cancel
Showing results for 
Search instead for 
Did you mean: 

Authorisations in BW for different Queries and one InfoObject

Former Member
0 Kudos

Hi,

we have a problem regarding Authorisations in BW.

Some of our users have different rights on different queries e.g. for the Info-Object 0PLANT. For the query ABC he should see data to more plants than for the query XYZ.

Our idea was to build an Authorisation-Object containing 0PLANT, TCTQUERY, TCTIFAREA and TCT ICUBE and to set the authorization for 0PLANT regarding the detailled name of the query (TCTQUERY). But this doesn't work because when starting the query SAP doesn't check the name of the Query. And so the user can always see the sum of plants set in both authorisations.

Maybe someone of you has useful hints.

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
0 Kudos

Hi Andreas,

In your case you need to use hierarchical authorizaton object to provide data restriction on the queries. Thus everyone can have the same query and they view what ever they are supposed to. Please find the how to document called: "How To…Work With Hierarchy Authorizations" You will find detalied information and businees scenario about the topic. Please let me know if I can assist you further

Regards

Answers (2)

Answers (2)

Former Member
0 Kudos

Hi Serkan, Hi Arun,

thanks for your replies. I think both of your answers are possible but to act like this we have too many scenarios and roles.

We decided that we have to live with this problem and implemented single roles for the reporting-authorization objects. In this way it's anyhow easier have the overview about the authorisations every single user has.

To act in your way maintaining of 1500 roles is to complex.

former_member184494
Active Contributor
0 Kudos

Andreas,

Welcome to SDN ...

What you could try is to create roles for the various combinations , attach the roles to the queries and then assign the same to the user. That might do the trick , but then do not do this if you have too many roles to create , makes maintaining the authorization schema a big pain...

Arun

Assign points if useful