Corporate User Accounts - Shared Services - Planning

Hello,
I have a question related to corporate user accounts.
Suppose there is a corporate ID that was given access to planning, had the required provisioning in shared services and had the dimensional level security applied. Now this user no more works for the organization and so the corporate ID is no more active.
What will happen in shared services and planning. Will it still have a record of that account and we will need to manually clear it everytime situation like this is encountered or since it is a corporate ID shared servicies and planning know for itself that this ID is no more active and valid.
I would appreciate if someone could clear this doubt.
Thanks in advance.
~ Adella
Edited by: Adella on Sep 22, 2011 10:43 AM

In theory if the ad account is no more then the provisioning is removed, now in the past there has been problems where if you don't deprovision a user first before they get deleted from the ad then the user still exists in certain tables and becomes stale.
Sometimes utilities like provsionusers and updateusers would sync up to shared services and remove any stale users, sometimes they had to be manually removed.
I have not actually tested or seen what happens with the latest version to see if it actually manages to clean up all stale users without any issues.
Cheers
John
http://john-goodwin.blogspot.com/

Similar Messages

  • No Users in Shared Services

    I cannot search users in shared Services .users for HSF :(
    can any one assist me

    Open ur services console
    select Share services >clik " log on" > > my account > provide ur user name and password this would help

  • Sync User with Shared Services

    I noticed that if I provision a user in shared services the user can not log into planning until I restart planning. Is there a way to do this without restarting planning? This also seems to happen with EPM.
    I know this happens with essbase but you can put a few commands in the essbase.cfg file and it can either sync on a time basis or when a user logs into the system.

    I am not sure what version you are using, but I will assume 9.3.1
    If so you shouldn't need to restart the planning server, once you have set them up in HSS the user should be able to log into planning, once the newly created user logs into planning the user is also created on the essbase (EAS) side as a planning user.
    If you set up a new user and then log into the planning app as an admin user, select a form and click assign access, then click add access, can you see the user in the list ?
    Cheers

  • Grant the Essbase application permission to user in Shared Services

    Hi,
    We got a problem in granting the Essbase permission to user using Shared Services. We are using Hyperion 9.3.1.
    (1) We created an Essbase application + database through Essbase Administration Console, say TBC.Sales.
    (2) Provision the Essbase "Server Access" + Essbase Application "Read" roles to a user.
    (3) In Essbase Admin Console, we "Refresh Security from Shared Services".
    However, the user still cannot see the Essbase Database in SmartView. Does anyone know how to fix the problem?

    The problem is fixed with Essbase 9.3.1.3.0.5.

  • Exclude a user from Shared Services LCM export

    How do I exclude a specific user from the Shared Services LCM export?  In the migration definition file I am trying to specify something like the following:
    pattern="*" and pattern<>"lcm_admin"

    What exactly you want to try after/by exporting users from Shared services?
    Regards,
    Santy.

  • How to Generate a Report for a list of Users in Shared Services.

    I am using Hyperion 9.3.1 version.
    I have around 120 (MSAD) users in shared services and now i want to generate a report which tells what all access is given to a particular application for these users. Can anyone let me know the steps how to acheive this.
    Regards,
    Vijay Krishna.

    Hi,
    Have you tried generating a provisioning report in Shared Services, have a read of :- http://download.oracle.com/docs/cd/E10530_01/doc/epm.931/html_cas_help/provrep.htm
    If that doesn't suit your requirements then you could always have a look at using CSSImportExportUtility to export provisioning to a csv file. The utility is located in hyperion\common\utilities and has a pdf on instructions how to use it.
    Cheers
    John
    http://john-goodwin.blogspot.com/

  • Users in Shared Services

    Can someone tell me if there is a SQL table somewhere that stores the listing of users in Shared Services?
    Where would that data be stored?

    so John, you say that there is no chance to retrieve those users from relational-tables before v.11.1.2, right? is it possible in 11.1.2?
    actually i also need a scheduled report to see all users in HSS hence we're using same HSS with another project-team and both teams need such a kind of control report: "which users are able to see our project, who are in the other project... etc."
    i think, i should use CSSExport utility for creating such a scheduled report?
    do you have any suggestion?
    rgds,
    ozmo

  • Regarding issue with externalizing users to shared services

    Hello,
    I was working today on externalizing users to shared services through EAS Console & it went successful. But then I saw that the users were already externalized & there was already an application group existing in shared services. So now there are two application groups both clone of each other, i.e. if I provision any user with one application, the clone of that application is also provisioned through that user.
    The bigger problem is somehow the connect bet'n both SS & Essbase Services is lost & the users created in SS are not getting reflected in EAS, even after refreshing the securities on EAS... & then I tried to restart all the services again open LDAP, SS, IS, Essbase & Admin Services.... I am getting error while opening Essbase services, they are not getting started??? Please help me resolve this error...
    Thanks.

    Hi,
    What version are you installing and what O/S is it for ?
    If it is windows it is definitely an executable you are running and you are not trying execute one of the patches?
    Cheers
    John
    http://john-goodwin.blogspot.com/

  • Externalise users to Shared Services fails

    I recently tried to Externalise users to Shared Services. However, when I attempted to do this, I received the following error:
    [Thu Nov 13 15:29:12 2008]Local/ESSBASE0///Error(1051449)
    Analytical Services failed to get group with Error com/hyperion/css/spi/util/CSSGroupComparator
    I tried to Externalise again and then I received this error:
    [Thu Nov 13 15:33:20 2008]Local/ESSBASE0///Error(1051449)
    Analytical Services failed to get group with Error [CSS Error: Invalid Argument: Principal passed is NULL]
    And also, now whenever I tried to add a new user to Essbase thats authenticated externally, I receive this error:
    [Fri Nov 28 16:56:20 2008]Local/ESSBASE0///Error(1051223)
    Single Sign On function call [css_getUser] failed with error [CSS Error: Invalid Argument: Principal passed is NULL]
    Note, it did partially succeed in externalising to shared services, as the Essbase Cubes & Project to appear.
    Does anyone have any ideas on how to resolve these errors and successfully externalise to shared services?
    Edited by: user2062993 on 30/11/2008 19:32

    I have a similar situation at my end.
    reconfigure EAS console as from the configuration utility or mere editing the properties of the administration server will do.
    I tried editing the properties in the administration server but it dint help so should i go and reconfigure the EAS from the configuration utility .

  • Maxl statement create user to shared services

    <p>when you create a user in shared services, you can specify afirst name, last name, and email address into textboxes.</p><p> </p><p>now, when you create a user with maxl, can you specify to placea first name, last name, and email address into those textboxes? ican only seem to add a comment into the description textbox.</p>

    <p>actually, you can't even insert text in the description textbox.the comment code with maxl statement is only for maxl and notshared services.</p>

  • Automate deletion of user in Shared Services

    Hi
    How can I automate the deletion of terminated users that are both externally authenticated(through MASD) as well as native in Shared services.
    Thank you
    Namita

    Will that key word in the user's description? Then yes you can filter those users in Shared Services.
    Check http://otndnld.oracle.co.jp/document/products/epm/111200/E-17236/epm.1112/epm_security_api/client/com/hyperion/css/common/UserSearchFilter.html
    Regards
    Celvin
    http://www.orahyplabs.com

  • Administration Users from Shared Services...

    Dear Experts,
    Am using OEPM 11.1.1.2
    I have one basic question on Shared Services Users...As we are using the default login of Essbase administration services after installation and configuration to
    login to the server and this is already changed to Shared Services Security during Configuration..
    My question is can we be able to create user related to EAS from Shared Services or still we need to use the same default 'admin'? If so,
    In any case if i want to provide one user with only "create/delete applications" for Essbase....i will go and do it in Shared Services.....
    but if i want to modify something in Essbase...i still need to use EAS for modifying the application/Database information
    How can i create multiple users in EAS?
    One More, i don't see any project for Essbase Administration Services like Essbase, APS created in Shared Services after the applications have moved to Shared Services Security Mode...Is this correct? Please clarify
    Moreover, in my case userid "admin" is used for all the Application groups in Shared Services...So if i change the password for this "ID", will it reflect to all the application groups who are privileged to...
    Thanks

    My question is can we be able to create user related to EAS from Shared Services or still we need to use the same default 'admin'? If so,
    In any case if i want to provide one user with only "create/delete applications" for Essbase....i will go and do it in Shared Services.....
    but if i want to modify something in Essbase...i still need to use EAS for modifying the application/Database information
    How can i create multiple users in EAS?
    One More, i don't see any project for Essbase Administration Services like Essbase, APS created in Shared Services after the applications have moved to Shared Services Security Mode...Is this correct? Please clarify
    Moreover, in my case userid "admin" is used for all the Application groups in Shared Services...So if i change the password for this "ID", will it reflect to all the application groups who are privileged to...
    Firstly, Shared services is a centralized User management console for all hyperion applications. Once you externalize your security to shared services, You can create as many users as you want in shared services and assign him access to Essbase. How ever, You will have to go to EAS and do a "refresh security from shared services" for changes made to users in shared services to reflect in Essbase.
    For projects to appear under shared services project list, you will have to register each product with the shared services.
    If the same admin ID is used for all applications, Yes, the password change will reflect to all applications he has access to.
    -Nra

  • Unable to Externalize users to Shared Services

    Hi All,
    I am facing the following issue
    [Sun Jul  6 11:28:17 2008]Local/ESSBASE0///Error(1051429)
    Analytical Services Product Existence Check Fails against the Shared Services Server with Error [Unable to Authenticate.]
    Fatal Error: CSS Initialization Fails
    I have also done the following steps but could not resolve..
    STEP 1:
    a. Shutdown all the Services
    b. Take the backup of the file "Essbase.bak" by copying to another folder.
    c. From Native Folder(ARBORPATH),Rename the "Essbase.bak" file to "Essbase.sec" file.
    d. Reboot the machine where Essbase server is running.
    e. Start the Services and work on the application.
    If the issue still persists then Proceed with STEP 2
    STEP 2:
    Unregister the Analytic Services with Shared Services and then try reconfiguring Analytic Services from Configuration Utility (Especially register with Shared Services) and try working with the application
    If you have any information about how to resolve the above issue, please help.. Thanks.
    Message was edited by:
    637223

    Issue:
    Error 1051429 - Unable to Externalize the Users to HSS.
    Error Log:
    [Sun Jul 6 11:28:17 2008]Local/ESSBASE0///Error (1051429)
    Analytical Services Product Existence Check Fails against the Shared Services Server with Error [Unable to Authenticate.]
    Fatal Error: CSS Initialization Fails
    Environment:
    Win Environment installed – Weblogic 9.1 / HSS / AAS / BI+/ Planning
    Linux Environment Installed – Oracle DB 10 GR2
    Linux Environment Installed – Essbase
    Observation / Research:
    Duplicate entries in Essbase.cfg file.
    ; The following entry specifies the full path to JVM.DLL
    JvmModuleLocation /hyperion/common/JRE/Sun/1.5.0/lib/i386/server/libjvm.so
    ; SharedServicesLocation fatapp2.advtek.com.tw 58080
    ; AuthenticationModule CSS http://fatapp2.advtek.com.tw:58080/interop/framework/getCSSConfigFile
    ; SharedServicesLocation fatapp2.advtek.com.tw 58080
    ; AuthenticationModule CSS http://fatapp2.advtek.com.tw:58080/interop/framework/getCSSConfigFile
    ; SharedServicesLocation fatapp2.advtek.com.tw 58080
    ; AuthenticationModule CSS http://fatapp2.advtek.com.tw:58080/interop/framework/getCSSConfigFile
    SharedServicesLocation fatapp2.advtek.com.tw 58080
    AuthenticationModule CSS http://fatapp2.advtek.com.tw:58080/interop/framework/getCSSConfigFile
    Solution:
    ** Altered the settings of the Essbase.cfg file as below
    ; The following entry specifies the full path to JVM.DLL
    JvmModuleLocation /hyperion/common/JRE/Sun/1.5.0/lib/i386/server/libjvm.so
    SharedServicesLocation fatapp2.advtek.com.tw 58080
    AuthenticationModule CSS http://fatapp2.advtek.com.tw:58080/interop/framework/getCSSConfigFile
    ** Restarted all the Hyperion Services
    ** Logged into HSS, sync the OpenLDAP .
    ** Logged into AAS Console and Externalized all the users in Essbase to HSS
    ** Able to Externalize the users successfully.
    ** Created a sample application and a database and suggested the Customer to work out with the Applications.
    Hope that it works for you :)

  • Two user accounts sharing info?

    If I have two user accounts set up on my computer how do I make it so that I can share info between only those two users?
    For example~ One account has all of our photos downloaded on iPhoto - how do I make it so that the other user can can see those photos when logged into the second account?
    Thanks.

    Just dropping it into the shared folder is not enough. Any user other than the creator will not have write permission to an iPhoto library without twiddling with the permissions manually. An iPhoto library must be writeable by the user or else iPhoto will refuse to open it.
    This is what I use to share iPhoto and iTunes libraries and iMovie projects between my wife's and my user accounts. It automatically changes permissions of everything so that both of us have write access: http://www.macosxhints.com/article.php?story=20050904072808460&lsrc=osxh
    Leopard users can skip step 1; ACLs are already enabled by default in Leopard.

  • Protecting user accounts - Reducing user account sharing

    Dear friends,
    Our Internal Audit Dept believes that some employees may be sharing SAP users (and password) to avoid the SoD in place. With password-based authentication, that we must use, there is no chance that the system can prevent it.
    However, to reduce the share of users, and incidentally, protect unauthorized use of someone else's account, we are trying to do something similar to what many organizations do.
    The idea is that our (ECC 6.0) system stores a statistic of the computers from which a user connects, and in the event of an "unusual" login it will send a message to the user email account. It will explaining how to react if the access is not recognized, but also will inform of the the legal consequences of the misuse of his/her user account.
    We have the option of using the SAL, but prefer it to be online. Is there an user-exit, or similar, to capture the event of an user login and to send an email to the user's address, or perform other actions? The right moment seems to be the login event used by SAL...
    Surely someone has already developed a similar solution in SAP. We would appreciate any information or idea.
    Thanks in advance,
    Best regards,
    dionisio

    Dear Alex,
    I have the same experience about sharing their "only" password, and I believe, it will best address the sharing issue. Unfortunately that solution is out of our reach for now...
    About the SUSR001, I am not really looking for extra validation. Do you believe then that it is the best place for recording the terminal ID and so on?
    Thanks for you help.
    Dionisio

Maybe you are looking for

  • Advanced CAN Frame to Channel Conversion: Error with LV 8.5.1

    Hello! I´ve tried to read in a DBC-file with the "Advanced CAN Frame to Channel Conversion Example" on a LabVIEW 8.5.0 system and it works fine. On a LabVIEW 8.5.1 System I get the error: Scan From String (arg 6) in CAN FtoC Parse Channels and Mode.v

  • How to create ITS for a R/3 Transaction?

    Hi All, I am new to ITS. Can somebody please let me know how to create a ITS for a R/3 transaction. I tried from SE80 but not able to get the result. I even checked in SICF. Whatever the service that I am created, it is not visible in SICF. Please he

  • Offline Integration of Adobe Forms with CRM System using Web Service

    Hi Experts, I have a business requirement in which the end user us given an Application Form. The user can save the form locally and fill the data. Now the requirement is that when the end user clicks on Submit Button on the form, a web service is ca

  • Date LOVs prior to 1970

    It appears that date values prior to 1970 are not supported in prompt LOVs. To test this, I created a universe (unv) with a object having a date value of 5/1/1970 through 5/1/2020.  I then created a report with a prompt on this object.  When I attemp

  • Error when installing Nagios on solaris 11

        Hello, I'm following these instructions (Building and Deploying Nagios on Oracle Solaris 11)  on how to build and install Nagios on a solaris 11 x86 box.  I get all the way to pkg install then I receive this error: root-/opt # pkg install nagios