We have an access issue in Information steward when tables are imported.
SAP Dev has all accesses needed, when it comes to STG we have less authorizations as we all know wrt BODS we use execute preloaded in STG and PRD. Information steward will need to import and view data from the this STG/QA client which is currently giving the below issue. DEV and STG are now having same level of authentication.
RFC CallReceive error <Function /BODS/RFC_ABAP_INSTALL_AND_RUN: RFC_ABAP_MESSAGE, You are not authorized to perform this activity)- You are not authorized to perform this activity[SAP NWRFC 720][SAP Partner 731 ][DEV][sapdev01a][BODS_RFC][4103]>.
This client is set in a way that it will not allow changes to a repository. Well we dont need this in BODS as we migrate the code from one environment to other and point the data store to that environment and run the jobs. But in information steward we will need to profile data in QA and PRD by connecting to those systems directly.
Please let me know if any one knows how to get access to these systems. We have performed a test by opening the system to all and testing it with Information steward and it was working. But our basis cannot keep the settings open to all for ever. Please suggest a solution if any of you faced this issue.
I assume that your issue is that Information Steward is not collecting the metadata from your Staging/QA system. What I did with Metadata Manager in XI3.1 was I created an Enterprise User specifically for Metadata Manager and granted it only the permissions needed for Metadata Manager to collect the data. This allowed me to limit that logon and also separate out the access for that tool so when we are looking at usage of things like reports and universes, that User ID could be filtered at as it really isn’t considered a “user”. This method will also allow you to restrict access however you need for all of your other users.
I’m working on setting up the Metadata Manager portion of Information Steward 4.2 now and plan to configure it the same way.
Thanks for the prompt response. Can you also tell me the list of authorizations/roles needed for the metapedia user.
On the other hand our SAP QA system is closed when I requested my basis team to open it for a quick test, they have opened it and it worked like charm. But this settings are not allowed permanently.
So as per your suggestion if we can go through the system by providing the user certain access, Can you please tell me the list of authorizations needed.
I haven’t looked at it in depth enough to be able to tell you this. We haven’t decided yet if we are really going to use the metapedia functionality or not. We are primarily needing the metadata information extracted from Business Objects.
I’m coming back to this post because I am looking at Information Steward security now. First, to address Randy’s question:
There is a pretty good description of the built in user groups and their permissions in the Information Steward Administrator’s Guide. What it doesn’t address is what I’m looking for.
I’m trying to configure the security so that the Metapedia tab doesn’t show up when you log into the IS Launchpad. In the CMC, I went to Organize → Information Steward → Metadata Management → Metapedia and removed access to that folder for my test user. The Administrator’s Guide indicated that this would be the place but the Metapedia tab still shows up in IS Launchpad. If I click on the tab I get an error:
I haven’t looked the error up but I haven’t found these to be very reliable.
I have been able to hide the Data Insight and Cleansing Package Builder tabs but I get rid of the Metapedia and My Worklist tabs. Does anyone have any ideas?
For my test user, I have set their access permission to “No Access” on Metapedia, Data Insight, Data Review, and Cleansing Packages within the Information Steward settings in the CMC.
I can’t find anything in our installation that refers to a “Data Insight ECC connection”. I don’t think we have a closed SAP System as we don’t use SAP here, we just use Business Objects.
Our Information Steward installation consists of:
Information Platform Services 4.1sp3
Data Services 4.2sp2
Information Steward 4.2sp2
I was referring to the following error, that is related to authorization on the source system
ok, for your scenario, its related to IS Application Security what is that you are trying to do ? you want to hide Metadapedia and worklist for certain users ?
if you are getting following error then check the InformationSteward.ApplicationService.log and InformationSteward.Explorer.log in the default logging folder for more details
An Application error occurred. Contact your administrator for more information. (UIM-10030)
I found a couple of errors. [quote:022fcb0c81=“InformationSteward.ApplicationService.log”][ApplicationService][Transport:Shared-1/10] com.bobj.mm.boe.InvalidLicenseKeyException
[/quote]
We have an upgraded license key from the XI3.1 Metadata Management. We were instructed by SAP to use this ame license key for Data Services. This error could be related to that.[quote:022fcb0c81=“InformationSteward.Explorer.log”][Explorer][http-bio-8080-exec-4] Sorry, you do not have the right to ‘Edit objects’ (ID: 6) for ‘Profiler’ (ID: 4222). Please contact your administrator if you require this right.
[Explorer][http-bio-8080-exec-4] com.crystaldecisions.sdk.occa.infostore.internal.InfoStoreException: Sorry, you do not have the right to ‘Edit objects’ (ID: 6) for ‘Profiler’ (ID: 4222). Please contact your administrator if you require this right.
cause:com.crystaldecisions.enterprise.ocaframework.idl.OCA.oca_abuse: IDL:img.seagatesoftware.com/OCA/oca_abuse:3.2 detail:Sorry, you do not have the right to ‘Edit objects’ (ID: 6) for ‘Profiler’ (ID: 4222). Please contact your administrator if you require this right.
The server supplied the following details: Security right violation encountered
[/quote]
I can’t find anything that is called Profiler. What would this be?
from IS 4.0 onwards MM is part of IS that has DataProfiling and CPB as well, Profiler Object is part if DataInsight, even if you don’t have License for DataInsight the application will be installed and configured, but you will only be able to use the MM part for which you have License
since you don’t have DataInsight this shouldn’t be causing any issues for you, do you have a ticket opened with Support, if yes, what is the ticket # ? I can take a look at your env