cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

How to prevent a portal user from using the BEx Analyzer ?

Go to solution
Former Member

on ‎07-23-2008 11:08 AM

0 Kudos

Hi,

we have different type of users : most users may use the portal as well

as the analyzer ;

we have one special user with extended authorizations : this user

should use the portal , where he has a limited set of queries to run

with hardcoded filters ==> this user should not be able to use the

analyzer however, since he then would be able to call all other queries

by using the find function ;

how can we make sure this user cannot use the analyzer , using SAP

authorizations ?

best regards,

Erwin Van Giel.

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
‎07-23-2008 12:42 PM
0 Kudos

Hi,

if I remove the complete S_RFC authorization for the user then the BEx Analyzer cannot connect anymore to the BW system, but neither can the user run reports from the portal : it needs the S_RFC with 'SYST'.

If I only remove the RRMX from the S_TCODE and from the S_RFC, it does not prevent the user from starting the BEx Analyzer and connecting to the BW system. It only stops the user if he would start the RRMX transaction from within an SAPGUI session.

Perhaps there should be a value in the S_RFC that allows connections from the portal but not from the BEx Analyzer .... ?

so not solved yet ....

best regards,

Erwin.

Show replies
Show replies
Former Member
‎07-23-2008 3:33 PM
0 Kudos

hmm..

Then there is another way I can propose.

You said you do not want the user to open all the reports except a few.

Well you can include only those queries in S_RS_COMP authorization.

As per your requirement you can either restrict him to certain queries or Infocube or Infoarea, whichever is easier.

Then if he open Bex Analyzer also, it should not be a problem to you.

Hope it helps.

And let us know which solution you applied

Thanks

PPMM

Answers (3)

Answers (3)

Former Member
‎07-24-2008 10:34 AM
0 Kudos

Hi,

The solution with the S_RS_COMP seems to work fine. I have removed the full authorization, and explicitly added the (few) queries that the user needs to execute in this authorization object.

The user can now execute these queries, and only these, from the portal and from the analyzer.

Thanks for your help !

best regards,

Erwin.

Show replies
Show replies
Former Member
‎07-23-2008 11:37 AM
0 Kudos

Hi,

Yes the answer is authorizations.

If you do not want him to be able to open analyzer, then do not give the user access to authorization object S_RFC and S_TCODE (remove RRMX from S_TCODE authorization object).

This should help I guess.

Just be informed that if you do not give this user access to S_RFC and S_TCODE, he will not be able to open Bex Browser as well along with Bex Analyzer. And anyways Bex browser is not used in BI 7.0

Let us know if this works.

Thanks

PPMM

Show replies
Show replies
Former Member
‎07-23-2008 11:24 AM
0 Kudos

Hi

Create a Role

Assign the user to that role.

and in the authorization assign the report which he needs to use and use the permission to read and execute the report and deny to write or change the report.

Now in web template add the web item menu role and insert the role assigned to the user.

When ever user executes the link it will show only the role assigned to him and the report that is assigned to that role.

Regards

M.A

Show replies
Show replies
Ask a Question