on 2007 May 09 10:12 AM
Hello all,
did someone manage to edit/delete generated (from DSO) analysis authorizations? When I want to correct a typo in one of the generated analysis authorizations it is not possible although the system is telling that it should be possible to do so. I did not find any note or thread yet.
Message number RSEC292:
Diagnosis text
A generated authorization can be changed (this message is only a warning ), but one should be sure that this authorization is not generated again. Then it will be removed from the user, created again (perhaps with different content), and if there no fixed name was generated, it is renamed.
....
Thanks in advance for your inputs
no comments
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Lana,
this is how the general behavior of SAP systems, regardless whether it is a BI, ERP, or any SAP GUI based system, should be.
A warning can be ignored by pressing the enter button, it is only a warning, not an error. Somehow the behavior seems to be different for Petra, which I cannot explain.
Cheers
SAP NetWeaver BI Organisation
hello,
Perhaps this will give some answers(SAP information). Changing is not an item in this help information.
kind regards Jan
Deletion of Authorizations and Regeneration
For users for which data exists in the DataStore object that has to be regenerated, first the existing, generated authorizations are deleted. Afterwards, authorizations are generated using the data in the DataStore objects in the usual way.
If a data record with the user name 'D_E_L_E_T_E' is loaded into the DataStore object 0TCA_DS01, first the generated authorizations for all users in the BI system for the DataStore object record are deleted (separated by the first part of the name before the digits) and then generated for the rest of the data.
Log for Generation
A detailed log is created during generation that documents the generation steps and that is displayed automatically. Old logs can be viewed from the transaction RSECADMIN under the Analysis tab page ® Generation Logs or at the start of the report RSEC_GENERATE_AUTHORIZATIONS by clicking on the log symbol.
Hi Petra,
in our system you can change the value of the authorisation after the warning message (RSEC 292). Please try to investigate further what the issue might be. Have you checked SU53 whether your general authorizations are sufficient.
In the worst case, you have to open a customer message.
Cheers
SAP NetWeaver BI Organisation
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello Andreas,
that's what I did. Because I am in charge of security tasks/issues, the first thing I did was to execute SU53 - and unfortunately as supposed every authorization check was passed successfully.
OK I will follow up on your suggestion and create a customer message.
Thanks a lot for your quick reply!
Petra
Hello Lana,
this is how SAP solved the problem
Bye Petra
Spezifikation
: Message RSEC292: Generierte Analyseberechtigungen können nicShort text:
Message RSEC292: Generierte Analyseberechtigungen können nic Langtext
It is not possible to change from DSOs generated analysis
authorizations although the system is telling that it should be
possible to do so. Authorizations are sufficient (SU53; SAP_ALL)
Message number RSEC292:
Diagnosis text
A generated authorization can be changed (this message is only a
warning ), but one should be sure that this authorization is not
generated again. Then it will be removed from the user, created again
(perhaps with different content), and if there no fixed name was
generated, it is renamed.
Here is the communication path (please read from below):
09.07.2007 - 09:03:36 CET Petra King Info für SAP
Hello Ms. ,
I always was telling about one issue:
Change of generated analysis authorization is not possible.
Since BI 7.0 we are talking about analysis authorizations so the
transaction code used is obvious.
There is no need for furhter information because it is only this single
issue: I guess that it should be an error message and not a warning
message and SAP made a mistake here by using the wron message category.
I was never talking about users and xxxxxx is not an user but an
analysis authorization.
Please consider the call a solved - in the meantime I got
professional support from the SDN platform.
Regards,
Petra King
05.07.2007 - 09:14:22 CET SAP Antwort
Hello Ms King,
I must say that I find this message quite incomprehensible. First you
write that you are irritated because my colleague asked you which
transaction is being used to generate authorizations. This information
is necessary so that the message can be assigned to the appropriate
area. Indeed, the message was incorrectly sent to BC-SEC. Next you
write that you are angry when I give you a consulting note regarding
generation of analysis authorizations. I am mystified as to how such
information from customers should help us in solving a technical or
procedural probem. I have read the message from the beginning and
there is very little technical and procedural information. Moreover, itis not clear what the "error" is here. The message RSEC292 is a warning(as clearly stated in the long text of the message) and this should not
hinder the process. Lastly, in your last info you refer to a specific
user, xxxxxxxx, as an example of a generated authorization. This is
separate issue than the original:
It is not possible to change from DSOs generated analysis
authorizations although the system is telling that it should be
possible to do so. Authorizations are sufficient (SU53; SAP_ALL)
So in response to the original inquiry regarding RSEC292. The answer,
as I have already mentioned and as stated in the text, is that this
is just for information purposes. Please continue with the process.
If you have a separate inquiry regarding the authorizations of
particular users, please open a second message. We request that
customer log one issue per message. Please read note 375196:
Separate message for new problem/subsequent problem
Regards,
Senior Support Consultant
SAP Active Global Support
Netweaver Business Intelligence
03.07.2007 - 15:14:39 CET Petra King Info für SAP
Hello ,
can you please contact the Basis Administrator xxx via phone
(+xxxxx) so he can open the line and provide you with the
user and password for system xxxxx.
Please note that the error occurs on xxxx and you can have a look at the
analysis auth. xxxxxxxx as representive for one of the generated
authorizations.
03.07.2007 - 15:08:43 CET Petra King Info für SAP
Hello ,
I am getting angry because note 1052242 is a documentation and I
executed everything besides the fact that the analysis auths cannot be
changed. Please read the error message from the beginning.
Regards,
Petra King
28.06.2007 - 14:52:09 CET SAP Antwort
Hello Ms King,
Please excuse the delay in the processing of your message.
Please read note 1052242 if you have not already done so. If this note
does not help you to solve the problem, I would like to have a look at
the situation on your system. Please open the R/3 Support connection
provide me with a user and password. This information can be stored
in the log on information of this message.
Regards,
Senior Support Consultant
SAP Active Global Support
Netweaver Business Intelligence
25.06.2007 - 08:48:03 CET Petra King Info für SAP
Hello ,
if this is in the wrong queue, yes please forward it to the appropriate
queue and please let the question be answered asap.
Thanks,
Petra King
21.06.2007 - 07:47:29 CET SAP Info für Kunde
Hello Petra,
it is possible to generate authorizations in PFCG too. As RSECADMIN
belongs to BW-BEX-OT-OLAP-AUT, I forward your message accordingly.
Best regards
Support Consultant
Global Support Center Austria
Netweaver Web Application Server ABAP
20.06.2007 - 09:54:47 CET Petra King Info für SAP
Hello ,
sorry to let you know so late but there was a typo in my email address
xxxxxinstead of xxxxxxxxx
Your question is a little bit irritating. Generation of analysis
authorizations in 7.0 is usually done only with transaction code
RSECADMIN - correct me if there is another possibility. Generation
works fine but the authorizations cannot be edited after then.
Bye,
Petra
23.05.2007 - 11:53:16 CET SAP Antwort
Dear Ms. King,
please let me know which transaction code do you use or in which
transaction do you get this message.
Best Regards
Support Consultant
SAP Active Global Support - Netweaver Web Application Server
User | Count |
---|---|
71 | |
11 | |
10 | |
10 | |
10 | |
8 | |
7 | |
7 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.