Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Showing results for 
Search instead for 
Did you mean: 

Analysis authorisation tables

Former Member
0 Kudos
4,172

Hi, is there any table I can use to determine the content of analysis authorisations assigned to users rather than look individually in each user via RSECADMIN? Thanks, Mark.

1 ACCEPTED SOLUTION

Former Member
0 Kudos
809

yes, may be create query.

go to AGR_USERS, copy all roles assigned to user and paste these in AGR_1251

You got the desired list

however this will be one user at a time

may be i am wrong...... this is related to BI........ please post this query in security forum.........

Edited by: Surpreet Singh Bal on Oct 27, 2010 3:03 PM

5 REPLIES 5

Former Member
0 Kudos
810

yes, may be create query.

go to AGR_USERS, copy all roles assigned to user and paste these in AGR_1251

You got the desired list

however this will be one user at a time

may be i am wrong...... this is related to BI........ please post this query in security forum.........

Edited by: Surpreet Singh Bal on Oct 27, 2010 3:03 PM

Former Member
0 Kudos
809

Hi Mark,

I hope you have posted the question in multiple areas. Please post all the BI related questions in BI forums. However, you can refer all the RSEC* tables. Below are the tables that stores analysis authorizations information:

RSECHIE - Status of hierarchy authorizations

RSECTXT - Authorization text

RSECVAL - Authorization Value Status

RSECBIAU - Changes to Authorization (Last Changed By]

RSECUSERAUTH - BI Analysis authorization u2013 assignment to users

Change log tables:

RSECUSERAUTH_CL - Assignment of users

RSECHIE_CL - Change log of hierarchy authorizations

RSECTXT_CL - Authorization texts

RSECVAL_CL - Authorization Value Status

Hope this helps!!

Rgds,

Raghu

Former Member
0 Kudos
809

Hi Mark

Since you are posting in the GRC Forum I'm guessing you want to verify the data produced at permission level for user level reports?

Those reports will give the roles which are creating the SoD issues at user level so that you can concentrate on only those and ignore the rest assigned to the users. Opening AGR_1251 and also AGR_1252 reports for multiple users will probably give you plenty to read but little in value.

If you've run the user level report at action level in RAR then you won't be getting the offending roles.

Please could you confirm the spec/scope of the report you need out of SAP?

Cheers

David

0 Kudos
809

Hi David, the report I have been asked to produce is to show analysis authorisations and the characteristic values per user for our HR application. We load hierarchy and value data into the DSO and generate authorisations via RSECADMIN to further restrict the access provided by the roles assigned. we have approx 1000 users that we need to report on for audit purposes.

Thanks,

Mark.

0 Kudos
809

Hello Forum, I have got a similar question. Is it possible to read BW Analysis Authorization tables to read a list of Company Codes a User is authorized to see. If so, can someone please advise the list of tables that is required to be looked into.

Thanks