SAP Knowledge Base Article - Preview

3167189 - Data Access Control (DAC) in SAP Analytics Cloud Collective KBA

Symptom

Concepts and expected behavior of dimension-based data access control for roles and data access management (security):

  • Dimension based data access control (DAC) in SAP Analytics Cloud (SAC) is used to control and limit which users or teams can see specific dimension members and data.
  • Data access control can be enabled by accessing the Model via Browse > Models > “Select Model” > Model Structure > “Select Dimension” > “Data Access Control” under “Rights / Access”.
  • For example, if data access control is applied on an “Employee” Dimension, a “Read” and “Write” column will now be visible within that dimension.
  • If it is desired that only “John” can see the “John” dimension member, and data associated with this member, then the user “John” should be entered into the “Read” column entry for the “John” dimension member.
  • You must switch on the Hide Parents option to restrict which dimension members can be seen in the Modeler or in Stories: If this option is enabled, users will see only the members that they have at least Read access to.
  • When accessing a story using (referencing) this model where this “Employee" dimension is used, John will only be able to see data for the “John” Dimension member from the “Employee” Dimension.

Common issues

  • User is able to see data despite Dimension based Data Access Control being enabled.
  • User is not able to see data that they have "Read" permissions for in Dimension based Data Access Control
  • Data Access Control "Read / Write" column entries are lost when Data Access Control is disabled and enabled
  • User cannot see data of parents in a Hierarchy when "Hide Parents" option is enabled


Read more...

Environment

  • SAP Analytics Cloud (Enterprise)
  • Both optimized and classic stories

Product

SAP Analytics Cloud 1.0

Keywords

SAP Cloud for Planning, sc4p, c4p, cforp, cloudforplanning, Cloud for Analytics, Cloud4Analytics, CloudforAnalytics, Cloud 4 Planning, BOC, SAPBusinessObjectsCloud, BusinessObjectsCloud, BOBJcloud, BOCloud., SAC, SAP AC, Cloud-Analytics, CloudAnalytics, SAPCloudAnalytics,Error, Issue, System, Data, User, Unable, Access, Connection, Sac, Connector, Live, Acquisition, Up, Set, setup, Model, BW, Connect, Story, Tenant, Import, Failed, Using, Working, SAML, SSO, sapanalyticscloud, sap analytical cloud, sap analytical cloud, SAC, sap analyst cloud, connected, failure, stopped, sap analyst cloud, https://hcs.cloud.sap, https://hanacloudservices.cloud.sap, https://cloudanalytics.accounts.ondemand.com, https://hanacloudservices-us.accounts.ondemand.com, https://www.sap.com, https://help.sap.com, predictive analytics (analysis), data analysis (analytics) tools, analytics tools, sap analytics cloud, data literacy, advanced analytics, data democratization, analytics software, real time analytics, self service analytics, advanced data analytics, analytics as a service, analytics cloud / cloud analytics, saas analytics, cloud bi, enterprise planning, cloud data analytics, cloud based analytics, analytics cloud platform, modern analytics, real time analysis, cloud analytics solution(s), what is sap analytics cloud, cloud analytics tools, analytics in the cloud, cloud analytics software sac roles and data access management kba security , KBA , data access control not working in sac , sac access restriction in the public dim , in the public dimension sac kba , LOD-ANA-ADM , SAC Administration , LOD-ANA-AUT , SAC Authentication / Login , Problem

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.