on 2017 Feb 22 1:03 PM
Hi,
I have 2 questions on security on BPC Embedded. We're running BW7.5 SP06.
I have created a user without any access and have added BPC security authorizations objects - and most of it is working out-of-the-box, but there's 2 areas where I struggle:
1)
How do I assign access to system reports?
- My SAP_ALL user has access to the area, but I cannot figure out how to assign this to my new test user. Can anyone guide me to the correct authorization object?
2)
Journals (and controls) - how do I ensure the user has access to an authorization relevant characteristic (in this case Entity/Company code)?
- I have assign RSBPC_JNL and RSBPC_CTR to the user with full authorization on both authorization objects.
- The user is assign full access to Entity through a data access profile, but in Journals and Controls this is not applied and the user is missing access. Is there an authorization object I'm missing?
Thanks in advance,
Lars
Request clarification before answering.
Hi Lars,
have you maintained any analysis authorizations on the backend?
The effective authorizations of a user in BPC context are calculated as (union of analysis authorizations of the user and environment authorizations) intersected with the DAP maintained for the model.
There is some explanation of the concept in this blog post:
https://blogs.sap.com/2016/07/18/bpc-101-embedded-how-daps-determine-authorizations-for-hcprs/
To maintain environment authorizations, go to transaction RSECENVI, for analysis authorizations, use RSECADMIN.
Best regards,
Marc
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
3 | |
2 | |
2 | |
1 | |
1 | |
1 | |
1 | |
1 | |
1 | |
1 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.