Audit Reports in Shared Services

Similar Messages

• Audit Reports from Shared Services

  I am using HFM 11.1.1.2 and want to pull a Audit Report in shared services. My approach are as follows:
  In Shared Services on Application Groups, I select my application and right click and select Audit Report. I get the following error:
  Auditing is Disabled and No Records Audited.
  How and where do I enable this?
  Thanks

  You first have to enable Auditing globally in Shared Services. To do this, login to Shared Services, make sure you have the "Shared Services" node highlighted in the pane on the left-hand side and click Administration-->Configure Auditing.

• Generating user reports ( Hyperion Shared Services)

  When i right click on Active directory->USer and say View Report, it by default generates report by USer ID, Is there any wasy to generate these reports by First and Last name of users?

  Hi,
  I have answered this question in post :- UsersByGroup SS report crashing;Shared Services Users not removed correctly
  Cheers
  John

• Reports in Shared Services 9.2.0.2

  I would like to run a report from Shared Services 9.2.0.2 that shows all the users w/ access to our system and what level of access they have. We assign all of our users to groups and the groups are granted access. Our groups are created in the Native Directory and the users are in our NTLM directory. Is there a way to make this happen? I have not been successful in everything I've tried so far.
  Thanks.
  Terri T.

  Ok just thought I'd check. That solution works fine for us but we use MSAD for external authentication. We use native groups for all our provisioning too.
  Not sure why the report won't work with NTLM users.
  Another solution, which is good because u get your data into excel, is to use the cssimportexport utility to export all the security. Then with some excel machinations you can relate the users to the groups to get the roles for each user. I have done that in the past to build a complete user list by application in excel. I had 50 groups with users and it took less than an hour to put it all together.
  Maybe someone else can advise why the report isn't working for you..

• Security Reports in Shared Services

  Hi guys,
  Could you please help me with a simple question (well, I believe it's easy, but I'm not able to answer it... :))
  I'd like to give a user the permission to run security reports, but it's seems he has to be "Shared Services admin" to do so. Is that correct? Can I give him permission to run this kind of reports without giving him the role of "admin"?
  I really appreciate your help.
  Thank yo!
  Regards,
  Lu.

  Only Shared Services Administrators can generate and view audit reports to track historical changes to the security data.
  Refer: Page 86 of http://download.oracle.com/docs/cd/E17236_01/epm.1112/hss_admin.pdf
  HTH-
  Jasmine.

• UsersByGroup SS report crashing;Shared Services Users not removed correctly

  Apparently, there are not many experts on Shared Services – nor is there much documentation.
  We have an urgent need to get a Users By Group report successfully run from an Shared Services installation today (auditors!)! Opening a support ticket as well as making last ditch attempts to get more suggestions on how to resolve.
  It appears as those the users causing the problem (the UsersByGroup Shared Services reports crashes) are NTLM. Apparently, several users were removed – before they were de-provisioned. Now they are not appearing on the default area but are appearing in other areas within SS. An attempt to re-add them failed to sync them back up (likely gave them each a new SID). We believe it is likely that the two issues are related (the not quite completely deleted users and the User By Group report bombing out – due to a user – since the provisioning is there, but the user is not, for these instances). Two of the Users show under Admin also, which should not be the case.
  Any suggestions on next steps would be greatly appreciated.
  Thanks!

  Hi,
  You should have a look at using the Update Native Directory Utility, this will clear out any stale users in your OpenLdap.
  It should be situated in \Hyperion\common\utilities\SyncOpenLdapUtility
  There is a zipped file called UpdateNativeDir.zip
  It does have a read me on how to use it but it is pretty simple, on windows it is something like updateNativeDir.bat -cssLocation <location to your>CSS.xml
  e.g updateNativeDir.bat -cssLocation C:\Hyperion\deployments\Tomcat5\SharedServices9\config\CSS.xml
  You may need to update the bat file to include the correct location to your Java Home, you will get an error message anyway if it is not set correctly when you run the batch file.
  It will create a log of all stale users removed.
  Good luck.
  John

• User report in shared service

  Hi, I have many user and many group. I would like to check what group that each user in. (actually I can check in properties for each user but it's too many user)
  Is there any report can show member of user group?
  Thanks in advance

  If you are on version 11, you can use Life Cycle Management to export security. This will include all the users and the groups that they belong to. Have a read of this: http://download.oracle.com/docs/cd/E12825_01/epm.111/epm_lifecycle_management/lcm_security_migration.htm
  Cheers,
  Mehmet

• Shared Services User Reports - for HFM Users

  Does anyone have some good material or knowledge they can share with me today regarding the following Shared Services topics?
  1. What might cause a run of the Users By Group report to fail? After about 15 mins bombs out and receive the following error: "User not found with identity = ntlm:SID=S-1-5-21-787380144-986785343-375376054-10174?USER(-2147216700). Then gives much more detail on error.
  2. How to remove users that appear under admin role but not in default?
  3. For audit (TODAY), ideally should produce a report of HFM users – including dates (when added, when security /provisioning was changed for them) – is there a report or combo of reports that will provide this information?
  Any help or a point in the right direction is hugely appreciated.
  Thank you!

  Ok - just some pointers, so use as suits.
  1: this looks like it is not seeing your AD/NTLM user. You see a similar SID if in Properties of any file share where the connection to the domain is not available, or the user no longer exists. Remember, if a user ID in NTLM or AD has been changed, Shared Services does not recognise this, and stores the original SID, so you need to remove and reprovision the user.
  2. The cleanest INHO is to do a CSS Import/Export and 'clean' the file. RTFM :)
  3. There are some reports in Shared Services, but see if this is of use - especially the Security Matrix, (http://www.epmmaestro.com/dnn/Products/EPMWebSymphony/tabid/56/Default.aspx)
  Good luck

• How to Generate a Report for a list of Users in Shared Services.

  I am using Hyperion 9.3.1 version.
  I have around 120 (MSAD) users in shared services and now i want to generate a report which tells what all access is given to a particular application for these users. Can anyone let me know the steps how to acheive this.
  Regards,
  Vijay Krishna.

  Hi,
  Have you tried generating a provisioning report in Shared Services, have a read of :- http://download.oracle.com/docs/cd/E10530_01/doc/epm.931/html_cas_help/provrep.htm
  If that doesn't suit your requirements then you could always have a look at using CSSImportExportUtility to export provisioning to a csv file. The utility is located in hyperion\common\utilities and has a pdf on instructions how to use it.
  Cheers
  John
  http://john-goodwin.blogspot.com/

• Shared Services backup

  Hello Gurus,
  What does Shared Services backup consist of. I believe it has to do with the roles and all of users right? But a bit confused.
  For example, I went in to HSS and exported the SHARED SERVICES to the FILESYSTEM. Can someone please tell me what is the main use of the the SHARED SERVICES in terms of this case?
  ALSO, one way I can import is again using the LCM, however, if I dont want to use the LCM, what would be the way to import the SHARED SERVICES that I have backed up.
  ALSO, I have used the DMP files to create a new application. Do I need to import the SHARED SERVICES as well in this case.
  Thanks

  Shared Services holds the following information
  User directory configurations
  Single sign-on configuration
  Native Directory management
  Role-based access control management
  Audit configuration and report management
  Shared services registry
  So you are backing up the above, taking a database backup is important , to restore you would do as you have previously with Oracle backups.
  Cheers
  John
  http://john-goodwin.blogspot.com/

• Task List Access Manager Role in Shared Services

  Hi
  The documentation says this role "Assigns task lists and tasks to other users". I have assigned this role to a group (in Shared Services), I have given that group Manage and Assign access to the Task List (in Planning), and have even done a security Refresh.
  Yet, when I go in as a user who is in that group, I do not see the Assign Access button in Manage Task Lists.
  Is this a bug or have I missed a step?
  We are on 11.1.2.1
  Thanks!

  Hi,
  Have you tried generating a provisioning report in Shared Services, have a read of :- http://download.oracle.com/docs/cd/E10530_01/doc/epm.931/html_cas_help/provrep.htm
  If that doesn't suit your requirements then you could always have a look at using CSSImportExportUtility to export provisioning to a csv file. The utility is located in hyperion\common\utilities and has a pdf on instructions how to use it.
  Cheers
  John
  http://john-goodwin.blogspot.com/

• Where is the Shared Services user security stored?

  On Hyperion Planning 9.3. I can view the security of my users/groups via the report in Shared Services, yet I would like to put the output in Excel and there is no option other than Print/Print Preview.
  which repository database contains the Shared Services security?
  Thanks
  JTS

  Hi,
  If you are talking about the security to members, forms then this is held in the planning application database.
  If it is provisioning of the application then it is a combination of the Shared Services database and OpenLdap database. (not so easy just to create a report on the provisioning by looking at the database)
  Cheers
  John
  http://john-goodwin.blogspot.com/

• Generate report to show all users and groups in Shared Services in EPM 11x

  Hi,
  Is there any way to generate a report (like a migration report or job status report) which can be generated through workspace/shared services 11.1.1.3 so that my admin can look at all the users and groups created. Something that I can view and probably print out? Any suggestions?
  ~Adeeba

  Yes, I knew this one. This basically shows me the users and groups assigned specific provision access. Is there any way to view a report that shows which users and groups have access to dimensions of an individual planning application?
  ~Adeeba

• Shared Services Security Issue with Financial Reporting - 11.1.1.3

  Hi,
  So we have some users that are provisioned in some groups. Those groups have Essbase Server Access and Planner access to an application. That access is working great. They have access to the app and they have access via Smartview to the cube.
  Now we need them to be able to see all the Financial Reports (FR) created for that application. There are so many provisioning choices under 'Reporting and Analysis', that I'm not sure how to get this done correctly. Right now we have to assign 'Viewer' access and 'Explorer' access under 'Content Manager' tree in order for this to happen. I just think this seems wrong. We just need the user to be able to run and view a report from Workspace.
  Any help is appreciated as this is a very green area for me.

  Hi,
  You will need both Viewer and Explorer access for users to run reports.
  the reason is that without the Explorer, users will not be able to see any reports or the explorer in Workspace.
  Without Viewer, users will not be able to view/open any of the reports. You also have to give report access to users anyway related to the groups.
  You can see anll information about different security roles for Reporting and Analysis in the shared Services admin guide.
  The documentation is the best place to start for any information needed and confirming what fulfills your needs.
  Cheers
  RS

• Mail configuration in shared services for Workspace/Web A Reporting purpose

  Hi,
  I have configured SMTP Mail Server name in the shared services but still not able to send HFR and Web analysis reports through email.
  When I click on Email Link in WOrkspace on a particular report, getting below error:
  Enter the user email address in Hyperion Shared Services, Ask your Administrator to update your email address listed through Hyperion Shared Services.
  What needs to be done to avoid this issue? do I need to enter user's mail ids in Admin mail field in Shared services configuration page. If yes, how can I enter all user id', i mean, any comman's or some delimiters in between mail id;s.
  Please advise me on this..
  Thanks,
  UB

  There are also the .properties files that have to the SMTP server name as well. I know for FR it is in the FR_global.properties file.