How changed Security Rights between Business Objects 3.x and 4.0.

Security rights  removed or missing rights in BI  4.0


Modes are enabled, all tools and panels are visible, but their use depends on the actual user’s rights. Removed from all clients:


  1. Queries: Enable Drill Mode and Extend scope of analysis -These rights are no longer managed.
  2. Interface: Ability to hide / show toolbars -The toolbar is replaced by toolboxes which are always visible.
  3. Interface: Enable toolbox and menu items - Entire toolboxes cannot be deactivated. All menu items are always visible.Menus are controlled by security right linked to the actions offered. Menu items are grayed when the user does not have sufficient priviledges to use those items.
  4. Interface: Left pane - Enable available objects, tables and charts - The left pane items are always available
  5.  Interface: Left pane - Enable data summary -The data summary is always available

Removed right in 4.0 Web Intelligence Web interface

Enable HTML Report panel - This viewer and related security rights have been removed.

Deprecated Security Rights

 Interfaces - enable web query panel: This right is available in BI 4.0.3, but will not be available in later releases. 
Note that in BI4.0.x this right has no effect.

Changes in BO 4.0 rights

3.x Web interface rights that now apply to all interfaces
These security rights were specific to Web Intelligence Web interface only ( DHTML interface) in 3.x, but now apply to all clients:
- Web Intelligence Rich Client
- Rich Internet Application interface
- Web interface

The security rights in the table below keep the same behavior but now apply to all clients. 
They have not been renamed.
- General - edit 'My Preferences'
- General - enable right-click menus
- Left pane - enable document structure and filters
- Left pane - enable document summary
- Reporting - create and edit conditional formatting rules
- Reporting - create and edit breaks
- Reporting - create and edit predefined calculations
- Reporting - create and edit report filters and consume input controls
- Reporting - create and edit sorts
- Reporting - insert and remove reports, tables, charts and cells
Note: Rights in BI 4.0 are not the same location in the CMC as they were for 3.x.

How the new rights are applied for migrated documents


If in the previous release the user had acces to the Web Intelligence Rich Internet Application interface, then the migration results in all rights “Enabled” in 4.x
Else if the specific right in the previous release was Enabled then it is Enabled in 4.x for all clients.
If in the previous release the user did not have acces to the Web Intelligence Rich Internet Application interface, this right is disabled after migration.


Enable Query – Web interface 
Interfaces - enable web query panel (will be removed in 4.1)

Application Level : GENERAL RIGHTS
Log on to Web Intelligence and view this object in the CMC.
Log on to Web Intelligence.

Rights that are renamed and now apply to all interfaces

The security rights in the table below have been renamed and now apply to all clients:
- Web Intelligence Rich Client
- Rich Internet Application interface
- Web interface.


Migrating documents from 3.x to 4.x

Some rights no longer exist in 4.x due to the redesign of the interface For example, the toolbar could be disabled (not visible) in 3.x. In 4.x, the toolbar is replaced by toolboxes that are always visible, but specific functions are disabled depending on the logged user’s rights.


Important note concerning migrating from 3.x to 4.0

Where the 3.x administrator has set the user‘s security with (Import/Export to/from SAP BusinessObjects BI OnDemand a.k.a BIOD) security settings, you must not migrate the security settings. You should remove these settings first and then migrate the users and test it in 4.0.3.x
In XI3 SP4 the Import/Export to/from BIOD security properties were introduced. 
These rights are incompatible with 4.x. In this case, migrate Everything but security, and manually reassign security.
Migrate everything and check security. Potential risks are limited to :
WebIDisableExportToBIOD collision with CreateEditInputControls
WebIDisableImportFromBIOD collision with EditDocumentFormatting

Check the Create input control and Enable Document Formatting security rights for all users.

Comments

Popular posts from this blog

SAP HANA Introduction

SAP Dashboard Error - Cannot find the BusinessObjects Enterprise report source. (LO 26608)

FWM 01002 - Unable to reconnect to the CMS. The session has been logged off or has expired.