SAP Knowledge Base Article - Public

3467180 - No data in Permission Script (<table>_P) and Protected View (<table>_V) when using remote analysis authorizations from SAP BW/4HANA System


User is not authorized to see any data that should have access when using Remote Data Access Control (DAC) with SAP BW/4HANA.


SAP Datasphere

Reproducing the Issue

  1. In Datasphere, import SAP BW∕4HANA Analysis Authorizations by following Help guide and blog Introducing Remote Authorizations from SAP BW/4HANA for SAP Datasphere
  2. Open the generated Permission Script (<table>_P) or Protected View (<table>_V) 
  3. Preview it
    => No data shows which should have


In Datasphere, go to Data Builder > Data Access Controls, edit or create a new DAC, text message above the Identifier column selection saying "The permissions entity must include an identifier column providing user IDs recognized by your identity provider formed as follows: <BWUSERID>", but "USERIDENTIFIER" is email not BWUSERID. This means SAP Datasphere's User IDs are not defined as e-mails but BWUSERID.


According to KBA 3062381, If your SAP Data Warehouse Cloud User ID's are not defined as your key users' e-mails, then you must ensure that you implement BAdI RSDWC_DAC_RSEC_USER_UPDATE. In the BAdI implementation you shall fulfill the column "USERIDENTIFIER" with the user ID in Datasphere for the corresponding "BWUSER" in your BW/4 system.


dwc, blank, missing, lost, block, no access , KBA , DS-SEC-DAC , Security – Data Access Control , Problem


SAP Datasphere all versions


Pasted image.png