEC_GENERATE_AUTHORIZATIONS report, and according with the logs, the generation was fine.
My question is:
.- When I try to display the setting for the authorization generated (RSECADMIN), an error message appear "Authorization ZTESTODS does not exist in version A". I think that once authorization was generated, it's not possible to modify through RSECADMIN, we always must update the ODS. Am I right? or something is missing in te generation.
Thanks and best regards
I've found this notes [1616753|https://websmp230.sap-ag.de/sap(bD1lcyZjPTAwMQ==)/bc/bsp/spn/sapnotes/index2.htm?numm=1616753].. It says something about after the upgrade to BW 7.30, the older analysis authorization are inactive and cannot be used.
The system we have is SAP_BW 7.30 level 4. Probably implement this notes, the problem will be solved.
I've been totally wrong... The standard behavior is:
1.- Once you've activated the ODS and filled it, (you must activate the data), you could run the RSEC_GENERATE_AUTHORIZATIONS report, the system generate the authorizations and are assigned to user (the user must be created).
2.- You, definitely, could modify the autorization through RSECADMIN (but is highly recomended do not do it, at less that you know what are you doing).
3.- In BW 702 level 7, is not necesary implement a note, however, in BW 7.30 level 4, perhaps will be necesary this note [1616753|https://websmp230.sap-ag.de/sap(bD1lcyZjPTAwMQ==)/bc/bsp/spn/sapnotes/index2.htm?numm=1616753].
Good to see you figured it out. I have a similar problem:
When generating the rsecadmin object from the DS01-DSO I end up with a user that has been assigned the analysis authorization object. However, when I go to the tab <Manual / Generated> in transaction <RSECADMIN><User><Individual Assignment><Display>, I do see the authorization but if I double-click it, the message "Authorization ZTCTAUTH0001 does not exist in version A" comes up. Any ideas?
System = BW 7.3 SP5 (includes the note you mentioned)
Any feedback would be appreciated.
I have the same problem that Eddo in RSECADMIN. Could you solve the problem?
Besides, with RSSM transaction, I could generate the profile directly in the "user master record" ( user BHG001; profile RSR_0006497). However, the queries executed through this user shows all data and not the data limited in the RSR_0006497 profile. The query has the respective authorization variables in 0Employee, 0hrposition and 0orgunit. Do you have any idea?
Is 0bi_all mandatory in rsecadmin for this user?
The system is BW 7.3
It is seem that your problem and mine are not the same. My problem is after the successful generation of the authorizations through DSOs, the
authorization objects are still inactive.
My problem have been solved applying the SAP Notes 1636563 and 1616753.
I'll try to help you... If an user have 0BI_ALL and custom authorizations, I think that the behavior is that the queries executed through this user shows all data...
I hope I've helped you
hi Emilio, thanks for your answer
My problem is similar to Edo's problem. I could generate the authorization via rssm transaction in the user directly (through DSO's), however when the query is executed with this user, the SU53 transaction sho
ws me an error in s_rs_auth (0bi_all is missing). Then, if i add 0bi_all to the user, I can execute the report (it shows all data). something is missing in order to work the authorization
besides, If i generate the anaysis authorization via rsecadmin through dso'S, it still inactive.