SlideShare a Scribd company logo

Step by step exercise for bw 365

Download as DOC, PDF
Siva Pradeep Bolisetti, profile picture
Siva Pradeep Bolisetti

This document provides instructions for 7 exercises to set up authorization and security for business intelligence (BI) reporting in SAP. The exercises cover creating and executing BI queries, setting up info object security, using specific authorization objects, tracing BI authorizations, and securing access to workbooks using roles.

Software
Related topics:
Business Intelligence
1 of 27
Downloaded 26 times
1
2
Most read
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
Exercise1: Create and Execute BI query Exercise 2: Set up Info Object-Level Security for Reporting Users Exercise 3: Using S_RS_COMP1 and S_RS_FOLD Exercise 4: Tracing BI authorizations Exercise 5: ST01 Trace Exercise 6: Securing Access to workbooks Exercise 7 Using SAP provided templates to build security for administrator users Exercise 1: Create and Execute BI query Solution: Go to ProgramsBusiness ExplorerAnalyzer Go to BEX toolbarToolsCreate New Query Select the system and login
Select “New Query” Select the Info Provider on which query need to be created Select the Cube and click Open
Drag and drop the characteristics/key figures from left window to right Rows/columns and Free Characteristics And then click to save the query. Select the Role Enter the description and technical name and Click SAVE Login using Bex Analyzer and then run the Query and Result will be displayed as below
Exercise 2: Set up Info Object-Level Security for Reporting Users Solution: The steps to implement authorization level security: • Make the info object as authorization relevant • Create analysis authorization on that info object • Assign analysis authorization to user (directly or through Role) • Add a variable to the Query Create a user Execute SU01 and give the user name and click Create Enter User First Name and Last Name Go to Logon Tab and then Enter Initial Password; enter the same password in Repeat Password
Go to Roles Tab and then add Role “REPORTING_BASIC” and Click Save Note: If REPORTING_BASIC role is not existing in the system then can be uploaded in the below way to the system. This Role contains access to Basis Transaction codes needed by a reporting user. Upload a Role: • Copy the below role to your desktop REPORTING_BASIC. SAP • Execute Tcode PFCG and then Select RoleUpload Click Ok
Select the Role and Click OPEN And then click ok on the message Go to the change mode of the Role by clicking Go to authorization tab by clicking change authorization data Click Save and Then Generate
And role is now uploaded and activated in the system Define the Info Object as authorization relevant Execute RSA1, Go to InfoProvider, expand the info are and then double click on your info object or Execute Tcode RSD1, enter info object name Go to change mode and then Business Explorer tab, check “authorization Relevant”
Save and activate the info object. Create Analysis authorization
• Execute Tcode RSECAUTH • Enter Name of analysis authorization ZCOMP_CODE and Click Create • Enter short, medium and long description and click to insert mandatory characterstics Double click on 0TCAACTVT, then click Value authorization tab and enter the below values and go back Double click on 0TCAVALID, then click Value authorization tab and enter the below values and go back And then Double click on 0TCAIPROV, then click Value authorization tab and enter the below values and go back
Enter 0COMP_CODE And then Double click to specify the values Note: This value defines the restriction of your info object to some specific values. You can select any value depending upon the data that is available in your info object And then click Save. Assign Authorization to User Execute Tcode RSU01, enter user name and click Change Enter analysis auth name and click Insert
And then Click Save Add a variable to a Query Go to Query Designer. Open existing query. Drag Company Code to char restriction tab Right click on Company Code and select Restrict Select variables from the drop down list. Click Create Specify Description for Variable, Technical name and Processing Type in General Tab
Specify the below mentioned details in “Details” tab Move the variable from left window to Selection list and click OK
Save the Query. Login using Reporting_## and select the query to execute using Bex Analyzer It will be prompted for the variable value Result will be displayed only for company Code 1000 and 1101 Exercise 3: Using S_RS_COMP1 and S_RS_FOLD Solution: Create a new role REPORTING_BASIC_NEW by copying the REPORTING_BASIC role Execute Tcode PFCG and then Enter Role Name The Role Copy Enter the new Role name and click copy selectively Go to Change mode of the Role, authorization tab, click Change authorization data
• Expand the Business Information Warehouse object class and then authorization object Business Explorer – Components Enhancements to the Owner (Object S_RS_COMP1). • Choose Change • Next to the Owner (Person Responsible) give the userid of the query owner • For e.g. if we give userid of Anil here and assign this role to REPORTING-## user then REPORTING-## will be only able to view the queries created by Anil. Click Save and Then Generate and click ok to accept the default profile Assign the Role to REPORTING-## user
Execute SU01 and click Change Go to Roles Tab and Delete the existing role and add new one and click Save • Log on to the Bex Analyzer as REPORTING-## and note which queries the user can access through Info Area • User should be able to see the queries created by user Anil Hide Info Area Push button for reporting users using S_RS_FOLD Change role REPORTING_BASIC_NEW through PFCG and click Change authorization Data
Click manually to add S_RS_FOLD auth object Enter object and click Ok Select the Value, Save and Generate the Role This will hide the Info Area Push button for the users, so that they are not able to view the Info Providers
Exercise 4: Tracing BI Authorizations Solution: Create any new user with access to Role REPORTING_BASIC_NEW and let user execute ZTEST_QUERY2. User will get below authorization error: We need to put a trace on to analyze the error. Execute RSECADMIN and then go to Analysis Tab. Click on Error Logs Click “Configure Log Recording”
Add the user name and click “Add User” and Click Save Login as REORTING_1 and let the user execute the same query until user get “No authorization” error message: To Check the Trace Execute RSECADMIN and then go to Analysis Tab. Click on Error Logs Click Display
Error log will be something like below: Trace is checking info object 0COMP_CODE in user’s profile which is missing
Exercise 5: ST01 Trace Solution: Login as an admin user and Execute ST01 Make sure Authorization check is selected and there is no General Filters And click on Trace On Execute Tcode RSA1 and go to the specific Info Provider under modeling tab Right click and Select “Create InfoCube”
Enter name, description and copy from and then click “Create” Select Activate Execute ST01 and Press “Analysis” Enter user id and limit the records for authorization check only and click Execute And you will be able to see the trace log for authorization checks that happened against your profile Exercise 6: Securing Access to workbooks Part 1 Open an existing query and try to save it to Roles Tab using REPORT_1 user id
Since No roles are assigned to your end, you will not able to assign it. Part 2 Execute Tcode PFCG Enter Role name REPORTING_WORKBOOK_01 and click Create Enter description and Save. Go to authorization tab Click on Change Authorization data Click manually to add the authorization objects
Add S_USER_AGR and S_USER_TCD and click Ok Maintain the values as below And generate the Role Go to Menu Tab and created Folder Sales
Enter name as Sales and Click OK Now assign the Role to User Reporting_1 and click on User comparison and save the role Part 3 Execute the Query using BEX Analyzer and save the results Go to Roles Tab Workbook roleSales Folder Enter the Workbook name and click SAVE
Part 4 Go to PFCG and enter the Role name REPORTING_WORKBOOK_01 Go to Menu Tab and click Report Add the workbook id
And save the Role Exercise 7: Use SAP Provided Template to Build Security Solution: Execute PFCG and enter name and click Create Enter Description and Go to Authorization tab, and click change authorization data
Select the role S_RS_RDEAD and Select Adopt reference You can expand the required Class and then auth object to see the specific values

More Related Content

PPTX
Oops abap fundamental
biswajit2015
 
PPTX
SAP ABAP using OOPS - JH Softech
Vikram P Madduri
 
PPTX
Abap data dictionary
SmartGokul4
 
PDF
Abap reports
Milind Patil
 
PDF
Table maintenance generator and its modifications
scribid.download
 
PPT
Maximizing SAP ABAP Performance
PeterHBrown
 
PDF
Bapi step-by-step
mateenjambagi
 
PPT
SAP BI 7 security concepts
Siva Pradeep Bolisetti
 
Oops abap fundamental
biswajit2015
 
SAP ABAP using OOPS - JH Softech
Vikram P Madduri
 
Abap data dictionary
SmartGokul4
 
Abap reports
Milind Patil
 
Table maintenance generator and its modifications
scribid.download
 
Maximizing SAP ABAP Performance
PeterHBrown
 
Bapi step-by-step
mateenjambagi
 
SAP BI 7 security concepts
Siva Pradeep Bolisetti
 

What's hot (20)

PPT
Chapter 01 user exits
Kranthi Kumar
 
PDF
SAP ABAP data dictionary
Revanth Nagaraju
 
PDF
Enhancing data sources with badi in SAP ABAP
Aabid Khan
 
DOCX
Edit idoc , reprocess and test idoc
lakshmi rajkumar
 
PDF
ABAP for Beginners - www.sapdocs.info
sapdocs. info
 
PPTX
Sap abap
Jugul Crasta
 
PPTX
Object oriented approach to ALV Lists in ABAP
Noman Mohamed Hanif
 
DOC
Sap abap interview questions
kssr99
 
PDF
Fox formula in sap bi integrated planning
Venkatesh Yellamelli
 
PDF
Technical Overview of CDS View – SAP HANA Part I
Ashish Saxena
 
PPT
Lsmw ppt in SAP ABAP
Aabid Khan
 
PDF
Ooabap notes with_programs
Kranthi Kumar
 
PPT
ABAP Object oriented concepts
DharmeshKumar49
 
PDF
Sap Abap Reports
vbpc
 
DOCX
Abap performance tunning tips
Jay Dalwadi
 
DOC
Badi document
hamisha_malik
 
PPTX
Bdc BATCH DATA COMMUNICATION
Hitesh Gulani
 
PPT
ProductCosting Material Ledger.ppt
AshwaniKumar207236
 
PPTX
Reports
Jugul Crasta
 
PDF
Customer exit variables in sap
Sidharth Sriram
 
Chapter 01 user exits
Kranthi Kumar
 
SAP ABAP data dictionary
Revanth Nagaraju
 
Enhancing data sources with badi in SAP ABAP
Aabid Khan
 
Edit idoc , reprocess and test idoc
lakshmi rajkumar
 
ABAP for Beginners - www.sapdocs.info
sapdocs. info
 
Sap abap
Jugul Crasta
 
Object oriented approach to ALV Lists in ABAP
Noman Mohamed Hanif
 
Sap abap interview questions
kssr99
 
Fox formula in sap bi integrated planning
Venkatesh Yellamelli
 
Technical Overview of CDS View – SAP HANA Part I
Ashish Saxena
 
Lsmw ppt in SAP ABAP
Aabid Khan
 
Ooabap notes with_programs
Kranthi Kumar
 
ABAP Object oriented concepts
DharmeshKumar49
 
Sap Abap Reports
vbpc
 
Abap performance tunning tips
Jay Dalwadi
 
Badi document
hamisha_malik
 
Bdc BATCH DATA COMMUNICATION
Hitesh Gulani
 
ProductCosting Material Ledger.ppt
AshwaniKumar207236
 
Reports
Jugul Crasta
 
Customer exit variables in sap
Sidharth Sriram
 
Ad

Viewers also liked (20)

PDF
Sap security tasks
Siva Pradeep Bolisetti
 
PDF
Governance Of Enterprise IT MIA
Troy DuMoulin
 
PPT
How to improve user experience via roles
Siva Pradeep Bolisetti
 
DOCX
Calculation of optimum cost of transportation of goods from godowns to differ...
Siva Pradeep Bolisetti
 
PPT
Bluetooth Technology -- detailed explanation
Siva Pradeep Bolisetti
 
PDF
Authorisations in SAP: best practices
Jonathan Eemans
 
PDF
Enterprise Risk Management Software
Mike Taylor
 
PDF
Sappress sap governance risk and compliance
Siva Pradeep Bolisetti
 
DOCX
Use of network scheduling technique
Siva Pradeep Bolisetti
 
PPTX
SAP Plaint Maintenance Training in Hyderabad,USA,UK,Canada,Austarlia
online jobs
 
PDF
Master data distribution in SAP: implementation guide
Jonathan Eemans
 
PPTX
Bearing design for Turbo Generator- Internship at BHEL
Siva Pradeep Bolisetti
 
PDF
Simplifying SAP Plant Maintenance
DeeDee Kato
 
PDF
Best Practices for Managing a Global SuccessFactors Rollout
GP Strategies Corporation
 
PDF
Business Driven Architecture for Strategic Transformation
David Baker
 
PPTX
Solar refrigeration system
Siva Pradeep Bolisetti
 
PPTX
SAP BASED PLANT MAINTENANCE
PANKAJ TIKEKAR
 
PDF
ProcessGene GRC Software Suite
ProcessGene Ltd
 
PPT
Welding and types
Siva Pradeep Bolisetti
 
PDF
SAP Plant Maintenance Training Material | www.sapdocs.info
sapdocs. info
 
Sap security tasks
Siva Pradeep Bolisetti
 
Governance Of Enterprise IT MIA
Troy DuMoulin
 
How to improve user experience via roles
Siva Pradeep Bolisetti
 
Calculation of optimum cost of transportation of goods from godowns to differ...
Siva Pradeep Bolisetti
 
Bluetooth Technology -- detailed explanation
Siva Pradeep Bolisetti
 
Authorisations in SAP: best practices
Jonathan Eemans
 
Enterprise Risk Management Software
Mike Taylor
 
Sappress sap governance risk and compliance
Siva Pradeep Bolisetti
 
Use of network scheduling technique
Siva Pradeep Bolisetti
 
SAP Plaint Maintenance Training in Hyderabad,USA,UK,Canada,Austarlia
online jobs
 
Master data distribution in SAP: implementation guide
Jonathan Eemans
 
Bearing design for Turbo Generator- Internship at BHEL
Siva Pradeep Bolisetti
 
Simplifying SAP Plant Maintenance
DeeDee Kato
 
Best Practices for Managing a Global SuccessFactors Rollout
GP Strategies Corporation
 
Business Driven Architecture for Strategic Transformation
David Baker
 
Solar refrigeration system
Siva Pradeep Bolisetti
 
SAP BASED PLANT MAINTENANCE
PANKAJ TIKEKAR
 
ProcessGene GRC Software Suite
ProcessGene Ltd
 
Welding and types
Siva Pradeep Bolisetti
 
SAP Plant Maintenance Training Material | www.sapdocs.info
sapdocs. info
 
Ad

Similar to Step by step exercise for bw 365 (20)

PDF
Oracle 11i forms personalization
Kaushik Kumar Kuberanathan
 
PDF
Apps 11i10 forms_personalization
Vinod Reddy
 
PDF
Personalize the forms how to oracle applications release 11.5.10 a technica...
FITSFSd
 
PPTX
Lightning Process Builder
sanskriti agarwal
 
PPTX
Lightning Process Builder
sanskriti agarwal
 
PDF
Presentation
FariaLara
 
PPTX
PEOPLESOFT PTF
Gautam Chaudhary
 
PDF
Ca1 report
aeehhhly
 
PPTX
MicroStrategy Basic Reporting.pptx
Vijay80411
 
DOCX
Lab StepsSTEP 1 Login Form1. In order to do this lab, we need.docx
smile790243
 
PDF
Apps 11i10 Forms Personalization
Hossam El-Faxe
 
DOCX
Attach
Rajesh Ch
 
DOC
( 5 ) Office 2007 Create A Business Data Catolog
LiquidHub
 
PPT
Informatica PowerAnalyzer 4.0 3 of 3
ganblues
 
PPT
07 b 01workflowdefinition
tflung
 
DOCX
HelpDesk Training Manual
MakeNET
 
PPT
Centaf Sms Day 2
ejcometh
 
DOC
Mca 504 dotnet_unit5
Rai Saheb Bhanwar Singh College Nasrullaganj
 
PPTX
Salesforce Lightning Process Builder IS the next-generation workflow tool
BMC Software
 
PDF
1. Create and call a function to � Open a text file for storing the.pdf
agaramjareld
 
Oracle 11i forms personalization
Kaushik Kumar Kuberanathan
 
Apps 11i10 forms_personalization
Vinod Reddy
 
Personalize the forms how to oracle applications release 11.5.10 a technica...
FITSFSd
 
Lightning Process Builder
sanskriti agarwal
 
Lightning Process Builder
sanskriti agarwal
 
Presentation
FariaLara
 
PEOPLESOFT PTF
Gautam Chaudhary
 
Ca1 report
aeehhhly
 
MicroStrategy Basic Reporting.pptx
Vijay80411
 
Lab StepsSTEP 1 Login Form1. In order to do this lab, we need.docx
smile790243
 
Apps 11i10 Forms Personalization
Hossam El-Faxe
 
Attach
Rajesh Ch
 
( 5 ) Office 2007 Create A Business Data Catolog
LiquidHub
 
Informatica PowerAnalyzer 4.0 3 of 3
ganblues
 
07 b 01workflowdefinition
tflung
 
HelpDesk Training Manual
MakeNET
 
Centaf Sms Day 2
ejcometh
 
Mca 504 dotnet_unit5
Rai Saheb Bhanwar Singh College Nasrullaganj
 
Salesforce Lightning Process Builder IS the next-generation workflow tool
BMC Software
 
1. Create and call a function to � Open a text file for storing the.pdf
agaramjareld
 

Recently uploaded (20)

PDF
How AI/LLM recommend to you ? GDG meetup 16 Aug by Fariman Guliev
HusseinMalikMammadli
 
PDF
Digital Systems & Binary Numbers (comprehensive )
fyfhqfhtv2
 
PDF
Internet Downloader Manager (IDM) Crack 6.42 Build 42 Updates Latest 2025
itskinga12
 
PPTX
CHAPTER 2 - PM Management and IT Context
KevinPutra14
 
PDF
CapCut Video Editor 6.8.1 Crack for PC Latest Download (Fully Activated) 2025
itskinga12
 
PDF
Salesforce Agentforce AI Implementation.pdf
Robert Mark
 
PDF
EN-Survey-Report-SAP-LeanIX-EA-Insights-2025.pdf
deepakkhaitan3
 
PPTX
history of c programming in notes for students .pptx
Vijayakumari829030
 
PDF
iTop VPN 6.5.0 Crack + License Key 2025 (Premium Version)
youngle786g
 
PDF
Adobe Illustrator 28.6 Crack My Vision of Vector Design
ghrom2211g
 
PDF
CCleaner Pro 6.38.11537 Crack Final Latest Version 2025
itskinga12
 
PDF
Designing Intelligence for the Shop Floor.pdf
nikglvk
 
PPTX
Agentic AI Use Case- Contract Lifecycle Management (CLM).pptx
mhxyzzp
 
PPTX
Operating system designcfffgfgggggggvggggggggg
rmskumara09
 
PPTX
assetexplorer- product-overview - presentation
nonameist3434
 
PDF
Navsoft: AI-Powered Business Solutions & Custom Software Development
Navsoft
 
PDF
17 Powerful Integrations Your Next-Gen MLM Software Needs
ventaforcemlmsoftwar
 
PDF
Design an Analysis of Algorithms II-SECS-1021-03
DilanEscobar1
 
PPTX
Weekly report ppt - harsh dattuprasad patel.pptx
bikerslovers123
 
DOCX
Greta — No-Code AI for Building Full-Stack Web & Mobile Apps
niloyislam1187
 
How AI/LLM recommend to you ? GDG meetup 16 Aug by Fariman Guliev
HusseinMalikMammadli
 
Digital Systems & Binary Numbers (comprehensive )
fyfhqfhtv2
 
Internet Downloader Manager (IDM) Crack 6.42 Build 42 Updates Latest 2025
itskinga12
 
CHAPTER 2 - PM Management and IT Context
KevinPutra14
 
CapCut Video Editor 6.8.1 Crack for PC Latest Download (Fully Activated) 2025
itskinga12
 
Salesforce Agentforce AI Implementation.pdf
Robert Mark
 
EN-Survey-Report-SAP-LeanIX-EA-Insights-2025.pdf
deepakkhaitan3
 
history of c programming in notes for students .pptx
Vijayakumari829030
 
iTop VPN 6.5.0 Crack + License Key 2025 (Premium Version)
youngle786g
 
Adobe Illustrator 28.6 Crack My Vision of Vector Design
ghrom2211g
 
CCleaner Pro 6.38.11537 Crack Final Latest Version 2025
itskinga12
 
Designing Intelligence for the Shop Floor.pdf
nikglvk
 
Agentic AI Use Case- Contract Lifecycle Management (CLM).pptx
mhxyzzp
 
Operating system designcfffgfgggggggvggggggggg
rmskumara09
 
assetexplorer- product-overview - presentation
nonameist3434
 
Navsoft: AI-Powered Business Solutions & Custom Software Development
Navsoft
 
17 Powerful Integrations Your Next-Gen MLM Software Needs
ventaforcemlmsoftwar
 
Design an Analysis of Algorithms II-SECS-1021-03
DilanEscobar1
 
Weekly report ppt - harsh dattuprasad patel.pptx
bikerslovers123
 
Greta — No-Code AI for Building Full-Stack Web & Mobile Apps
niloyislam1187
 

Step by step exercise for bw 365

  • 1. Exercise1: Create and Execute BI query Exercise 2: Set up Info Object-Level Security for Reporting Users Exercise 3: Using S_RS_COMP1 and S_RS_FOLD Exercise 4: Tracing BI authorizations Exercise 5: ST01 Trace Exercise 6: Securing Access to workbooks Exercise 7 Using SAP provided templates to build security for administrator users Exercise 1: Create and Execute BI query Solution: Go to ProgramsBusiness ExplorerAnalyzer Go to BEX toolbarToolsCreate New Query Select the system and login
  • 2. Select “New Query” Select the Info Provider on which query need to be created Select the Cube and click Open
  • 3. Drag and drop the characteristics/key figures from left window to right Rows/columns and Free Characteristics And then click to save the query. Select the Role Enter the description and technical name and Click SAVE Login using Bex Analyzer and then run the Query and Result will be displayed as below
  • 4. Exercise 2: Set up Info Object-Level Security for Reporting Users Solution: The steps to implement authorization level security: • Make the info object as authorization relevant • Create analysis authorization on that info object • Assign analysis authorization to user (directly or through Role) • Add a variable to the Query Create a user Execute SU01 and give the user name and click Create Enter User First Name and Last Name Go to Logon Tab and then Enter Initial Password; enter the same password in Repeat Password
  • 5. Go to Roles Tab and then add Role “REPORTING_BASIC” and Click Save Note: If REPORTING_BASIC role is not existing in the system then can be uploaded in the below way to the system. This Role contains access to Basis Transaction codes needed by a reporting user. Upload a Role: • Copy the below role to your desktop REPORTING_BASIC. SAP • Execute Tcode PFCG and then Select RoleUpload Click Ok
  • 6. Select the Role and Click OPEN And then click ok on the message Go to the change mode of the Role by clicking Go to authorization tab by clicking change authorization data Click Save and Then Generate
  • 7. And role is now uploaded and activated in the system Define the Info Object as authorization relevant Execute RSA1, Go to InfoProvider, expand the info are and then double click on your info object or Execute Tcode RSD1, enter info object name Go to change mode and then Business Explorer tab, check “authorization Relevant”
  • 8. Save and activate the info object. Create Analysis authorization
  • 9. • Execute Tcode RSECAUTH • Enter Name of analysis authorization ZCOMP_CODE and Click Create • Enter short, medium and long description and click to insert mandatory characterstics Double click on 0TCAACTVT, then click Value authorization tab and enter the below values and go back Double click on 0TCAVALID, then click Value authorization tab and enter the below values and go back And then Double click on 0TCAIPROV, then click Value authorization tab and enter the below values and go back
  • 10. Enter 0COMP_CODE And then Double click to specify the values Note: This value defines the restriction of your info object to some specific values. You can select any value depending upon the data that is available in your info object And then click Save. Assign Authorization to User Execute Tcode RSU01, enter user name and click Change Enter analysis auth name and click Insert
  • 11. And then Click Save Add a variable to a Query Go to Query Designer. Open existing query. Drag Company Code to char restriction tab Right click on Company Code and select Restrict Select variables from the drop down list. Click Create Specify Description for Variable, Technical name and Processing Type in General Tab
  • 12. Specify the below mentioned details in “Details” tab Move the variable from left window to Selection list and click OK
  • 13. Save the Query. Login using Reporting_## and select the query to execute using Bex Analyzer It will be prompted for the variable value Result will be displayed only for company Code 1000 and 1101 Exercise 3: Using S_RS_COMP1 and S_RS_FOLD Solution: Create a new role REPORTING_BASIC_NEW by copying the REPORTING_BASIC role Execute Tcode PFCG and then Enter Role Name The Role Copy Enter the new Role name and click copy selectively Go to Change mode of the Role, authorization tab, click Change authorization data
  • 14. • Expand the Business Information Warehouse object class and then authorization object Business Explorer – Components Enhancements to the Owner (Object S_RS_COMP1). • Choose Change • Next to the Owner (Person Responsible) give the userid of the query owner • For e.g. if we give userid of Anil here and assign this role to REPORTING-## user then REPORTING-## will be only able to view the queries created by Anil. Click Save and Then Generate and click ok to accept the default profile Assign the Role to REPORTING-## user
  • 15. Execute SU01 and click Change Go to Roles Tab and Delete the existing role and add new one and click Save • Log on to the Bex Analyzer as REPORTING-## and note which queries the user can access through Info Area • User should be able to see the queries created by user Anil Hide Info Area Push button for reporting users using S_RS_FOLD Change role REPORTING_BASIC_NEW through PFCG and click Change authorization Data
  • 16. Click manually to add S_RS_FOLD auth object Enter object and click Ok Select the Value, Save and Generate the Role This will hide the Info Area Push button for the users, so that they are not able to view the Info Providers
  • 17. Exercise 4: Tracing BI Authorizations Solution: Create any new user with access to Role REPORTING_BASIC_NEW and let user execute ZTEST_QUERY2. User will get below authorization error: We need to put a trace on to analyze the error. Execute RSECADMIN and then go to Analysis Tab. Click on Error Logs Click “Configure Log Recording”
  • 18. Add the user name and click “Add User” and Click Save Login as REORTING_1 and let the user execute the same query until user get “No authorization” error message: To Check the Trace Execute RSECADMIN and then go to Analysis Tab. Click on Error Logs Click Display
  • 19. Error log will be something like below: Trace is checking info object 0COMP_CODE in user’s profile which is missing
  • 20. Exercise 5: ST01 Trace Solution: Login as an admin user and Execute ST01 Make sure Authorization check is selected and there is no General Filters And click on Trace On Execute Tcode RSA1 and go to the specific Info Provider under modeling tab Right click and Select “Create InfoCube”
  • 21. Enter name, description and copy from and then click “Create” Select Activate Execute ST01 and Press “Analysis” Enter user id and limit the records for authorization check only and click Execute And you will be able to see the trace log for authorization checks that happened against your profile Exercise 6: Securing Access to workbooks Part 1 Open an existing query and try to save it to Roles Tab using REPORT_1 user id
  • 22. Since No roles are assigned to your end, you will not able to assign it. Part 2 Execute Tcode PFCG Enter Role name REPORTING_WORKBOOK_01 and click Create Enter description and Save. Go to authorization tab Click on Change Authorization data Click manually to add the authorization objects
  • 23. Add S_USER_AGR and S_USER_TCD and click Ok Maintain the values as below And generate the Role Go to Menu Tab and created Folder Sales
  • 24. Enter name as Sales and Click OK Now assign the Role to User Reporting_1 and click on User comparison and save the role Part 3 Execute the Query using BEX Analyzer and save the results Go to Roles Tab Workbook roleSales Folder Enter the Workbook name and click SAVE
  • 25. Part 4 Go to PFCG and enter the Role name REPORTING_WORKBOOK_01 Go to Menu Tab and click Report Add the workbook id
  • 26. And save the Role Exercise 7: Use SAP Provided Template to Build Security Solution: Execute PFCG and enter name and click Create Enter Description and Go to Authorization tab, and click change authorization data
  • 27. Select the role S_RS_RDEAD and Select Adopt reference You can expand the required Class and then auth object to see the specific values