cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

How to give access to 2 projects & 2 different user groups ?

Go to solution
Former Member

on ‎02-07-2013 4:48 PM

0 Kudos

I have created 2 projects in BODI

But how do I give access to 2 different group of users, where one can only have access to his project.

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

DayaJha
Active Contributor
‎02-08-2013 3:10 PM
0 Kudos

Hi,

BODI_LOCAL_REPO & BO_APPDEV_REPO.

Here i taken BODI_LOCAL_REPO as a Development Repository in my Image & BO_APPDEV_REPO as a Local repository in My Image.

So please go through the steps:

Step I: Go to User & Group Tab and create two User

Developer1 (Act as Administraor)

Developer2 (Act as Designer)

Step II: Now Add user Developer1 to Data Services Administrator Users Group

In that case Developer1 act as a administrator having Full Control on BODI_LOCAL_REPO (Development  repository)

Step III: Add user Developer2 to Data Services Designer Users Group

In that case Developer2 act as a Designer having View rights on BO_APPDEV_REPO (Local repository)

Add user Developer1 to Data Services Designer Users Group (Rights:View)

In that case Developer1 act as a administrator having View rights on BO_APPDEV_REPO (Local repository)

Step IV: Now go to Data Services and apply Rights & Security on Repository Level

  • First Apply Top Level Security in Which we need to implement as per your requirement

Then Apply Repository level Security First Apply on Development_Repo (BODI_LOCAL_REPO)

Then Apply Rights & Security on Local Repo (BO_APPDEV_REPO)

Step V: Now login With Developer 1 (Act as a Administrator) now you can view two repository

BODI_LOCAL_REPO ( BODI_LOCAL_REPO as a Development Repository in my Image)

BO_APPDEV_REPO ( BO_APPDEV_REPO as a Local repository in My Image.)

Now you can have the Full Control Rights on Local_Repo (Repository)

Simalrly the same activity with Developer2 (Act as Designer) now you can view only one repository

BO_APPDEV_REPO (Contains Only View)

Now you can have the View Rights on Local_Repo (Repository)

I hope you will understand better from the above steps.

Thanks,

Daya

Show replies
Show replies
Former Member
‎02-08-2013 3:59 PM
0 Kudos

Hello

First of Thanks a lot for such a detailed response !

One question can both the Developer1 & Developer2 view & open Projects: MU, SetUp & DataQualityMgmt from your screenshot.

Can I make it where Developer1 only can see MU & Developer2 only can see SetUp after they log in ?

Thank you.

Answers (2)

Answers (2)

DayaJha
Active Contributor
‎02-08-2013 4:35 PM
0 Kudos

Hi,

No you cannot apply the Rights on Jobs Level, Only you can apply on Repository Level.

You have to keep the jobs separate as per your requirement.

But you can apply the Rights & Security on Repository Level Only. Not Possible to apply at Jobs Level.

So if your Query is completed then please close the thread and marked it as a correct answer.

Thanks,

Daya

Show replies
Show replies
Former Member
‎02-08-2013 4:58 PM
0 Kudos

Thanks for the reply but I am talking about Projects & not Jobs

So there is no way I can have 2 separate Projects for each different Repository.

Repo1-Project1-Designer1-Admin

Repo2-Project2-Designer2-User (User should only be able to see Project2 & should not see Project1)

Can I achieve this ?

Thank you

DayaJha
Active Contributor
‎02-08-2013 5:06 PM
0 Kudos

Hi,

No you cannot apply the Rights and Security at  Project Level, Only you can apply on Repository Level(Local,Central.Profile Repository).

If you want to apply restriction at Project Level is not Possible in SAP Business Objects Data Services.

For Your Query You need to Create Two Users One For Designer & One For Administrator as i mentioned in the above reply.

So if your Query is completed then please close the thread and marked it as a correct answer.

Thanks,

Daya

Former Member
‎02-07-2013 4:57 PM
0 Kudos

Hi,

You need to create 2 local repositories and assign each group of developers to a specific repository in the CMC.

If you are using older versions, the same thing applied but without the involvement of the CMC, just enough with the different repository db credentials when you login to designer.

Regards

Nawfal

Show replies
Show replies
Former Member
‎02-07-2013 5:30 PM
0 Kudos

I am using 4.0.

I did create 2 repositories & assigned Group1 with Repo1 & Group2 to Repo2

After logging in, Group1 can only see Repo1 which is good, but he can still open Projects from Repo2.

How do I restrict that ?

Thank you

Former Member
‎02-07-2013 6:16 PM
0 Kudos

Hi,

It can't be a user logged in to one repository cannot see projects of other repositories.

You need to check the security in the CMC:

Select the repository to which you want to add a user or group.

Click Manage > Security > User Security.

The "User Security" dialog box appears and displays the access control list for the repository.

Here you can add/remove user/group  or assign NO Access (remove access) to the  user/group.

Regards

Nawfal

Former Member
‎02-07-2013 11:14 PM
0 Kudos

Hi

I have 2 Repos:

BODI_LOCAL_REPO & BO_APPDEV_REPO.

The project created under BODI_LOCAL should only be viewed by Admins thats how I tried to setup as below:

The 2nd Repo BO_APPDEV can be viewed by Admins & Users under Designer:

Now the Users under Designer users should only be able to access BO_APPDEV Repo, now this is happening when I log in with their id.

The problem is that the users under the Designer can still open DEV project, they should only be able to See APP_DEV project, how do I achieve that.

Thank you.

Former Member
‎02-08-2013 2:31 PM
0 Kudos

Hi,

That should work, since you have APP_DEV designer group set with  No Access  on BODI_LOCAL_REPO.

I tested you scenario again on DS4.0 SP3 Patch and didn't see any problem of this kind.

You could also test by trying the explicit deny on the designer group for  _LOCAL_REPO in the assign security> advanced  as this will win over all other rights (test only)

One more thing, can you create a new user and add it directly as a principle  and set it  to no access on the BODI_LOCAL_REPO and test again.

It could be that APP_DEV user is also member of other groups with additional rights. Check this by selecting the user in users & groups, right click, member of.

thanks

Nawfal

Ask a Question