SAP User Authorization Profile
The Angles for SAP Xtractor or ETL Server needs an SAP user account and password to be able to download data from SAP. This user account must be of type SYSTEM (although it is possible to use an account of type DIALOG, this is not recommended, because a DIALOG account needs to change its password now and then).
The following minimal authorization is needed:
Copy
Class: Cross-application Authorization Objects
Object: Authorization check for RFC access: (S_RFC)
Activity: 16
Name of RFC to be protected: RFC_METADATA_GET, /EASUITE/*, SUGX, SYST, RFC1, SDIFRUNTIME, SPFL_PROFILE_PARAMETER
Type of RFC object to be protected: FUGR
Class: Cross-application Authorization
Objects Object: Every Angle Tables Permitted for Extraction (ZEA_TABLES) Table name: *
Package: /EASUITE/Z_EA
Class: Basis: Administration
Object: Background Processing: Background Administrator (S_BTCH_ADM)
Authorization: S_BTCH_ADM
Background administrator ID: y
Class: Basis: Administration
Object: Background processing: Operations on Background Jobs: (S_BTCH_JOB)
Authorization: S_BTCH_TRANS
Job operations: RELE
Summary of jobs for a group: '' (two single quotes)
Class: Basis: Administration
Object: System Administration Functions (S_ADMI_FCD)
System administration function: STØR
Class: CCMS: System Administration S_RZL_ADM
Activity: 03
Make sure that these authorizations are in place for the SAP SYSTEM user used by Every Angle. Any changes to these authorizations may cause the refresh cycle to fail. The SAP account used by Every Angle to extract data should have the following authorizations:
When RFC is used
Copy
Class: Cross-application Authorization Objects
Object: Authorization check for RFC access: (S_RFC)
Activity: 16
Name of RFC to be protected: RFC_METADATA_GET, /EASUITE/*, SUGX, SYST, RFC1, SDIFRUNTIME
Type of RFC object to be protected: FUGR
Class: Cross-application Authorization
Objects Object: Every Angle Tables Permitted for Extraction (ZEA_TABLES) Table name: *
Package: /EASUITE/Z_EA
Class: Basis: Administration
Object: Background Processing: Background Administrator (S_BTCH_ADM)
Authorization: S_BTCH_ADM
Background administrator ID: y
Class: Basis: Administration
Object: Background processing: Operations on Background Jobs: (S_BTCH_JOB)
Authorization: S_BTCH_TRANS
Job operations: RELE
Summary of jobs for a group: '' (two single quotes)
Class: Basis: Administration
Object: System Administration Functions (S_ADMI_FCD)
System administration function: STØR
When an SAP logical file path is used
Copy
Class: Cross-application Authorization Objects
Object: Auth. check for RFC access: (S_RFC)
Activity: 16
Name of RFC to be protected: /EASUITE/*, SUGX, SYST, RFC1, SDIFRUNTIME
Type of RFC object to be protected: FUGR
Class: Cross-application Authorization
Objects Object: Every Angle Tables Permitted for Extraction (ZEA_TABLES) Table name: *
Package: /EASUITE/Z_EA
Class: Basis: Administration
Object: Authorization for file access: (S_DATASET)
Activity: *
Physical file name: * (Depends on configured file path.)
ABAP/4 program name: /EASUITE/*, Z* (Depends on configured prefix.)
Class: Basis: Administration
Object: Background Processing: Background Administrator (S_BTCH_ADM)
Authorization: S_BTCH_ADM
Background administrator ID: y
Class: Basis: Administration
Object: Background processing: Operations on Background Jobs: (S_BTCH_JOB)
Authorization: S_BTCH_TRANS
Job operations: RELE
Summary of jobs for a group: '' (two single quotes)
Class: Basis: Administration
Object: System Administration Functions (S_ADMI_FCD)
System administration function: STØR
Class: Basis: Administration (Only if ZIP compression is used.)
Object: S_LOG_COM
COMMAND: ZEA_ZIP
HOST: *
OPSYSTEM: *
Class: Basis: Administration (Not needed if SAP runs on Windows.)
Object: Authorization to execute logical os commands: (S_LOG_COM)
Logical command name: ZCHECK_MODIFY
ERP / R/3 System, name of application server: *
ERP / R/3 System, operating system of application server: *