cancel
Showing results for 
Search instead for 
Did you mean: 

Authorization check failed because of 2004's auth objects

Former Member
0 Kudos

Hello Everyone,

We currently are doing an upgrade plan onto NW 2004s and have encountered a situation where I have selected the option of using the Obsolete concept of authorization for right now.

But, even after doing so I am not able to do some basic tasks such as operating InfoSpokes, opening datasources and so on. All these issues were due to the new Authorization Objects.

Did any one faced the same situation, if not what am I missing. Is there a setting to make sure all the new authorization objects are not checked for after an upgrade or is it necessary that, I have to add these objects in the user profiles.

Please let me know ASAP, as we are waiting on the update in this regards. I have looked over in SDN and also did some research in this site, but was not able to find anything related to this problem.

Everything I read was related to reporting authorization objects.

_________________

Thanks,

Dharma

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
0 Kudos

Salut,

You might be interested to verify the official documentation on help.sap.com:

<a href="http://help.sap.com/saphelp_nw2004s/helpdata/en/f3/291542e4b4df2ce10000000a1550b0/frameset.htm">Authorization Objects and Role Templates (Changed)</a>

This gives an overview on new BI authorization objects with NW2004s.

it was the best overview, that i found until now.

Best regards

Stephan Half

Former Member
0 Kudos

I am having issues while executing Planning Sequence using WAD in portals.

I have assigned following objects in PFCG:

S_RS_ALVL *

S_RS_AUTH (0BI_ALL)

S_RS_COMP *

S_RS_COMP1 *

S_RS_ICUBE *

S_RS_PLSE *

S_RS_PLSQ *

S_RS_PLST *

Not sure why I am not able to execute planning sequence.

Any ideas?

Thanks in advance.

Sachin

Answers (3)

Answers (3)

Former Member
0 Kudos

Did you execute the upgrade steps (not related to analysis authorization) to bring any new objects via txn code SU25? then you need to do the regular role maintenance.

This step (SU25) is still relevant; if there are missing objects, then you just need to manually add them into the applicable roles.

Ashwin
Active Contributor
0 Kudos

Hi!

try asigning 0BI_ALL in transaction RSECADMIN to ur user id...

hope it helps

with regards

ashwin

Former Member
0 Kudos

Hello Ashwin,

Thanks for replying to the question, butI don't believe that would be an appropriate solution to provide or assign the 0BI_ALL to all users as it's the same of providing them with SAP_ALL.

In this case, I am not talking about reporting or analysis authorizations. I am talking about the Authorization objects which have been introduced in 2004s version.

So, let me know if we have to extend the profles to new objects.

Thanks

Dharma.

klaus_werner
Active Participant
0 Kudos

HI Dharma,

are you sure this is related to the new analysis authorizations or could it be one of the new standard objects like S_RS_DS or S_RS_DTP? Please describe exactly what's happening and what you do when you get problems. The switch to the obsolete concepts only relates to reportings / analysis authorizations but not to other authorizations.

Regards, Klaus

Former Member
0 Kudos

Hello Klaus,

Thanks for responding to the email, and to clarify the problem further I am giving the work scenario.

After the initial upgrade onto 2004s, we changed the reporting concept to "Obselete" to make sure that the new analysis authorizations are not being bought into effect. Once this process was finished, I was trying to go across the "Data Warehousing Workbench" and certain transactions or processes are not possible as they are being checked for new authorization objects more of for S_RS_DS, S_RS_DTP, for open hub destination, process chains and so on which were not available in the older versions.

So, do we have to go ahead and extend the profiles for the backend users and developers to make sure they can perform the support and development activities.

Hope this detailed description helps in making the problem more evident. Let me know if there is any note or explanation which directs to extend the profiles with the new authorization objects (I am not yet talking about the Analysis Authorizations).

Thanks

Dharma.

klaus_werner
Active Participant
0 Kudos

Hi Dharma,

yes, you do have to add the authorization objects / authorizations for the new one. The obsolete setting is relevant only to reporting / analysis auths. Please read the documentation of the authorization objects in the system. I don't know of any other place where this is fully described. For your convenience I give you a list of the authorization objects that are new (according to my knowledge). REgards, Klaus

Infrastructure of the Analysis Authorizations S_RSEC

Planning: Aggregation Level S_RS_ALVL

BI Analysis Authorizations in Role S_RS_AUTH

Business Explorer - BEx Texts ( Maintenance ) S_RS_BEXTX

Business Explorer - BEx Reusable web items (NW 7.0+) S_RS_BITM

Business Explorer - BEx Web Templates (NW 7.0+) S_RS_BTMP

Data Warehousing Workbench - Currency Translation Type S_RS_CTT

Business Explorer - Data Access Services S_RS_DAS

Data Warehousing Workbench - DataSource (Release > BW 3.x) S_RS_DS

Data Warehousing Workbench - Data Transfer Process S_RS_DTP

Business Explorer - Enteprise Report Reusable Elements S_RS_EREL

Business Explorer - Enterprise Reports S_RS_ERPT

Data Warehousing Workbench - InfoSource (Release > BW 3.x) S_RS_ISNEW

LOPD: Customizing Authorizations S_RS_LOPD0

Data Warehousing Workbench - Open Hub Destination S_RS_OHDST

Data Warehousing Workbench - Process Chains S_RS_PC

Lock Settings S_RS_PLENQ

Planning Function S_RS_PLSE

Planning Sequence S_RS_PLSQ

Planning Service Type S_RS_PLST

PPM - Authorization for Planning Session and Subplan S_RS_PPMAD

Authorization Object for RS Trace Tool S_RS_RSTT

Data Warehousing Workbench - Key Date Derivation Type S_RS_THJT

Data Warehousing Workbench - Transformation S_RS_TR

Data Warehousing Workbench - Quantity Conversion Type S_RS_UOM