SAP BusinessObjects Planning and Consolidation: Administrator and Power User Best Practices for Configuring Authorizations and Authentication

  • by Ryan Leask, Senior Director, Solution Strategy for SAP’s Business User and Line of Business Sales Organization
  • Prakash Darji, Vice President and General Manager, Data Warehousing Solutions and SAP HANA Platform, SAP
  • December 11, 2009
When a power user creates an application in SAP BusinessObjects Planning and Consolidation, users must be assigned and given authorization to read and write data that they own. Take an in-depth look at how authentication and authorization are set up to ensure users can only work with the regions of data they own. This information can help you ensure that your data remains accurate and that you aren’t violating any data governance policies your company may have.
Key Concept
Differentiating between the terms authentication and authorization is important, as often these terms are used interchangeably. The term authentication refers to assigning a user access to the SAP BusinessObjects Planning and Consolidation system. This user then logs on to the system and is authenticated against that system. Authentication is the process of assigning the user and validating the credentials (username and password) of that user upon logon. The term authorization refers to the activities a user can perform once authenticated. It also refers to the region of data to which the user has access to read and write. Within SAP BusinessObjects Planning and Consolidation, authorization is separated into the concept of task profiles, to control the activities to which users have access, and member access profiles, to control the data regions to which a user has access.

SAP BusinessObjects Planning and Consolidation is designed to empower the business by reducing its dependency on the IT department for making system changes. Authentication and authorization assignments are usually an area that the IT department of a company controls. With SAP BusinessObjects Planning and Consolidation, authorized business users can directly configure security. This allows them to help themselves and avoid having the IT department become a bottleneck in setting up or making changes to the system. Typically, a power user within a line of business handles this task because he knows the users within the business and the data with which they should or should not be working. (See the article “SAP BusinessObjects Planning and Consolidation: An Overview of How It Works with SAP NetWeaver BW” for a more detailed discussion on this topic.) 

Throughout this article, we focus on the tasks an administrator or power user in the line of business performs. This includes adding a user to an application set, assigning the user to a team, and then assigning member access profiles and task profiles to that team. We discuss the best practices of setting up authorizations as well. See the “Key Terms” sidebar for definitions of user, team, task profile, and member access profile.

The user experience is almost identical (even for administration) between SAP BusinessObjects Planning and Consolidation, version for the Microsoft platform, and SAP BusinessObjects Planning and Consolidation, version for SAP NetWeaver. However, the back-end implementations are quite different. All the content and behavior we describe in this article apply just to the version for SAP NetWeaver.

Ryan Leask

Ryan Leask currently runs the SAP BusinessObjects Planning and Consolidation solution management team for SAP, based out of Palo Alto, CA. Prior to this position, he led the EPM solution architecture team with a main focus on the design of SAP BusinessObjects Planning and Consolidation 7.0, version for SAP NetWeaver. Ryan has also worked on SAP xApp Analytics, SAP NetWeaver Visual Composer, SAP NetWeaver BW, SAP SEM, ABAP, SAP CRM, analytics/data mining, and whatever else seemed interesting. He has also co-authored SAP xApp Analytics (SAP PRESS, 2006), written many articles, and presented at numerous conferences.

See more by this author

Prakash Darji

Prakash Darji is an experienced professional with more than 10 years of end-to-end experience in enterprise software. He has a broad depth of experience including corporate strategy, sales, product management, architecture, and development. He has experience in product launch activities, including positioning, packaging, and pricing. He has delivered numerous product releases in a variety of capacities through his career. He thrives on building high-performing, scalable teams to achieve strategic deliverables, whether they close strategic sales deals, roll in product features, or roll out new releases. He is a recurring author for several publications and a speaker at SAP conferences around the world. Prakash is on LinkedIn at

See more by this author


No comments have been submitted on this article. 

Please log in to post a comment.

To learn more about subscription access to premium content, click here.