BW Security (Authorizations)
The following are some
of the relevant SAP BW Security transaction codes.
Transaction Code
|
Description
|
RSA1
|
Transaction RSA1 is the main
transaction for administrative functions in SAP BW (Administrator Workbench)
|
RSD1
|
This transaction code can be used
to mark objects as relevant for authorization (InfoObject Maintainence)
|
RSSM
|
This transaction code can be used
to create and modify authorization objects in SAP BW
|
RSZV
|
This transaction code is used to
create or modify the variables for authorization checks. (Variable
Maintenance)
|
RRMX
|
Business Explorer is the reporting
tool in SAP BW and is used for analyzing data.
|
GLOBAL_TEMPLATES
|
Templates for modelling and
evaluating data
|
How
to Activate Authorizations In BW:-
The following steps explains how to activate the authorizations in BW.
1) Mark InfoObject as relevant for authorization
tcode => RSD1
2) Create report authorization object tcode =>
RSSM
3) Select InfoCubes tcode => RSSM
4) Manually integrate authorization object in role tcode
=> PFCG
5) Change / Maintain authorization values =>
PFCG
6) Assign role to user tcode => PFCG or via
Central User Administration
Hierarchical Authorizations in BW
The following steps describe the steps to control authorizations for hierarchies
1) Transfer and activate InfoObject 0TCTAUTHH tcode => RSD1
2) Mark InfoObject 0TCTAUTHH as relevant for
authorization tcode => RSD1
3) Mark Leaf InfoObject as relavant for
authorization tcode => RSD1
4) Create authorization objects with 0TCTAUTHH and
Leaf InfoObject => RSSM
5) Define hierarchical authorizations tcode =>
RSSM
6) Manual intrgration of authorization object in role tcode
=> PFCG
7) Maintain authorization values tcode => PFCG
8) Assign role to user tcode => PFCG or via
Central User Administration
For extracting structural authorizations from HR (mySAP ERP HCM) and to map it in SAP BW to maintian consistency between the two systems the tables of interest are:
1) T77PR -for Structural Authorization profiles
2) T77UA -for user assignments
3) T77UU -for users (in this table you can select
the users for extraction. You can either select all or specific users)
Structural Authorizations in SAP BW
The following step
The following steps to be carried out in the mySAP ERP HCM system.
1) Call program RHBAUS02 for uploading Table T77UU and enter users.
2) Call program RHBAUUS00 for generating an index
for structural authorization profile
3) Activate Data source 0HR_PA_2.
The following
steps to be carried out in the SAP BW system
1) Replicate Data source 0HR_PA_2
2) Activate ODS InfoProvider 0HR_PA_2
3) Create an InfoPackage to perform an extraction
for 0HR_PA_2
4) Load ODS data from mySAP ERP HCM
5) Mark InfoObjects as relevant for authorization
(In order to use structural authorizations in SAP BW, all characteristic values
like position, employee etc. which are relevant to reporting should be marked
as authorization relevant InfoObjects.)
6) Create reporting authorization objects
7) Link authorization objects to InfoCubes
8) Call program RSSB_Generate_Authorizations.
No comments:
Post a Comment