https://community.sap.com/t5/application-development-and-automation-discussions/regarding-analysis-authorization/m-p/9052779#M1702060 <HTML><HEAD></HEAD><BODY><P>Thanks Amit, for the confirmation.</P><P></P><P>My understanding was, hierarchy node variables get values only from hierarchy auths.</P></BODY></HTML> Tue, 23 Oct 2012 09:21:04 GMT gaddam_vinaykumar 2012-10-23T09:21:04Z https://community.sap.com/t5/application-development-and-automation-discussions/regarding-analysis-authorization/m-p/9052774#M1702055 <HTML><HEAD></HEAD><BODY><P>Hello,</P><P></P><P>Currently we( Security team ) are trying to handle an authorization issue in our project, where the users having access to the role( in question ) are able to access all the org units through a BI query.</P><P></P><P>Ideally they should be able to access only their org unit...... I'm not referring to the summarized data here.</P><P></P><P>I checked the role; it contains,</P><P></P><P>S_rsec with * for each &amp; every field, and</P><P></P><P>S_rs_auth with the analysis authorization having 0orgunit with I CP *.</P><P></P><P>I checked the query too, the variable Org Unit is of Hierarchy Node type &amp; has Processing By=Manual Input.</P><P></P><P>Now can you please tell me, is this analysis authorization( in S_rs_auth ) causing the issue?</P><P></P><P>Thank you.</P></BODY></HTML> Thu, 18 Oct 2012 08:42:48 GMT https://community.sap.com/t5/application-development-and-automation-discussions/regarding-analysis-authorization/m-p/9052774#M1702055 gaddam_vinaykumar 2012-10-18T08:42:48Z https://community.sap.com/t5/application-development-and-automation-discussions/regarding-analysis-authorization/m-p/9052775#M1702056 <HTML><HEAD></HEAD><BODY><P>Yes , remove * for characteristic 0ORGUNIT and maintain only those ourg units for which you want to give access to users via this AA.</P><P></P><P>Thanks</P><P>Amit</P></BODY></HTML> Thu, 18 Oct 2012 09:28:54 GMT https://community.sap.com/t5/application-development-and-automation-discussions/regarding-analysis-authorization/m-p/9052775#M1702056 Former Member 2012-10-18T09:28:54Z https://community.sap.com/t5/application-development-and-automation-discussions/regarding-analysis-authorization/m-p/9052776#M1702057 <HTML><HEAD></HEAD><BODY><P>Thanks for your reply Amit.</P><P></P><P>So can I say; AA containing <SPAN style="text-decoration: underline;">value auth</SPAN>( I CP * ) can affect a variable, which is of <SPAN style="text-decoration: underline;">Hierarchy Node type</SPAN>?</P></BODY></HTML> Thu, 18 Oct 2012 11:10:37 GMT https://community.sap.com/t5/application-development-and-automation-discussions/regarding-analysis-authorization/m-p/9052776#M1702057 gaddam_vinaykumar 2012-10-18T11:10:37Z https://community.sap.com/t5/application-development-and-automation-discussions/regarding-analysis-authorization/m-p/9052777#M1702058 <HTML><HEAD></HEAD><BODY><P>Hi Gaddam,</P><P></P><P>&nbsp; Does this solution provided by Amit worked for you?</P><P></P><P>This is possible by restricting query also .</P><P></P><P>In query designer , restrict Org unit&nbsp; for the Query XYZ you are looking for.</P><P></P><P>Thanks,</P><P>Varun Jain</P></BODY></HTML> Thu, 18 Oct 2012 20:39:09 GMT https://community.sap.com/t5/application-development-and-automation-discussions/regarding-analysis-authorization/m-p/9052777#M1702058 Former Member 2012-10-18T20:39:09Z https://community.sap.com/t5/application-development-and-automation-discussions/regarding-analysis-authorization/m-p/9052778#M1702059 <HTML><HEAD></HEAD><BODY><P>Yes, * will provide access to hierarchy nodes as well...</P></BODY></HTML> Fri, 19 Oct 2012 05:08:59 GMT https://community.sap.com/t5/application-development-and-automation-discussions/regarding-analysis-authorization/m-p/9052778#M1702059 Former Member 2012-10-19T05:08:59Z https://community.sap.com/t5/application-development-and-automation-discussions/regarding-analysis-authorization/m-p/9052779#M1702060 <HTML><HEAD></HEAD><BODY><P>Thanks Amit, for the confirmation.</P><P></P><P>My understanding was, hierarchy node variables get values only from hierarchy auths.</P></BODY></HTML> Tue, 23 Oct 2012 09:21:04 GMT https://community.sap.com/t5/application-development-and-automation-discussions/regarding-analysis-authorization/m-p/9052779#M1702060 gaddam_vinaykumar 2012-10-23T09:21:04Z https://community.sap.com/t5/application-development-and-automation-discussions/regarding-analysis-authorization/m-p/9052780#M1702061 <HTML><HEAD></HEAD><BODY><P>Vinay,</P><P></P><P>Just adding one important point here, S_RSEC should not be assigned to reporting users. Reporting Users can get sufficient access from COMP, COMP1 &amp; S_RS_AUTH objects.</P><P></P><P>Regards,</P><P>Shivraj</P></BODY></HTML> Wed, 24 Oct 2012 21:13:01 GMT https://community.sap.com/t5/application-development-and-automation-discussions/regarding-analysis-authorization/m-p/9052780#M1702061 shivraj_singh2 2012-10-24T21:13:01Z https://community.sap.com/t5/application-development-and-automation-discussions/regarding-analysis-authorization/m-p/9052781#M1702062 <HTML><HEAD></HEAD><BODY><P>Right, we are addressing that too.</P><P></P><P>Thanks for your reply Shivraj.</P></BODY></HTML> Fri, 26 Oct 2012 16:18:21 GMT https://community.sap.com/t5/application-development-and-automation-discussions/regarding-analysis-authorization/m-p/9052781#M1702062 gaddam_vinaykumar 2012-10-26T16:18:21Z