on 03-20-2009 1:53 PM
Hi
I work at BW 7 (nw2004s)
I create rola ZDEMO to display query.
Rola contain s_rs_auth = 0BI_ALL
I add this role to user Ztest.
When I run query as ZTEST i have :
You do not have authorization for Display
You do not have authorization for Execute
You do not have the authorization for component TEST_0SD_C03
Incorrect call of OLAP layer CL_RSR_OLAP; error in BW-BEX-ET
No authorization.
Query run correct when i add to the role
s_rs_comp
s_rs_comp1.
It is correct ??
P.
Hi,
you still need s_rs_comp beside your analysis authorizations. They still get checked when running the query.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Thx
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Dear Piotr,
Iu2019m going try to helping you regarding your question,
As Svenson78 and Githen said you need to include in your reporting role o join a new one to user test, with the following authorization object:
S_RS_COMP (Useful to management access query object)
ACTVT: 03, 16 (Value to Display and Execute)
RSINFOAREA: (Values of specifics InfoAreas)
RSINFOCUBE: (Values of specifics InfoProviders)
RSZCOMPID: (Values of specifics Queries)
RSZCOMPTP: (Values of specifics Query Items)
S_RS_COMP1
ACTVT: 03, 16
RSZCOMPID: (Values of specifics Queries)
RSZCOMPTP: (Values of specifics Query Items)
RSZOWNER: (Values of specifics Queries Owner)
S_RS_AUTH (Useful to join Analysis Authorization)
BIAUTH: (Values of specifics Analysis Authorization)
S_RFC (Important to connect BI with BEx Analyzer)
ACTVT: 16
RFC_NAME: *
RFC_TYPE: *
S_TCODE (Useful to execute Tcode)
TCD: RRMX (Tcode for execute from BI system BEx analyzer)
Why it is important authorization object? Because allow access the main object in BI system. The other hand, the analysis authorization allows access the value by each characteristic and navigational attribute relevant authorization.
When you design an authorization system,
You should considerer two level of authorization,
First level is objects access u2013 you can maintenance through authorization object u2013 Tcode PFCG
Second level is values access u2013 you can maintenance through analysis authorization u2013 Tcode RSECAUTH.
For do son test, and verify whether or not your authorization system work well u2013 you should use the following Tcode RSUDO and RSECPROT
I hope this suggestion can help you to resolve your question,
Luis
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
For query level authorisation s_rs_comp and s_rs_comp1 are necessary objects.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
87 | |
10 | |
10 | |
10 | |
7 | |
6 | |
6 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.