With Profile Generator,SAP has made authorization management very easy. First, we will create an authorization profile for a role. All users in that role can run queries but cannot change the queries.
Three users U_EAST,U_MIDWEST,and U_WEST have been created through transaction SU01.
Step 1. After logging on to the BW system,run transaction PFCG,or double-click Maintain Roles.
Step 2. Enter a name for the role,and then click.
Note:BW provides authorization profiles for a variety of roles in Business Content. To see a list of them,click.
Step 3. Click the Authorizations tab.
Step 4. Click to save the role and continue.
Step 5. Click to Change authorization data.
Step 6. Select the template S_RS_RREPU,and then click.
Note:BW provides authorization templates for a variety of roles in Business Content. S_RS_PPEPU is one of them,for query display and execution.
Step 7. The new window shows all authorizations for this role. For example,the users assigned to the R_RUN_QUERIES role can Display,Execute,Enter,Include,and Assign Calculated key figure,Query,Restricted key figure,and Template structure.
Note:If we expand other nodes,we will see other authorizations granted to this role.
To change an authorization field value,click next to the field. In our example,the reporting component Query has the activity Execute in two places. Let's remove Query from the first one.
Step 8. Deselect REP for Query,and then click to continue.
Note:S_RS_COMP is an authorization object; RSZCOMPTP is one of its fields. In this field we specify objects on which users can perform activities.
Step 9. Click to generate the profile.
Step 10. Enter a name and a description,and then click to continue.
Step 11. The status light of the Authorizations tab turns green (the red square becomes a green circle). Click the User tab to assign users to this role.
Step 12. Enter three users: one from the East region,one from the Midwest region,and one from the West region.
Click to add the authorization profile to the users' master data.
Step 13. Click to continue.
Step 14. Click to save the role.
Step 15. Notice that the status light of the User tab turns green (the red square becomes a green circle).
You have created the role R_RUN_QUERIES and its corresponding authorization profile AP_R_QUERY. Also,you have assigned three users to this role. To verify that the role and assignments are correct,run transaction SU01 to display user U_WEST's master data. Under the tab Roles,review the role to which this user is assigned. Under the tab Profiles,notice the user's authorization profile.
From this example,we get an idea of how BW manages its authorization. Each role has an authorization profile. Users assigned to a particular role have all authorizations included in the authorization profile. A user can be assigned to multiple roles. The user derives his or her authorizations from the roles to which he or she is assigned.
SAP BW Related Interview Questions
|SAP BI Interview Questions||SAP WM Interview Questions|
|SAP BO Interview Questions||SAP Netweaver Interview Questions|
|SAP BODS Interview Questions||SAP Webi Interview Questions|
|SAP Web Dynpro Interview Questions||SAP BDC Interview Questions|
|SAP BW on HANA Interview Questions|
Sap Bw Tutorial
Business Scenario And Sap Bw
Creating An Infocube
Loading Data Into The Infocube
Checking Data Quality
Creating Queries And Workbooks
Managing User Authorization
Aggregates And Multi-cubes
Operational Data Store (ods)
Generic R/3 Data Extraction
All rights reserved © 2018 Wisdom IT Services India Pvt. Ltd
Wisdomjobs.com is one of the best job search sites in India.