on 01-28-2014 12:08 PM
Hello experts,
Is it possible to use a universe without giving the user 0BI_ALL authorization? We want the same user to connect via BICS and universe and if we use 0BI_ALL for universe connections, the analysis authorizations for BICS doesn't work.
Any idea on how to have row security levels on both connections at same time?
We are using BW 7.0 and BO 4.0 SP5.
Many thanks in advance.
Hello David,
0BI_ALL is related to BI authorizations in BW and is related to data level based security.
So unless you configured BI Authorization in BW for data level security you won't need it, but in case you have objects with data level security then you will either have to assign 0BI_All for users that can see everything or other objects for limiting the access - regardless of how you access the data.
regards
Ingo Hilgefort, SAP
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello Ingo,
That's the issue. We want to keep row level security from both, Bex Queries and universes. And tracing from st01 the authorities when you access to BW from a universe it requests 0BI_ALL.
tcode
BIAUTH 0BI_ALL
type RF
name RSDRI_INFOPROV_READ_DF
If we give the user 0BI_ALL for universe access(managed with profiles), the user will have access to all data through BICS.
Any idea whether it's possible or not to have both authorizations working at same time?
Hello David,
using BI Authorizations in BW and then adding data level security in the Universe on top of that will only lead to situations like you have now.
Data Level security goes into BW alone or into the Universe alone, mixing both will lead to issues and remember that the Universe has far less capabilities in this area.
0BI_ALL is only related to data level security, so the fact that you see the request for 0BI_ALL in the trace clearly shows that your defined data level security entries contradict each other somehow and that BW then requires 0BI_ALL for the user to give the data that was requested.
like I said above, not a good idea to mix those data level security concepts. all data level security should be in BW already.
Also - why even use the Universe inbetween ?
regards
Ingo Hilgefort, SAP
Hello Ingo,
We don't want the user to use a universe in between. We want the user be able to use BO Explorer with universes and Webis or Crystals with BICS connections. So we need to use row level security on both.
I think we have found the answer in this post. At least something to try....
http://wiki.scn.sap.com/wiki/display/BOBJ/BW+With+RFC+JCO+Connections+In+Information+Design+Tool
We have to set up the RFC in the JCO connector and try it not to use 0BI_ALL.
Many thanks,
David
Hi,
Please check the following link:
Authorization in SAP NW BI - SAP NetWeaver Business Warehouse - SCN Wiki
Thanks and regards,
Wafa.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
91 | |
10 | |
10 | |
9 | |
9 | |
7 | |
6 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.