-
Products and Technology
By Category
-
Groups
Activity Groups
Industry Groups
Influence and Feedback Groups
Interest Groups
Location Groups
Customer Only Groups
- Developers
- Partners
- Events
- Help Center
- Topic Pages
-
Explore SAP
Products
Learning and Support
-
- Products and Technology
- Groups
- Developers
- Partners
- Events
- Help Center
- Topic Pages
-
Explore SAP
- Explore SAP
-
Products
- Products
- SAP Business Suite
- Artificial Intelligence
- Business applications
- Data and analytics
- Technology Platform
- Financial Management
- Spend Management
- Supply Chain Management
- Human Capital Management
- Customer Experience
- SAP Business Network
- View products A-Z
- View industries
- Try SAP
- Partners
- Services
- Learning and Support
- About
- SAP Community
- Groups
- Interest Groups
- Application Development and Automation
- Discussions
- Re: Analysis Authorization
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Analysis Authorization
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎2008 Feb 15 9:05 PM
- SAP Managed Tags
- Security
We have a need to restrict the majority of our users from seeing transactions of few business accounts. The restricted accounts can be based on a specific gl account, fund range, or they can be a combination of a fund and cost center (or fund and fund center). Until we become more familiar with this process, we are only concerned with 0FUND and it's restricted ranges, so below my question is just about 0FUND..
We need to explore and understand what abilities analysis authorizations give us. I have done a lot of reading, but so far all of the pieces are not falling into place. I am on the BW team and working with the security team to get this accomplished. At this time whereever 0FUND is located in an existing authorization, it has a "*" to indicate the user gets all values. We have already gone live; will every authorization currently in use with 0FUND have to be changed? Is there a detailed How-To located somewhere?
thank you in advance for your help.
LLK
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎2008 Feb 16 6:02 AM
- SAP Managed Tags
- Security
Hi,
The Clue I get from your question is ;
1. Its a BI module ....??
2. You want to restrict the view
-
Did you try the TCD RSECADMIN?
Thx
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎2008 Feb 20 4:58 PM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎2008 Feb 16 6:09 AM
- SAP Managed Tags
- Security
Hi,
I am assuming that the analysis authorizations have been directly assigned to the users via RSU01 and not through roles.
Use table RSECVAL to find out all the analysis authorizations with * in 0FUND.
Then identify all the users who have been assigned any of the above authorizations via table: RSECUSERAUTH
Thereafter you can create the user-authorization matrix as per you new requirement and proceed with the changes ensuring that all the users who had full authorization for 0FUND earlier would fall under atleast one of the new RANGES for 0FUND.
Changes will depend on your current authorization structure.
In case the analysis authorizations have been assigned thru roles (via S_RS_AUTH) then use SUIM to find out all the users who have access to these analysis autho.
Regards
Sachin
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎2008 Feb 20 5:03 PM
- SAP Managed Tags
- Security
Our authorizations are added to a role and that role is assigned to a user. When you say use SUM, exactly what do you mean? Is there a function or do you just want me to look at total of all the 0FUND authorizations.
thanks,
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎2008 Feb 21 6:17 AM
- SAP Managed Tags
- Security
Hi Linda,
SUIM - User Information System is a TRANSACTION CODE. (Its not SUM)
Execute SUIM and follow the path mentioned below:
SUIM -> User -> Users by complex selection criteria -> Users by complex selection criteria. In the Authorization object field mention S_RS_AUTH and in the field mention the name of the analysis authorization which you want to search for.
The output would be users who have access to the analysis authorization that you gave in the search criteria.
Since in your case there would be a lot of analysis authorizations with * in 0FUND, it would be better to identify the roles first and then the users assigned to these roles.
You can identify the roles by browsing the table SE16. Just give the object name and all the analysis authorizations in the multiple selection on appropriate fields. Then use SUIM to identify the users who have access to these roles.
SUIM -> User -> Users by complex selection criteria -> By Roles.
You can also display the roles in this report by pressing the Roles button at the top. Apply filter to restrict the roles to your identified roles.
Thats it !
Regards
Sachin
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎2008 Feb 25 10:28 PM
- SAP Managed Tags
- Security
Thank you. I explored SUIM and I think I see why my authorization is not working. The test user has 0BI_ALL too, so I need to get that removed. I will ask the security team to make the change.
thank you very much,
Linda
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎2009 Jan 09 9:05 PM
Bluesky