Sorun Cevaplayalım

İşinizle ilgili öngörüler edinin, gerçek zamanlı bilgilere göre karar alın.

SAP Eğitim ve Sertifika Dönemleri

Uzmanlığınızı ve deneyiminizi SAP çözümleri kullanarak tasdik edin.

Çözüm Ekibi Başvurusu

Kullanıcılara hızlı ve pratik çözümler üreterek görev almak isteyenler.

SAP BLOG How to restrict Query View creation authorization from user roles

SAP Blog

Kayıtlı Üye
Katılım
22 Ara 2017
Mesajlar
990
Tepki puanı
6
In this blog I will explain how to deactivate the Query View creation authorization from user roles. To achieve this, along with the modifications in the user roles, we need to maintain a parameter manually to enable the restriction.

Step 1: Identify the roles which uses the query.

Step 2: Go to T-Code PFCG and open the role to be modified.

1-57.png


Step 3: Go to the Authorizations tab, and click on the button Display Authorization Data (bottom left)

2-51.png


Step 4: In the next window, all the authorizations pertaining to the role will be displayed. Expand the nodes -> Business Warehouse -> Business Explorer Components (highlighted).

3-49.png


Step 5: Click on
specs.png
beside Type of a reporting component node and deselect Query View from the pop-up list. Other selections should be done as per business requirement. In this example, I have given access only to the query.

4-44.png


Though the aforementioned steps should be sufficient to revoke access, many a times this does not work. In that case, perform the additional steps as below.

Step 6: Check if the correct support package (as per the list below) is implemented in your system. If not you need to first import the support package before proceeding to the further steps.

SAP NW BW 7.00 – SP29

SAP NW BW 7.01 – SP 12

SAP NW BW 7.02 – SP 12

SAP NW BW 7.11 – SP 10

SAP NW BW 7.30 – SP 08

SAP NW BW 7.31 – SP 04

(In case, you want to check Support Package in more details please refer to the SAP Note 1639960.)

Step 7: If the correct Support Package exists, go to SE38, give the program name as SAP_RSADMIN_MAINTAIN and click on execute.

5-33.png


Step 8: In the next screen, give the object name as ‘OSD_CHECK_VIEW_AUTHORIZATION’, value as ‘X’, check the INSERT radio button & click on execute.

6-31.png


Step 9: Check the RSADMIN table to see if this value is maintained in the table.

8-27.png


After performing all these steps, try creating a query view using a test user for the role you have just modified. It will abort the creation and throw an authorization error.

Okumaya devam et...
 
Üst