SlideShare a Scribd company logo

Sap inside track_2011_marks_sap_business_objects_security

S
sjohannes

This document summarizes a presentation on SAP BusinessObjects security essentials given by Dallas Marks. The presentation covered security basics in SAP BusinessObjects XI R2 and XI 3.x, including predefined rights, folder and group inheritance, and new features in XI 3.x like custom access levels and scope of rights. It included demonstrations of custom access levels, the permissions explorer, and security query tools. Best practices around granting rights to groups and documenting security structures were also discussed.

TechnologyBusiness
1 of 49
Download to read offline
SAP BusinessObjects Security Essentials Dallas Marks SAP Inside Track – St. Louis July 15, 2011
SAP BusinessObjects Security Essentials ] Dallas Marks Session 409 [ MIKE NARDUCCI ASUG ASSOCIATE MEMBER MEMBER SINCE: 1998 [ PHIL AWTRY ASUG INSTALLATION MEMBER MEMBER SINCE: 1999 [ STEPHANIE CLUNE ASUG INSTALLATION MEMBER MEMBER SINCE: 2004
[ Breakout Description In this presentation, learn how the SAP BusinessObjects security model works. Leverage features, such as inheritance, scope of rights, and custom access levels, to secure the business intelligence system, while reducing overall complexity and maintenance. Techniques will be demonstrated using SAP BusinessObjects XI that are also applicable to SAP BusinessObjects Edge BI. Real-world scenarios drive home the concepts learned and give each attendee the confidence to implement the same techniques back home. Real Experience. Real Advantage. 3
[ About Dallas Marks  Dallas Marks is a Senior Architect and Trainer at Kalvin Consulting, an SAP Services Partner focusing on business intelligence, business analytics and data warehousing. Kalvin is also a SAP BusinessObjects Authorized Education Provider, providing on-site education services at client locations throughout North America.  Dallas is an SAP Certified Application Associate and authorized trainer for Web Intelligence, Universe Design, Xcelsius, and SAP BusinessObjects Enterprise administration. A seasoned consultant and speaker, Dallas has worked with SAP BusinessObjects tools since 2003 and presented at the North American conference each year since 2006.  Dallas has implemented SAP BusinessObjects solutions for a number of industries, including energy, health care, and manufacturing. He holds a master’s degree in Computer Engineering from the University of Cincinnati.  Dallas blogs about various business intelligence topics at http://www.dallasmarks.org/. Real Experience. Real Advantage. 4
About Kalvin Consulting Mission • To be a world class consulting company by delivering innovative solutions and extraordinary service Our Values • Kalvin’s Success: Every customer is a successful customer • Kalvin’s Service: We value your time, we will get it right Expertise spans across all areas of BI • “Best of Breed” solution provider for Business Intelligence, Business Analytics, and Data Warehousing • Solution Blueprints, Roadmaps & Architecture • Installation, Configuration & Customization • Cross Platform & Cross Product Migrations • Reporting, dashboards & guided analysis • Cutting edge customization
About Kalvin’s Staff Corporate Office – Mason, Ohio • Dedicated sales, marketing, HR & administration staff • Dedicated support staff with lab and training center Virtual Offices – 25 Consultants • Greater Cincinnati, Dayton, Chicago, Atlanta & Boston • Strive to maintain 10% availability • Extensive network of independent consultants • Non-billable Delivery Manager to oversee the project deliverables and ensure client expectations are met
The Kalvin Difference Dedicated Team • Dedicated team of Kalvin employees. Kalvin is NOT a staffing company • Kalvin holds bi-weekly information sharing sessions and quarterly company events for our employees to stay connected and learn from each other. We had our first KalvinFest, in August 2009 Expertise • Kalvin is an end to end solutions provider from data integration, reporting, dashboard and visualization • Our dedicated team of consultants bring together a full range of technical expertise in all Business Intelligence and Data Integration products: SAP BI - BusinessObjects, IBM, Oracle, Microsoft BI and customization techniques using Java and .NET Partnerships • Kalvin believes each client is unique and works to build a long-term partnership
Kalvin’s BI Methodology Making BI Successful Data Ad-hoc Data Master Data Reporting Dashboards warehouse Data mining Analysis enhancement Management and cubes
Kalvin’s Best Practices Adopt the best from the industry Follow the best of BI standards Deploy the processes, policies and framework Create a repository of information for learning and training Share ideas and experiences by participating in User Groups & Conferences
[ Poll By a show of hands, are you using:  SAP Applications?  SAP BusinessObjects?  SAP BusinessObjects Business Intelligence 4.0 (ramp- up)? Real Experience. Real Advantage.
[ Does Security Setup Make You Angry? Real Experience. Real Advantage.
[ Agenda  SAP BusinessObjects Security Basics  Demonstration  Custom Access Levels, Permissions Explorer and Security Query  Best Practices  Next Steps  Your Questions Real Experience. Real Advantage.
[ SAP BusinessObjects Security Essentials SECURITY BASICS Real Experience. Real Advantage.
[ Terminology  Principal – a user or group  Rights override - a rights behavior in which rights that are set on child objects override the rights set on parent objects  General Global Rights – access rights enforced regardless of content type  Content Specific Rights – access rights unique to content type (Crystal Report, Web Intelligence, etc) Real Experience. Real Advantage.
[ Predefined Rights Rights Option Description XI R2 XI 3.x slightly No Access Unable to access an object yes different View Able to view historical (scheduled) instances of an object yes yes Schedule Able to schedule instances of an object yes yes View on Demand Able to view live data on-demand yes yes Full Control Able to change or delete an object yes yes Real Experience. Real Advantage.
[ Advanced/Granular Rights Rights Option Description XI R2 XI 3.x Granted The right is granted to a principal. yes yes Denied The right is denied to a principal. yes yes The right is unspecified for a principal. By Not Specified default, rights set to Not Specified are denied. yes yes The right applies to the object. This option becomes available when you click Granted or Apply to Object Denied. no yes The right applies to sub-objects. This option becomes available when you click Granted or Apply to Sub-Objects Denied. no yes Real Experience. Real Advantage.
[ Folder Inheritance Global Rights Top Level Folder Object Subfolder Object NOTE: In XI R2, global rights are set on the Rights tab Subfolder in the Settings management area. Object In XI 3.x, global rights are set in the Folders management area as “All Folders Security” Object Real Experience. Real Advantage.
[ Group Inheritance Rules eFashion Sales Managers 2008 eFashion East eFashion South eFashion West Barrett Richards Larry Leonard Bennett Steve Real Experience. Real Advantage.
[ Breaking Inheritance  Still possible in XI 3.x as it was in XI Release 2  Can disable folder inheritance, group inheritance, or both  May not be as necessary in XI 3.x because of new scope of rights features Real Experience. Real Advantage.
[ Custom Access Levels  New Management Area in CMC XI 3.x  Can create new access levels or copy existing access levels  Pre-defined rights (View, Schedule, View On Demand, Full Control) levels cannot be altered  Easier to manage than setting Advanced rights Real Experience. Real Advantage.
[ Scope of Rights  Scope of rights – new in XI 3.x, the ability to limit the extent of rights inheritance (Apply to Object, Apply to Sub-object)  In BusinessObjects Enterprise XI R2, the administrator was forced to break inheritance when they wanted to give user rights to child folders that were different to those given to the parent folder  In XI 3.x, rights are effective for both the parent object and the child objects by default (same as XI R2). However… Real Experience. Real Advantage.
[ Scope of Rights, cont.  With BusinessObjects Enterprise XI 3.x, the administrator can now specify that a right set on a parent object should apply to that object only. Real Experience. Real Advantage.
[ SAP BusinessObjects Security Essentials DEMONSTRATION Real Experience. Real Advantage.
[ Demonstration  Authentication Types  Users and Groups  Custom Access Levels  Permissions Explorer  Security Query Real Experience. Real Advantage.
[ Demonstration - Authentication Types  Enterprise  LDAP  Windows AD  Windows NT  SAP (requires SAP Integration Kit in releases prior to BI 4.0) Real Experience. Real Advantage. 25
[ Demonstration – Users & Groups Real Experience. Real Advantage.
[ Demonstration – Folders and Content Real Experience. Real Advantage.
[ SAP BusinessObjects Security Essentials DEMONSTRATION – CUSTOM ACCESS LEVELS Real Experience. Real Advantage.
[ Demonstration – Custom Access Levels Custom Access Level demo… Real Experience. Real Advantage.
[ SAP BusinessObjects Security Essentials PERMISSIONS EXPLORER AND SECURITY QUERY Real Experience. Real Advantage.
[ Permissions Explorer (object centric)  Use the Permissions Explorer to determine the rights a principal has on an object  Improvement upon Check User Rights button in XI Release 2. Check User Rights only identified the effective rights – the source of the rights assignment was still unknown  Available from any object (folder, document, universe, connection, etc.) that can have rights assigned Real Experience. Real Advantage.
[ Permissions Explorer Permissions Explorer demo… Real Experience. Real Advantage.
[ Security Query (user centric)  Use Security Query to determine the objects to which a principal has been granted or denied access.  Available from Users and Groups or Query Results Real Experience. Real Advantage.
[ Security Query – Query Principal Query Principal - the user or group that you want to run the security query for. You can specify one principal for each security query Real Experience. Real Advantage.
[ Security Query – Query Permission Query Permission - the right or rights you want to run the security query for, the status of these rights, and the object type these rights are set on Real Experience. Real Advantage.
[ Security Query – Query Context Query Context - the CMC areas that you want the security query to search. For each area, you can choose whether to include sub-objects in the security query. A security query can have a maximum of four areas Security Query demo… Real Experience. Real Advantage.
[ SAP BusinessObjects Security Essentials BEST PRACTICES Real Experience. Real Advantage.
[ Security Best Practices - XI R2 or XI 3.x  Grant rights to groups on folders. Although rights can be granted on individual objects or users, the security model can become difficult to maintain.  Use pre-defined rights wherever possible. Understand the additional complexity that advanced rights can introduce.  Avoid breaking inheritance, while understanding it is sometimes necessary  Add multiple users to Administrators group rather than sharing Administrator user account to improve traceability  Document and maintain your security structure outside of the CMC – MS Excel is a good choice Real Experience. Real Advantage.
[ Security Best Practices - XI 3.x  Allot time in your upgrade/migration for administrative staff to understand both the new CMC interface/workflows as well as its new features  Use custom access levels where you would have previously resorted to advanced rights.  Identify opportunities to limit the scope of rights instead of breaking inheritance  Take advantage of the Permissions Explorer and Security Query tools to diagnose and correct security issues Real Experience. Real Advantage.
[ SAP BusinessObjects Security Essentials NEXT STEPS Real Experience. Real Advantage. 40
[ Relevant ASUG SBOUC 2010 Breakout Sessions  I can CAL, can you? (Custom Access Levels) Sandra Brotje | Session 0405 Tuesday, October 5, 2010 | 4:00 PM – 5:00 PM Real Experience. Real Advantage. 41
[ Recommended Reading  SAP BusinessObjects Enterprise Administrator’s Guide  SAP BusinessObjects Enterprise XI 3.0/3.1 Upgrade Guide  SAP BusinessObjects 5/6 to XI 3.1 Migration Guide Visit the SAP Help Portal at http://help.sap.com to download these resources. Real Experience. Real Advantage. 42
[ Relevant Education  SAP BusinessObjects Enterprise XI 3.0/3.1: Administration and Security 2 days - course code BOE310  SAP BusinessObjects Enterprise XI 3.0/3.1: Administering Servers 3 days - course code BOE320  SAP BusinessObjects Enterprise XI 3.0/3.1: Designing and Deploying a Solution 4 days - course code BOE330 Official SAP BusinessObjects curriculum is available on-site at your location or at authorized education centers around the world. Real Experience. Real Advantage. 43
[ SAP BusinessObjects Security Essentials YOUR QUESTIONS Real Experience. Real Advantage. 44
[ SAP BusinessObjects Security Essentials COMPARING XI R2 AND XI 3.X SECURITY Real Experience. Real Advantage.
[ Default Users and Groups Users XI R2 XI 3.x Administrator yes yes Guest yes yes QaaWSServletPrincipal no yes PMUser yes no Set Administrator password during install? no yes Guest user disabled by default? no yes Groups XI R2 XI 3.x Administrators yes yes Everyone yes yes QaaWS Group Designer no yes Report Conversion Tool Users yes yes BusinessObjects NT Users yes no Universe Designer users yes yes Translators no yes Real Experience. Real Advantage.
[ Security Features Feature XI R2 XI 3.x Folder Inheritance yes yes Group Inheritance yes yes Predefined Access Levels yes yes No Access yes yes* View yes yes Schedule yes yes View On Demand yes yes Full Control yes yes Advanced Rights yes yes Custom Access Levels no yes Break Inheritance yes yes Scope of Rights no yes Combined Access Levels no yes Real Experience. Real Advantage.
[ Security Applications Application XI R2 XI 3.x Central Management Console yes yes! Web Component Adapter (WCA) yes no Administrative Launchpad yes no Query Builder yes yes Security Viewer Add-on yes no Security Query no yes Permissions Explorer no yes Real Experience. Real Advantage.
[  Thank you for participating. Please remember to complete and return your evaluation form following this session. For ongoing education on this area of focus, visit the Year- Round Community page at www.asug.com/yrc ] [ SESSION CODE: 409 Dallas Marks Senior Architect and Trainer dallas@kalvinsoft.com http://dallasmarks.org/ For more information about Kalvin Consulting http://www.kalvinsoft.com/ Follow us on Twitter at @kalvinsoft. contact@kalvinsoft.com Real Experience. Real Advantage. 513.492.9120 49

Recommended

Iris-Corp's corporate business profile
Iris-Corp's corporate business profileIris-Corp's corporate business profile
Iris-Corp's corporate business profileIris Corporate Solutions Pvt. Ltd.
 
IBM BP Kickoff 2013 VDI Solutions
IBM BP Kickoff 2013 VDI SolutionsIBM BP Kickoff 2013 VDI Solutions
IBM BP Kickoff 2013 VDI SolutionsIBM Danmark
 
IGC Solutions for IBM ECM
IGC Solutions for IBM ECMIGC Solutions for IBM ECM
IGC Solutions for IBM ECMkaterogersbrown
 
How to Select a DAM System
How to Select a DAM SystemHow to Select a DAM System
How to Select a DAM SystemIrina Guseva
 
DAM 101
DAM 101DAM 101
DAM 101Irina Guseva
 
Verdens bedste BPM-platform leveret som cloud, Christian A. Givskov, IBM
Verdens bedste BPM-platform leveret som cloud, Christian A. Givskov, IBMVerdens bedste BPM-platform leveret som cloud, Christian A. Givskov, IBM
Verdens bedste BPM-platform leveret som cloud, Christian A. Givskov, IBMIBM Danmark
 
KBACE Data Quality Management Webinar
KBACE Data Quality Management WebinarKBACE Data Quality Management Webinar
KBACE Data Quality Management WebinarKBACE Technologies, Inc.
 
Managing content in_a_mobile_world
Managing content in_a_mobile_worldManaging content in_a_mobile_world
Managing content in_a_mobile_worldQuestexConf
 

Recommended

Iris-Corp's corporate business profile
Iris-Corp's corporate business profileIris-Corp's corporate business profile
Iris-Corp's corporate business profileIris Corporate Solutions Pvt. Ltd.
 
IBM BP Kickoff 2013 VDI Solutions
IBM BP Kickoff 2013 VDI SolutionsIBM BP Kickoff 2013 VDI Solutions
IBM BP Kickoff 2013 VDI SolutionsIBM Danmark
 
IGC Solutions for IBM ECM
IGC Solutions for IBM ECMIGC Solutions for IBM ECM
IGC Solutions for IBM ECMkaterogersbrown
 
How to Select a DAM System
How to Select a DAM SystemHow to Select a DAM System
How to Select a DAM SystemIrina Guseva
 
DAM 101
DAM 101DAM 101
DAM 101Irina Guseva
 
Verdens bedste BPM-platform leveret som cloud, Christian A. Givskov, IBM
Verdens bedste BPM-platform leveret som cloud, Christian A. Givskov, IBMVerdens bedste BPM-platform leveret som cloud, Christian A. Givskov, IBM
Verdens bedste BPM-platform leveret som cloud, Christian A. Givskov, IBMIBM Danmark
 
KBACE Data Quality Management Webinar
KBACE Data Quality Management WebinarKBACE Data Quality Management Webinar
KBACE Data Quality Management WebinarKBACE Technologies, Inc.
 
Managing content in_a_mobile_world
Managing content in_a_mobile_worldManaging content in_a_mobile_world
Managing content in_a_mobile_worldQuestexConf
 
Bi ecm a_shotgun_wedding
Bi ecm a_shotgun_weddingBi ecm a_shotgun_wedding
Bi ecm a_shotgun_weddingQuestexConf
 
It infrastructure cost reduction vision v5 customer
It infrastructure cost reduction vision v5 customerIt infrastructure cost reduction vision v5 customer
It infrastructure cost reduction vision v5 customerddeschenes99
 
Ecm mythbusters the_real_story_behind_vendor_marketing
Ecm mythbusters the_real_story_behind_vendor_marketingEcm mythbusters the_real_story_behind_vendor_marketing
Ecm mythbusters the_real_story_behind_vendor_marketingQuestexConf
 
Vision dt solutions vmug leeds
Vision dt solutions vmug leedsVision dt solutions vmug leeds
Vision dt solutions vmug leedssubtitle
 
Ibm pure flex overview cust pr
Ibm pure flex overview cust prIbm pure flex overview cust pr
Ibm pure flex overview cust prNatalija Pavic
 
Tally.ERP 9 for fixed asset life cycle
Tally.ERP 9 for fixed asset life cycleTally.ERP 9 for fixed asset life cycle
Tally.ERP 9 for fixed asset life cycleTally Solutions Pvt Ltd
 
Innovative Case Study V02
Innovative Case Study V02Innovative Case Study V02
Innovative Case Study V02eshannon
 
MIB and Maximo
MIB and MaximoMIB and Maximo
MIB and MaximoJulong Tanavongchinda
 
Ugif 12 2011-discover informix keynote 2012
Ugif 12 2011-discover informix keynote 2012Ugif 12 2011-discover informix keynote 2012
Ugif 12 2011-discover informix keynote 2012UGIF
 
IBM Smart Business Desktop on the IBM Cloud
IBM Smart Business Desktop on the IBM CloudIBM Smart Business Desktop on the IBM Cloud
IBM Smart Business Desktop on the IBM CloudChris Pepin
 
Succeeding with Service Agreements
Succeeding with Service AgreementsSucceeding with Service Agreements
Succeeding with Service AgreementsITSM Academy, Inc.
 
Contemporary Unified Communications and Contact Center: Better Together
Contemporary Unified Communications and Contact Center: Better TogetherContemporary Unified Communications and Contact Center: Better Together
Contemporary Unified Communications and Contact Center: Better TogetherAvtex
 
Agile 2012 Conference briefing deck for Analyst and Press
Agile 2012 Conference briefing deck for Analyst and Press Agile 2012 Conference briefing deck for Analyst and Press
Agile 2012 Conference briefing deck for Analyst and Press Laszlo Szalvay
 
Managed Services Seminar Presentation
Managed Services Seminar PresentationManaged Services Seminar Presentation
Managed Services Seminar Presentationgerrymark
 
ASUG 2010 - Structuring your Testing Chaos with Solution Manager
ASUG 2010 - Structuring your Testing Chaos with Solution ManagerASUG 2010 - Structuring your Testing Chaos with Solution Manager
ASUG 2010 - Structuring your Testing Chaos with Solution ManagerSabine Margolis
 
Discover what´s new in Windows 8 Active Directory
Discover what´s new in Windows 8 Active DirectoryDiscover what´s new in Windows 8 Active Directory
Discover what´s new in Windows 8 Active DirectoryMicrosoft TechNet - Belgium and Luxembourg
 
Maximizing the Revenue from Your Digital Goods Principles of High Performance...
Maximizing the Revenue from Your Digital Goods Principles of High Performance...Maximizing the Revenue from Your Digital Goods Principles of High Performance...
Maximizing the Revenue from Your Digital Goods Principles of High Performance...Flexera
 
Introducing Deployit 3.8
Introducing Deployit 3.8 Introducing Deployit 3.8
Introducing Deployit 3.8 XebiaLabs
 
Why scaled agile frameworks exist and why you don't need them
Why scaled agile frameworks exist and why you don't need themWhy scaled agile frameworks exist and why you don't need them
Why scaled agile frameworks exist and why you don't need themKillick Agile Consulting Services
 
Award Winning Data Governance
Award Winning Data GovernanceAward Winning Data Governance
Award Winning Data GovernanceDATAVERSITY
 
Consulting Overview for Sales Implementation Team
Consulting Overview for Sales Implementation TeamConsulting Overview for Sales Implementation Team
Consulting Overview for Sales Implementation TeamJudy Hogan
 
Real User Experience Insight
Real User Experience InsightReal User Experience Insight
Real User Experience Insightruiruitang
 

More Related Content

What's hot

Bi ecm a_shotgun_wedding
Bi ecm a_shotgun_weddingBi ecm a_shotgun_wedding
Bi ecm a_shotgun_weddingQuestexConf
 
It infrastructure cost reduction vision v5 customer
It infrastructure cost reduction vision v5 customerIt infrastructure cost reduction vision v5 customer
It infrastructure cost reduction vision v5 customerddeschenes99
 
Ecm mythbusters the_real_story_behind_vendor_marketing
Ecm mythbusters the_real_story_behind_vendor_marketingEcm mythbusters the_real_story_behind_vendor_marketing
Ecm mythbusters the_real_story_behind_vendor_marketingQuestexConf
 
Vision dt solutions vmug leeds
Vision dt solutions vmug leedsVision dt solutions vmug leeds
Vision dt solutions vmug leedssubtitle
 
Ibm pure flex overview cust pr
Ibm pure flex overview cust prIbm pure flex overview cust pr
Ibm pure flex overview cust prNatalija Pavic
 
Innovative Case Study V02
Innovative Case Study V02Innovative Case Study V02
Innovative Case Study V02eshannon
 
Ugif 12 2011-discover informix keynote 2012
Ugif 12 2011-discover informix keynote 2012Ugif 12 2011-discover informix keynote 2012
Ugif 12 2011-discover informix keynote 2012UGIF
 
IBM Smart Business Desktop on the IBM Cloud
IBM Smart Business Desktop on the IBM CloudIBM Smart Business Desktop on the IBM Cloud
IBM Smart Business Desktop on the IBM CloudChris Pepin
 
Succeeding with Service Agreements
Succeeding with Service AgreementsSucceeding with Service Agreements
Succeeding with Service AgreementsITSM Academy, Inc.
 
Contemporary Unified Communications and Contact Center: Better Together
Contemporary Unified Communications and Contact Center: Better TogetherContemporary Unified Communications and Contact Center: Better Together
Contemporary Unified Communications and Contact Center: Better TogetherAvtex
 
Agile 2012 Conference briefing deck for Analyst and Press
Agile 2012 Conference briefing deck for Analyst and Press Agile 2012 Conference briefing deck for Analyst and Press
Agile 2012 Conference briefing deck for Analyst and Press Laszlo Szalvay
 
Managed Services Seminar Presentation
Managed Services Seminar PresentationManaged Services Seminar Presentation
Managed Services Seminar Presentationgerrymark
 

What's hot (14)

Bi ecm a_shotgun_wedding
Bi ecm a_shotgun_weddingBi ecm a_shotgun_wedding
Bi ecm a_shotgun_wedding
 
It infrastructure cost reduction vision v5 customer
It infrastructure cost reduction vision v5 customerIt infrastructure cost reduction vision v5 customer
It infrastructure cost reduction vision v5 customer
 
Ecm mythbusters the_real_story_behind_vendor_marketing
Ecm mythbusters the_real_story_behind_vendor_marketingEcm mythbusters the_real_story_behind_vendor_marketing
Ecm mythbusters the_real_story_behind_vendor_marketing
 
Vision dt solutions vmug leeds
Vision dt solutions vmug leedsVision dt solutions vmug leeds
Vision dt solutions vmug leeds
 
Ibm pure flex overview cust pr
Ibm pure flex overview cust prIbm pure flex overview cust pr
Ibm pure flex overview cust pr
 
Tally.ERP 9 for fixed asset life cycle
Tally.ERP 9 for fixed asset life cycleTally.ERP 9 for fixed asset life cycle
Tally.ERP 9 for fixed asset life cycle
 
Innovative Case Study V02
Innovative Case Study V02Innovative Case Study V02
Innovative Case Study V02
 
MIB and Maximo
MIB and MaximoMIB and Maximo
MIB and Maximo
 
Ugif 12 2011-discover informix keynote 2012
Ugif 12 2011-discover informix keynote 2012Ugif 12 2011-discover informix keynote 2012
Ugif 12 2011-discover informix keynote 2012
 
IBM Smart Business Desktop on the IBM Cloud
IBM Smart Business Desktop on the IBM CloudIBM Smart Business Desktop on the IBM Cloud
IBM Smart Business Desktop on the IBM Cloud
 
Succeeding with Service Agreements
Succeeding with Service AgreementsSucceeding with Service Agreements
Succeeding with Service Agreements
 
Contemporary Unified Communications and Contact Center: Better Together
Contemporary Unified Communications and Contact Center: Better TogetherContemporary Unified Communications and Contact Center: Better Together
Contemporary Unified Communications and Contact Center: Better Together
 
Agile 2012 Conference briefing deck for Analyst and Press
Agile 2012 Conference briefing deck for Analyst and Press Agile 2012 Conference briefing deck for Analyst and Press
Agile 2012 Conference briefing deck for Analyst and Press
 
Managed Services Seminar Presentation
Managed Services Seminar PresentationManaged Services Seminar Presentation
Managed Services Seminar Presentation
 

Similar to Sap inside track_2011_marks_sap_business_objects_security

ASUG 2010 - Structuring your Testing Chaos with Solution Manager
ASUG 2010 - Structuring your Testing Chaos with Solution ManagerASUG 2010 - Structuring your Testing Chaos with Solution Manager
ASUG 2010 - Structuring your Testing Chaos with Solution ManagerSabine Margolis
 
Maximizing the Revenue from Your Digital Goods Principles of High Performance...
Maximizing the Revenue from Your Digital Goods Principles of High Performance...Maximizing the Revenue from Your Digital Goods Principles of High Performance...
Maximizing the Revenue from Your Digital Goods Principles of High Performance...Flexera
 
Introducing Deployit 3.8
Introducing Deployit 3.8 Introducing Deployit 3.8
Introducing Deployit 3.8 XebiaLabs
 
Why scaled agile frameworks exist and why you don't need them
Why scaled agile frameworks exist and why you don't need themWhy scaled agile frameworks exist and why you don't need them
Why scaled agile frameworks exist and why you don't need themKillick Agile Consulting Services
 
Award Winning Data Governance
Award Winning Data GovernanceAward Winning Data Governance
Award Winning Data GovernanceDATAVERSITY
 
Consulting Overview for Sales Implementation Team
Consulting Overview for Sales Implementation TeamConsulting Overview for Sales Implementation Team
Consulting Overview for Sales Implementation TeamJudy Hogan
 
Real User Experience Insight
Real User Experience InsightReal User Experience Insight
Real User Experience Insightruiruitang
 
Real User Experience Insight
Real User Experience InsightReal User Experience Insight
Real User Experience Insightruiruitang
 
Real User Experience Insight
Real User Experience InsightReal User Experience Insight
Real User Experience Insightruiruitang
 
Oracle Fusion Applications Security - Designing Roles
Oracle Fusion Applications Security - Designing RolesOracle Fusion Applications Security - Designing Roles
Oracle Fusion Applications Security - Designing Roleskmundy
 
IBM Rational Software Conference 2009 Day 2 Keynote: Al Zollar
IBM Rational Software Conference 2009 Day 2 Keynote: Al ZollarIBM Rational Software Conference 2009 Day 2 Keynote: Al Zollar
IBM Rational Software Conference 2009 Day 2 Keynote: Al ZollarKathy (Kat) Mandelstein
 
Role Discovery and RBAC Design: A Case Study with IBM Role and Policy Modeler
Role Discovery and RBAC Design: A Case Study with IBM Role and Policy ModelerRole Discovery and RBAC Design: A Case Study with IBM Role and Policy Modeler
Role Discovery and RBAC Design: A Case Study with IBM Role and Policy ModelerProlifics
 
Requirements at the speed of light
Requirements at the speed of lightRequirements at the speed of light
Requirements at the speed of lightseimel
 
Top Five Reasons to Upgrade to SAP NetWeaver Portal 7.3
Top Five Reasons to Upgrade to SAP NetWeaver Portal 7.3Top Five Reasons to Upgrade to SAP NetWeaver Portal 7.3
Top Five Reasons to Upgrade to SAP NetWeaver Portal 7.3SAP Portal
 
IIBA Facilitation Skills For Business Analysis v2
IIBA Facilitation Skills For Business Analysis v2IIBA Facilitation Skills For Business Analysis v2
IIBA Facilitation Skills For Business Analysis v2Rick Walters
 
Pulse Design & Delivery Panel
Pulse Design & Delivery PanelPulse Design & Delivery Panel
Pulse Design & Delivery PanelMauricio Godoy
 
Pro JavaFX Platform - Building Enterprise Applications with JavaFX
Pro JavaFX Platform - Building Enterprise Applications with JavaFXPro JavaFX Platform - Building Enterprise Applications with JavaFX
Pro JavaFX Platform - Building Enterprise Applications with JavaFXStephen Chin
 

Similar to Sap inside track_2011_marks_sap_business_objects_security (20)

ASUG 2010 - Structuring your Testing Chaos with Solution Manager
ASUG 2010 - Structuring your Testing Chaos with Solution ManagerASUG 2010 - Structuring your Testing Chaos with Solution Manager
ASUG 2010 - Structuring your Testing Chaos with Solution Manager
 
Discover what´s new in Windows 8 Active Directory
Discover what´s new in Windows 8 Active DirectoryDiscover what´s new in Windows 8 Active Directory
Discover what´s new in Windows 8 Active Directory
 
Maximizing the Revenue from Your Digital Goods Principles of High Performance...
Maximizing the Revenue from Your Digital Goods Principles of High Performance...Maximizing the Revenue from Your Digital Goods Principles of High Performance...
Maximizing the Revenue from Your Digital Goods Principles of High Performance...
 
Introducing Deployit 3.8
Introducing Deployit 3.8 Introducing Deployit 3.8
Introducing Deployit 3.8
 
Why scaled agile frameworks exist and why you don't need them
Why scaled agile frameworks exist and why you don't need themWhy scaled agile frameworks exist and why you don't need them
Why scaled agile frameworks exist and why you don't need them
 
Award Winning Data Governance
Award Winning Data GovernanceAward Winning Data Governance
Award Winning Data Governance
 
Consulting Overview for Sales Implementation Team
Consulting Overview for Sales Implementation TeamConsulting Overview for Sales Implementation Team
Consulting Overview for Sales Implementation Team
 
Real User Experience Insight
Real User Experience InsightReal User Experience Insight
Real User Experience Insight
 
Real User Experience Insight
Real User Experience InsightReal User Experience Insight
Real User Experience Insight
 
Real User Experience Insight
Real User Experience InsightReal User Experience Insight
Real User Experience Insight
 
Oracle Fusion Applications Security - Designing Roles
Oracle Fusion Applications Security - Designing RolesOracle Fusion Applications Security - Designing Roles
Oracle Fusion Applications Security - Designing Roles
 
IBM Rational Software Conference 2009 Day 2 Keynote: Al Zollar
IBM Rational Software Conference 2009 Day 2 Keynote: Al ZollarIBM Rational Software Conference 2009 Day 2 Keynote: Al Zollar
IBM Rational Software Conference 2009 Day 2 Keynote: Al Zollar
 
Role Discovery and RBAC Design: A Case Study with IBM Role and Policy Modeler
Role Discovery and RBAC Design: A Case Study with IBM Role and Policy ModelerRole Discovery and RBAC Design: A Case Study with IBM Role and Policy Modeler
Role Discovery and RBAC Design: A Case Study with IBM Role and Policy Modeler
 
Big Data as a Service
Big Data as a ServiceBig Data as a Service
Big Data as a Service
 
Requirements at the speed of light
Requirements at the speed of lightRequirements at the speed of light
Requirements at the speed of light
 
Top Five Reasons to Upgrade to SAP NetWeaver Portal 7.3
Top Five Reasons to Upgrade to SAP NetWeaver Portal 7.3Top Five Reasons to Upgrade to SAP NetWeaver Portal 7.3
Top Five Reasons to Upgrade to SAP NetWeaver Portal 7.3
 
Utah PMA Quarterly Meeting, June, 2009
Utah PMA Quarterly Meeting, June, 2009Utah PMA Quarterly Meeting, June, 2009
Utah PMA Quarterly Meeting, June, 2009
 
IIBA Facilitation Skills For Business Analysis v2
IIBA Facilitation Skills For Business Analysis v2IIBA Facilitation Skills For Business Analysis v2
IIBA Facilitation Skills For Business Analysis v2
 
Pulse Design & Delivery Panel
Pulse Design & Delivery PanelPulse Design & Delivery Panel
Pulse Design & Delivery Panel
 
Pro JavaFX Platform - Building Enterprise Applications with JavaFX
Pro JavaFX Platform - Building Enterprise Applications with JavaFXPro JavaFX Platform - Building Enterprise Applications with JavaFX
Pro JavaFX Platform - Building Enterprise Applications with JavaFX
 

Recently uploaded

Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 

Recently uploaded (20)

Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 

Sap inside track_2011_marks_sap_business_objects_security

  • 1. SAP BusinessObjects Security Essentials Dallas Marks SAP Inside Track – St. Louis July 15, 2011
  • 2. SAP BusinessObjects Security Essentials ] Dallas Marks Session 409 [ MIKE NARDUCCI ASUG ASSOCIATE MEMBER MEMBER SINCE: 1998 [ PHIL AWTRY ASUG INSTALLATION MEMBER MEMBER SINCE: 1999 [ STEPHANIE CLUNE ASUG INSTALLATION MEMBER MEMBER SINCE: 2004
  • 3. [ Breakout Description In this presentation, learn how the SAP BusinessObjects security model works. Leverage features, such as inheritance, scope of rights, and custom access levels, to secure the business intelligence system, while reducing overall complexity and maintenance. Techniques will be demonstrated using SAP BusinessObjects XI that are also applicable to SAP BusinessObjects Edge BI. Real-world scenarios drive home the concepts learned and give each attendee the confidence to implement the same techniques back home. Real Experience. Real Advantage. 3
  • 4. [ About Dallas Marks  Dallas Marks is a Senior Architect and Trainer at Kalvin Consulting, an SAP Services Partner focusing on business intelligence, business analytics and data warehousing. Kalvin is also a SAP BusinessObjects Authorized Education Provider, providing on-site education services at client locations throughout North America.  Dallas is an SAP Certified Application Associate and authorized trainer for Web Intelligence, Universe Design, Xcelsius, and SAP BusinessObjects Enterprise administration. A seasoned consultant and speaker, Dallas has worked with SAP BusinessObjects tools since 2003 and presented at the North American conference each year since 2006.  Dallas has implemented SAP BusinessObjects solutions for a number of industries, including energy, health care, and manufacturing. He holds a master’s degree in Computer Engineering from the University of Cincinnati.  Dallas blogs about various business intelligence topics at http://www.dallasmarks.org/. Real Experience. Real Advantage. 4
  • 5. About Kalvin Consulting Mission • To be a world class consulting company by delivering innovative solutions and extraordinary service Our Values • Kalvin’s Success: Every customer is a successful customer • Kalvin’s Service: We value your time, we will get it right Expertise spans across all areas of BI • “Best of Breed” solution provider for Business Intelligence, Business Analytics, and Data Warehousing • Solution Blueprints, Roadmaps & Architecture • Installation, Configuration & Customization • Cross Platform & Cross Product Migrations • Reporting, dashboards & guided analysis • Cutting edge customization
  • 6. About Kalvin’s Staff Corporate Office – Mason, Ohio • Dedicated sales, marketing, HR & administration staff • Dedicated support staff with lab and training center Virtual Offices – 25 Consultants • Greater Cincinnati, Dayton, Chicago, Atlanta & Boston • Strive to maintain 10% availability • Extensive network of independent consultants • Non-billable Delivery Manager to oversee the project deliverables and ensure client expectations are met
  • 7. The Kalvin Difference Dedicated Team • Dedicated team of Kalvin employees. Kalvin is NOT a staffing company • Kalvin holds bi-weekly information sharing sessions and quarterly company events for our employees to stay connected and learn from each other. We had our first KalvinFest, in August 2009 Expertise • Kalvin is an end to end solutions provider from data integration, reporting, dashboard and visualization • Our dedicated team of consultants bring together a full range of technical expertise in all Business Intelligence and Data Integration products: SAP BI - BusinessObjects, IBM, Oracle, Microsoft BI and customization techniques using Java and .NET Partnerships • Kalvin believes each client is unique and works to build a long-term partnership
  • 8. Kalvin’s BI Methodology Making BI Successful Data Ad-hoc Data Master Data Reporting Dashboards warehouse Data mining Analysis enhancement Management and cubes
  • 9. Kalvin’s Best Practices Adopt the best from the industry Follow the best of BI standards Deploy the processes, policies and framework Create a repository of information for learning and training Share ideas and experiences by participating in User Groups & Conferences
  • 10. [ Poll By a show of hands, are you using:  SAP Applications?  SAP BusinessObjects?  SAP BusinessObjects Business Intelligence 4.0 (ramp- up)? Real Experience. Real Advantage.
  • 11. [ Does Security Setup Make You Angry? Real Experience. Real Advantage.
  • 12. [ Agenda  SAP BusinessObjects Security Basics  Demonstration  Custom Access Levels, Permissions Explorer and Security Query  Best Practices  Next Steps  Your Questions Real Experience. Real Advantage.
  • 13. [ SAP BusinessObjects Security Essentials SECURITY BASICS Real Experience. Real Advantage.
  • 14. [ Terminology  Principal – a user or group  Rights override - a rights behavior in which rights that are set on child objects override the rights set on parent objects  General Global Rights – access rights enforced regardless of content type  Content Specific Rights – access rights unique to content type (Crystal Report, Web Intelligence, etc) Real Experience. Real Advantage.
  • 15. [ Predefined Rights Rights Option Description XI R2 XI 3.x slightly No Access Unable to access an object yes different View Able to view historical (scheduled) instances of an object yes yes Schedule Able to schedule instances of an object yes yes View on Demand Able to view live data on-demand yes yes Full Control Able to change or delete an object yes yes Real Experience. Real Advantage.
  • 16. [ Advanced/Granular Rights Rights Option Description XI R2 XI 3.x Granted The right is granted to a principal. yes yes Denied The right is denied to a principal. yes yes The right is unspecified for a principal. By Not Specified default, rights set to Not Specified are denied. yes yes The right applies to the object. This option becomes available when you click Granted or Apply to Object Denied. no yes The right applies to sub-objects. This option becomes available when you click Granted or Apply to Sub-Objects Denied. no yes Real Experience. Real Advantage.
  • 17. [ Folder Inheritance Global Rights Top Level Folder Object Subfolder Object NOTE: In XI R2, global rights are set on the Rights tab Subfolder in the Settings management area. Object In XI 3.x, global rights are set in the Folders management area as “All Folders Security” Object Real Experience. Real Advantage.
  • 18. [ Group Inheritance Rules eFashion Sales Managers 2008 eFashion East eFashion South eFashion West Barrett Richards Larry Leonard Bennett Steve Real Experience. Real Advantage.
  • 19. [ Breaking Inheritance  Still possible in XI 3.x as it was in XI Release 2  Can disable folder inheritance, group inheritance, or both  May not be as necessary in XI 3.x because of new scope of rights features Real Experience. Real Advantage.
  • 20. [ Custom Access Levels  New Management Area in CMC XI 3.x  Can create new access levels or copy existing access levels  Pre-defined rights (View, Schedule, View On Demand, Full Control) levels cannot be altered  Easier to manage than setting Advanced rights Real Experience. Real Advantage.
  • 21. [ Scope of Rights  Scope of rights – new in XI 3.x, the ability to limit the extent of rights inheritance (Apply to Object, Apply to Sub-object)  In BusinessObjects Enterprise XI R2, the administrator was forced to break inheritance when they wanted to give user rights to child folders that were different to those given to the parent folder  In XI 3.x, rights are effective for both the parent object and the child objects by default (same as XI R2). However… Real Experience. Real Advantage.
  • 22. [ Scope of Rights, cont.  With BusinessObjects Enterprise XI 3.x, the administrator can now specify that a right set on a parent object should apply to that object only. Real Experience. Real Advantage.
  • 23. [ SAP BusinessObjects Security Essentials DEMONSTRATION Real Experience. Real Advantage.
  • 24. [ Demonstration  Authentication Types  Users and Groups  Custom Access Levels  Permissions Explorer  Security Query Real Experience. Real Advantage.
  • 25. [ Demonstration - Authentication Types  Enterprise  LDAP  Windows AD  Windows NT  SAP (requires SAP Integration Kit in releases prior to BI 4.0) Real Experience. Real Advantage. 25
  • 26. [ Demonstration – Users & Groups Real Experience. Real Advantage.
  • 27. [ Demonstration – Folders and Content Real Experience. Real Advantage.
  • 28. [ SAP BusinessObjects Security Essentials DEMONSTRATION – CUSTOM ACCESS LEVELS Real Experience. Real Advantage.
  • 29. [ Demonstration – Custom Access Levels Custom Access Level demo… Real Experience. Real Advantage.
  • 30. [ SAP BusinessObjects Security Essentials PERMISSIONS EXPLORER AND SECURITY QUERY Real Experience. Real Advantage.
  • 31. [ Permissions Explorer (object centric)  Use the Permissions Explorer to determine the rights a principal has on an object  Improvement upon Check User Rights button in XI Release 2. Check User Rights only identified the effective rights – the source of the rights assignment was still unknown  Available from any object (folder, document, universe, connection, etc.) that can have rights assigned Real Experience. Real Advantage.
  • 32. [ Permissions Explorer Permissions Explorer demo… Real Experience. Real Advantage.
  • 33. [ Security Query (user centric)  Use Security Query to determine the objects to which a principal has been granted or denied access.  Available from Users and Groups or Query Results Real Experience. Real Advantage.
  • 34. [ Security Query – Query Principal Query Principal - the user or group that you want to run the security query for. You can specify one principal for each security query Real Experience. Real Advantage.
  • 35. [ Security Query – Query Permission Query Permission - the right or rights you want to run the security query for, the status of these rights, and the object type these rights are set on Real Experience. Real Advantage.
  • 36. [ Security Query – Query Context Query Context - the CMC areas that you want the security query to search. For each area, you can choose whether to include sub-objects in the security query. A security query can have a maximum of four areas Security Query demo… Real Experience. Real Advantage.
  • 37. [ SAP BusinessObjects Security Essentials BEST PRACTICES Real Experience. Real Advantage.
  • 38. [ Security Best Practices - XI R2 or XI 3.x  Grant rights to groups on folders. Although rights can be granted on individual objects or users, the security model can become difficult to maintain.  Use pre-defined rights wherever possible. Understand the additional complexity that advanced rights can introduce.  Avoid breaking inheritance, while understanding it is sometimes necessary  Add multiple users to Administrators group rather than sharing Administrator user account to improve traceability  Document and maintain your security structure outside of the CMC – MS Excel is a good choice Real Experience. Real Advantage.
  • 39. [ Security Best Practices - XI 3.x  Allot time in your upgrade/migration for administrative staff to understand both the new CMC interface/workflows as well as its new features  Use custom access levels where you would have previously resorted to advanced rights.  Identify opportunities to limit the scope of rights instead of breaking inheritance  Take advantage of the Permissions Explorer and Security Query tools to diagnose and correct security issues Real Experience. Real Advantage.
  • 40. [ SAP BusinessObjects Security Essentials NEXT STEPS Real Experience. Real Advantage. 40
  • 41. [ Relevant ASUG SBOUC 2010 Breakout Sessions  I can CAL, can you? (Custom Access Levels) Sandra Brotje | Session 0405 Tuesday, October 5, 2010 | 4:00 PM – 5:00 PM Real Experience. Real Advantage. 41
  • 42. [ Recommended Reading  SAP BusinessObjects Enterprise Administrator’s Guide  SAP BusinessObjects Enterprise XI 3.0/3.1 Upgrade Guide  SAP BusinessObjects 5/6 to XI 3.1 Migration Guide Visit the SAP Help Portal at http://help.sap.com to download these resources. Real Experience. Real Advantage. 42
  • 43. [ Relevant Education  SAP BusinessObjects Enterprise XI 3.0/3.1: Administration and Security 2 days - course code BOE310  SAP BusinessObjects Enterprise XI 3.0/3.1: Administering Servers 3 days - course code BOE320  SAP BusinessObjects Enterprise XI 3.0/3.1: Designing and Deploying a Solution 4 days - course code BOE330 Official SAP BusinessObjects curriculum is available on-site at your location or at authorized education centers around the world. Real Experience. Real Advantage. 43
  • 44. [ SAP BusinessObjects Security Essentials YOUR QUESTIONS Real Experience. Real Advantage. 44
  • 45. [ SAP BusinessObjects Security Essentials COMPARING XI R2 AND XI 3.X SECURITY Real Experience. Real Advantage.
  • 46. [ Default Users and Groups Users XI R2 XI 3.x Administrator yes yes Guest yes yes QaaWSServletPrincipal no yes PMUser yes no Set Administrator password during install? no yes Guest user disabled by default? no yes Groups XI R2 XI 3.x Administrators yes yes Everyone yes yes QaaWS Group Designer no yes Report Conversion Tool Users yes yes BusinessObjects NT Users yes no Universe Designer users yes yes Translators no yes Real Experience. Real Advantage.
  • 47. [ Security Features Feature XI R2 XI 3.x Folder Inheritance yes yes Group Inheritance yes yes Predefined Access Levels yes yes No Access yes yes* View yes yes Schedule yes yes View On Demand yes yes Full Control yes yes Advanced Rights yes yes Custom Access Levels no yes Break Inheritance yes yes Scope of Rights no yes Combined Access Levels no yes Real Experience. Real Advantage.
  • 48. [ Security Applications Application XI R2 XI 3.x Central Management Console yes yes! Web Component Adapter (WCA) yes no Administrative Launchpad yes no Query Builder yes yes Security Viewer Add-on yes no Security Query no yes Permissions Explorer no yes Real Experience. Real Advantage.
  • 49. [  Thank you for participating. Please remember to complete and return your evaluation form following this session. For ongoing education on this area of focus, visit the Year- Round Community page at www.asug.com/yrc ] [ SESSION CODE: 409 Dallas Marks Senior Architect and Trainer dallas@kalvinsoft.com http://dallasmarks.org/ For more information about Kalvin Consulting http://www.kalvinsoft.com/ Follow us on Twitter at @kalvinsoft. contact@kalvinsoft.com Real Experience. Real Advantage. 513.492.9120 49