https://community.sap.com/t5/application-development-and-automation-discussions/problem-rsecadmin-bi-7-0/m-p/6568938#M1432549 <HTML><HEAD></HEAD><BODY><P>Hi,</P><P></P><P>Yes all the infoobjects that we use in the object at RSECADMIN have the flag of authorization relevant, and in the role we have the object S_RS_COMP &amp; S_RS_COMP1 are limited just by one query if we run the user in rrmx or rsrt1 it works fine but if we run the test in RSECADMIN we have permission to run all the queries.</P><P></P><P>Thanks a lot </P><P></P><P>Regards</P></BODY></HTML> Wed, 17 Feb 2010 16:06:46 GMT Former Member 2010-02-17T16:06:46Z https://community.sap.com/t5/application-development-and-automation-discussions/problem-rsecadmin-bi-7-0/m-p/6568935#M1432546 <HTML><HEAD></HEAD><BODY><P>Hi all,</P><P></P><P>I created one role in PFCG and it works fine, then I made an object authorization in RSECADMIN with the next characteristics:</P><P></P><P>0TCAACTVT</P><P>0TCAIPROV</P><P>0TCAKYFNM</P><P>0TCAVALID</P><P>0MATERIAL EQ 764286</P><P></P><P>So the user only must be access to material 764286, </P><P></P><P>but when we test the user in RSECADMIN we can run all the queries and all the materials, when we must not have access to all queries neither all materials, we tried to generate the error logs but appears empty.</P><P></P><P>If I run the user in RRMX we only see the queries that has access this user, but we can see all the materials when that's incorrect because we limited in the RSECADMIN.</P><P></P><P>It's like a strange behaviour of the transaction RSECADMIN, </P><P></P><P>Does anybody know if the basis needs to turn on some component to fix this problem or to fix the transaction or what we need to do?</P><P></P><P>Thanks a lot.</P><P></P><P>Regards</P></BODY></HTML> Tue, 16 Feb 2010 23:08:25 GMT https://community.sap.com/t5/application-development-and-automation-discussions/problem-rsecadmin-bi-7-0/m-p/6568935#M1432546 Former Member 2010-02-16T23:08:25Z https://community.sap.com/t5/application-development-and-automation-discussions/problem-rsecadmin-bi-7-0/m-p/6568936#M1432547 <HTML><HEAD></HEAD><BODY><P>To start with are those infoobjects set as auth relevant?</P></BODY></HTML> Tue, 16 Feb 2010 23:45:19 GMT https://community.sap.com/t5/application-development-and-automation-discussions/problem-rsecadmin-bi-7-0/m-p/6568936#M1432547 Former Member 2010-02-16T23:45:19Z https://community.sap.com/t5/application-development-and-automation-discussions/problem-rsecadmin-bi-7-0/m-p/6568937#M1432548 <HTML><HEAD></HEAD><BODY><P>Hi,</P><P></P><P>&gt;&gt;we can run all the queries</P><P></P><P>you can restrict the queries using S_RS_COMP &amp; S_RS_COMP1 auth objects in your PFCG role.</P><P></P><P>&gt;&gt;all materials</P><P></P><P>Cross check in RSD1, whether 0MATERIAL is auth. relevant char. or not.</P></BODY></HTML> Wed, 17 Feb 2010 05:08:18 GMT https://community.sap.com/t5/application-development-and-automation-discussions/problem-rsecadmin-bi-7-0/m-p/6568937#M1432548 Former Member 2010-02-17T05:08:18Z https://community.sap.com/t5/application-development-and-automation-discussions/problem-rsecadmin-bi-7-0/m-p/6568938#M1432549 <HTML><HEAD></HEAD><BODY><P>Hi,</P><P></P><P>Yes all the infoobjects that we use in the object at RSECADMIN have the flag of authorization relevant, and in the role we have the object S_RS_COMP &amp; S_RS_COMP1 are limited just by one query if we run the user in rrmx or rsrt1 it works fine but if we run the test in RSECADMIN we have permission to run all the queries.</P><P></P><P>Thanks a lot </P><P></P><P>Regards</P></BODY></HTML> Wed, 17 Feb 2010 16:06:46 GMT https://community.sap.com/t5/application-development-and-automation-discussions/problem-rsecadmin-bi-7-0/m-p/6568938#M1432549 Former Member 2010-02-17T16:06:46Z https://community.sap.com/t5/application-development-and-automation-discussions/problem-rsecadmin-bi-7-0/m-p/6568939#M1432550 <HTML><HEAD></HEAD><BODY><P>If 0material is not on the selection screen nor available in rows or columns there will be no check on restricting the figures. So put 0material somewhere in the query and use a variable of type authorisation and the query will be restricted.</P></BODY></HTML> Thu, 18 Feb 2010 07:56:39 GMT https://community.sap.com/t5/application-development-and-automation-discussions/problem-rsecadmin-bi-7-0/m-p/6568939#M1432550 dannysprangers2 2010-02-18T07:56:39Z