SAP has change the naming of BI to BW 7.0 while BI will be reserved for Business Object (BOBJ) . Authorization concept in BI 70 (SAP business intelligence, SAP business warehouse) has been changed dramatically, following are notes I collected from forum
- New authorization concept: Authorization Analysis (which is active by default) note 820183, 955990, 923176
- Therefore authorization checks are enforced for authorization object S_RS_AUTH and the only valid value to get past the check is 0BI_ALL (business intelligent all) which is the equivalent to saying "all of your authorization relevant objects" Not good if you have any, because users that were restricted will not be after giving this access. (After you implement your own security relevant objects with “authorization analysis, you will have other values to put in S_RS_AUTH but these will not exist at first, thus the need for the only valid value that will exist, 0BI_ALL)
- https://www.sdn.sap.com/irj
/servlet/prt/portal/prtroot /docs/media/uuid/ac7d7c27-0a01 -0010-d5a9-9cb9ddcb6bce
- https://www.sdn.sap.com/irj
/sdn/weblogs?blog=/pub/wlg/4495
- BI 7.0 upgrade guide https://www.sdn.sap.com/irj
/sdn/go/portal/prtroot/docs /library/uuid/e0c9c8be-346f -2a10-2081-cd99177c1fb9
- If you really want to implement the new concept it will either have to be address as a team effort as part of the upgrade, or addressed later as a separate project. We opted for the later.
- Solution use IMG setting in BI and turn off the authorization analysis concept and choose the "obsolete" authorization objects instead.
- Even using the standard BW authorization objects and current security role implementation copied from your previous BW system, you will still encounter a new authorization object check on S_RS_MPRO for access to multiproviders. This mean you have to change many roles, depending on the number of Z* infocubes you are protecting etc.6) You cannot use both the authorization analysis concept (active by default) and your old BW authorization objects at the same time, thus the need to either redesign, reimplement all security roles, or turn off authorization analysis concept in IMG until addressed under a separate project after upgrade.
Resources related to SAP BW 7.0 and authorization is very general as following:
Training :
- BW001: SAP NetWeaver Business Intelligence : 5 hours
- BW305: SAP BW Reporting & Analysis: 10 days
- C_TBW45_70: SAP Certified Application Associate- Business Intelligence with SAP NetWeaver 7.0: 180 min, 80 questions
- ANA10 SAP xApp Analytics using SAP NetWeaver Visual Composer: 3 days
- BW330 BI - Modeling & Implementation: 5 days
- SAPNW SAP NetWeaver - Overview: 3 days
- NW001 Technology Solutions Powered by SAP NetWeaver: 8 hours
- BW350 BI - Data Acquisition: 5 days
- DBW70R BI - Delta Reporting SAP NetWeaver 7.0: 3 days
- BW360 BI - Performance and Administration: 5 days
- DBW70E BI - Delta Enterprise Data Warehousing SAP NetWeaver 7.0: 2 days
- BW365 BI - User Management & Authorizations: 2 days
- BW310 BI - Enterprise Data Warehousing: 5 days
- DBW70M BI - Upgrading to SAP NetWeaver 7.0: 2 days
- BW370 BI - Integrated Planning: 5 days
- TBW41 BW - Extraction with UDI and XI and APD: 5 hours
- BW380 BI - Data Mining and the Analysis Process Designer: 2 days
3 comments:
I really like when people are expressing their opinion and thought. So I like the way you are writing
It is useful to try everything in practice anyway and I like that here it's always possible to find something new. :)
Post a Comment