DJames

SAP BusinessObjects Central Management Console User Security.

Friday, February 12, 2016

Tags: Access Levels, business objects, Central Management Console, CMC, sap, User Security

Here you can find how to set up your security on Central Management Console of SAP Business Objects

  1. Users and Groups (First we create the user(s) and group(s) to set authentication and authorization levels later on)
    1. New Group
      New Group
    2. New User
      New User
      1. Authentication Type: Enterprise / LDAP
      2. Connection Type: Named User (this user can access BO anytime) / Concurrent User (this user can access BO as long as the concurrent connected user limit has not been reached)
    3. Join Group
      Join Group
    4. Select the group(s) for the user to be a member of
      Member of
  2. Folders (We grant access to the folders for the group(s) and/or user(s))
    1. User must have access to the root folder
      Root Folder
    2. We will Add Principals through User Security
      User Security
    3. Add and Assign Security to Group or User. I will add the group so I can manage multiple Users at once
      Multiple Users
    4. Next we will choose the Access Level for the group
      Access Level
    5. Close the User Security window
    6. Next if you want the Group to access only one sub folder, you need to remove access from every other subfolder
    7. You will go to User Security of those folders
      Security to Folder
    8. Select the group name and go to Assign Security
      Assign Security
    9. Here either click on Remove Access or uncheck both of the Inherit check boxes and click OK
      Inherit
  3. So far, we adjusted the group’s access levels to folder(s) and report(s). Now we will set Access rights to Universe if you want the user to be able to refresh or change the prompts and re-run the reports. Otherwise, you will have an error like "You do not have the right to access data returned by this universe. Error WIS 00504"
  4. Best practice to handle this (in my opinion) is to do it through Universes
    1. Find your related universe find all relations
      Find relations
    2. Find the Web Intelligence, you will be able to see your already assigned roles, so you will not need to change anything here
    3. Find the folder of the universe and go to User Security
      User Security
    4. Add Principals for your Group here Add and Assign Security

      Add and Assign Security
    5. Choose your Access Level for the Universe from here
      Access Level for Universe
    6. Next find the Relational Connection for the Universe and go to User Security
      Relational Connection
    7. And add your group and assign the roles like in step 4d and 4e
  5. From Universes
    1. Go to Universe Security to add your group to Universe as well
      Universe Security
    2. Click on Add and choose your group
    3. Then you will close the pop up window from the x on the upper right corner
  6. Finally you can adjust user rights at Applications level
    1. Here as I use Web Intelligence, I edit User Security for Web Intelligence
      User Security
    2. Here we Add Principals just like in other steps
  7. If you want to adjust the roles or create a new one, you will need to go to Access Levels
    1. Go to Included Rights and adjust the rights for the role as you wish

© 2024 - DJames.net