https://community.sap.com/t5/application-development-and-automation-discussions/bi-security/m-p/3548733#M853751 <HTML><HEAD></HEAD><BODY><P>then there is no need of s_rs_comp1 for the role rite.?giving full access to the query owner name and restricting only the queries for same the info cube means the same??</P></BODY></HTML> Tue, 25 Mar 2008 16:46:59 GMT Former Member 2008-03-25T16:46:59Z https://community.sap.com/t5/application-development-and-automation-discussions/bi-security/m-p/3548731#M853749 <HTML><HEAD></HEAD><BODY><P>All,</P><P></P><P></P><P> I have assigned two auth.objects namely s_rs_comp and s_rs_comp1 for the reporting role.For s_rs_comp I have restricted in the place for Info cube,query name and Info area but in s_rs_comp1 I have assgined full access to the query owner name which means the user can access queries created by all the users for the restricted info cube and in place of name of ID component I assigned the same query name like in s_rs_comp.Now what type of access will the user get?? </P><P></P><P> According to my understanding whether the user gets access to all the queries created by all the query owner name for that info cube no matter whether you restrict the user with query name in s_rs_comp and s_rs_comp1??</P><P></P><P></P><P></P><P>Pls some body help me out...</P></BODY></HTML> Tue, 25 Mar 2008 15:31:35 GMT https://community.sap.com/t5/application-development-and-automation-discussions/bi-security/m-p/3548731#M853749 Former Member 2008-03-25T15:31:35Z https://community.sap.com/t5/application-development-and-automation-discussions/bi-security/m-p/3548732#M853750 <HTML><HEAD></HEAD><BODY><P>Kevin,</P><P></P><P>Here in this case the S_RS_COMP1 object will give the same access as your S_RS_COMP object. So it is similar to looking at two different sentences that has the same meaning.Hope this answers your question.</P><P></P><P>Naveen</P></BODY></HTML> Tue, 25 Mar 2008 16:00:05 GMT https://community.sap.com/t5/application-development-and-automation-discussions/bi-security/m-p/3548732#M853750 Former Member 2008-03-25T16:00:05Z https://community.sap.com/t5/application-development-and-automation-discussions/bi-security/m-p/3548733#M853751 <HTML><HEAD></HEAD><BODY><P>then there is no need of s_rs_comp1 for the role rite.?giving full access to the query owner name and restricting only the queries for same the info cube means the same??</P></BODY></HTML> Tue, 25 Mar 2008 16:46:59 GMT https://community.sap.com/t5/application-development-and-automation-discussions/bi-security/m-p/3548733#M853751 Former Member 2008-03-25T16:46:59Z https://community.sap.com/t5/application-development-and-automation-discussions/bi-security/m-p/3548734#M853752 <HTML><HEAD></HEAD><BODY><P>You need to include S_RS_COMP1 in your role. You are actually giving access to users to be able to work on Queries created by others.even if he has to manipulate his/her own query they should have S_RS_COMP1. Ownership of a reporting component gets checked when you try access one.</P><P></P><P>S_RS_COMP and S_RS_COMP1 are checked in conjunction for all reporting components except QVW. so You need to include it in your role.</P><P></P><P>Edited by: Keerti Vemulapalli on Mar 25, 2008 2:28 PM</P></BODY></HTML> Tue, 25 Mar 2008 18:25:56 GMT https://community.sap.com/t5/application-development-and-automation-discussions/bi-security/m-p/3548734#M853752 Former Member 2008-03-25T18:25:56Z https://community.sap.com/t5/application-development-and-automation-discussions/bi-security/m-p/3548735#M853753 <HTML><HEAD></HEAD><BODY><P>I agree with keerti. S_rs_comp1 &amp; s_rs_comp are evaluated together.</P><P>User must have access to both of these objects.</P><P></P><P>Also, in BI when you create a authorization using RSECADMIN, you have to include</P><P>the authorization in S_RS_AUTH object in a role. This is little different from BW 3.5</P><P>where you create a RSR custom auth object and include it directly in your role.</P></BODY></HTML> Tue, 25 Mar 2008 18:46:56 GMT https://community.sap.com/t5/application-development-and-automation-discussions/bi-security/m-p/3548735#M853753 Former Member 2008-03-25T18:46:56Z