Data Security Report by user
Hello experts,
It's possible in a easy way to get all the data security (dimensions member security) for one specific user?
I would like to have a report for a specif user with the list of dimensions member he have read/write access.
Regards,
Rodrigo
Hi, try Access Control Report. It's in the LCM right click on your app (under Application Group)
If you find it very large you can write your own SQL directly in planning RDBMS or get some ready to use queries
Similar Messages
-
Data security for multiple data sources
Dear BO guru's,
I am struggling with a brainbraker on authorizations on Universes since quite some time.
I am not a BO guru so hopefully someone can help me with this.
I (more or less) know the concept of data security in BO: users can be restricted on data level in (mainly) two ways:
1) with roles in CMC and with restrictions in Universe Designer.
OR
2) with a DB table that contains all authorized values per user and per field (i.e. John can see data for country UK)
The first is easy to set up, but hard to maintain.
The second is difficult to set up, but very flexible.
Now here is the problem...
Supporse your BO server is connected to different source systems (i.e. an SQL server, an Oracle server...) and you want only one universe to get data from all systems at the same time and display it in one report.
If I am not mistaken, this means we need a data federator.
...My questions:
1) Is there a possibility to do this without a data federator (but still have one universe to build my report or dashboard on)?
2) Where do I keep the table with authorizations for the users? Is that a database of the BO Enterprise server, a seperate data base, or in a table of one of the source systems (SQL, Oracle...)?
As this questions keeps me busy since long time, I would be very grateful to have your help.
It seems hard to find information on this.
Thanks a lot in advance!
UniverseDummy1) Is there a possibility to do this without a data federator (but still have one universe to build my report or dashboard on)?
Apart from the Data Federator, you can either use an ETL tool to load your data into a single Datawarehouse or wait until XI 4.0
2) Where do I keep the table with authorizations for the users? Is that a database of the BO Enterprise server, a seperate data base, or in a table of one of the source systems (SQL, Oracle...)?
If you are going to use the Data Federator then you can create the table in one of your source systems and add it as a data source in your DF project.
Regards,
Stratos -
Data security (Data from SAP BW) for AD users
Hi All,
I have a scenario.
BO env : Business Objects 3.1 Sp3
Sap Integration kit Sp3
My target is to implement AD SSO & also provide data security for data from SAP BW. Currently there are no roles & authorization defined in the sap System. My plan was
Step 1:- Implement AD SSO in Business Objects
Step 2: Map the AD users in SAP system
Step 3:- Crate roles in SAP System
Step 4:- Assign the users roles
Steps 5:- (Not sure) :- Map the users (Now in SAP) to BO & then aliases them with the users from AD.
Pleas let me know if this would be correct approach... if not please suggest.... I am kind of new to SAP BO integration with experience in BO adminStep 1: Setup Windows AD SSO on your BOBJ server
Step 2: Import Windows AD groups in BO
Step 2- Setup Server-side SNC between BO and your SAP system
Step 3:- Create roles in SAP System and import them in BO
Step 4:- Assign SAP users the created roles
Step 5: - In the CMC create SAP aliases for your Windows AD accounts
Step 6: - Setup your reports and/or universe connections to use SSO.
For more information on server side SNC check the installation guide of the integration Kit.
Regards,
Stratos -
Security report SEC_LIST_MBR is not displaying users list
Hi,
When we run security report SEC_LIST_MBR. It is not displaying list of users instead it is just displaying user id who ran the report all other columns Full Name, Teams, Task Profile and Member access are blank.
Please suggest what is causing it not to display list of users.
In database we loaded the following page http://ReportServer/reports and ran report SEC_LIST_MBR. It also gave same result - one row with user id data only.
Regards,
RajeshWe found the root cause it was because table "task" does not have records in APPSERVER Database.
Once we updated task table. Security report SEC_LIST_MBR is displaying results correctly.
Regards,
Rajesh -
Interacvtive report - saving user data during App upgrade
Hi all,
I've read a few posts on this topic, but I don't think any were solved one way or another.
We use two servers here, one Development, one Production.
We have an interactive report were users over time build up many custom "tabs" for reporting, charts and day to day manipulation of data.
Come time to migrate all of the changes made in the Development server to the Production server, we Export from one and Import to the other. After this event, the users are presented with a fresh new Interactive report with all of their saved work gone.
Is there any way or any thing we can backup on the Production server to then restore after our applicarion import to retain this Interactive report user info?
NTIf you export from a given workspace ID and import into a workspace with the same ID (and of course keep the same application ID), I thought that the IR settings were preserved.
Scott -
List Database Security Reporting and Administration Users
Dear Expert,
Im working with BW 2004s Security Component , I try to find a database table in SE16 that it contain the follow field: Role with your component by Authorization Object. My scope is identify what role is a Secure Reporting Users and Secure Administration Users.
The role has S_RS_COMP and S_RS_COMP1 are Reporting Users. Moreover, the role has Reporting Users S_RS_ADMIWB, S_RS_IOBJ, S_RS_ISOUR, S_RS_ISRCM and S_RS_MRPO
Thank for your help,
Luisse16-->AGR_HIER
AGR_* will be tables for Roles. Tables SMEN_* are for user favorites.
You can find the information you want in table AGR_HIER.
In this table you can select the role,
In the field REPORT, select RRMX ,this will show you all roles with their workbooks.
AGR_NAME = ROLE (technical name)
REPORT= RRMX
Hope it Helps
Chetan
@CP.. -
Report data filters depending on user
I have web intelligence report returning data grouped by departments. Is it possible to filter report data by department for user logged in depending on user's department?
Thanks
Edited by: Denis Sapunkov on Aug 19, 2010 12:58 PMThis can be achieved in 3 ways:
1. In Web Intelligence
Providing you have a table in your database that holds username and department you create a webi report where you select "Dept. Username", "Department" and all other objects you require for your report.
- Run the Query
- Create a new variable called CurrentUser => Formula: =CurrentUser()
- Create a new variable called "Department Filter" => Formula: =If([CurrentUser] = "Dept. Username" ; "Yes" ; "No")
- Create a new report filter: Department Filter = "Yes"
This will only return the deprtment for the user that is currently logged on to BO.
2. On universe level you could use access restrictions to achieve this
3. If you require to schedule the report, you could create a group for each department and assign this group to a profile that filters on department.
Hope this helps! -
Need to automate report having user response in a date prompt variable
Hi,
I've a webi 4.0 report which is having date prompt as a input from the user. This report has multiple data providers and is using variable as
=FormatDate (ToDate(UserResponse("Report Date");"dd Mmm YYYY");"Mmmm YYYY") in the report. Report Date is the user prompt enabling user to input the date and is usually the last day of Month.
I want to automate the report so that user dont have to input the date in Report Date prompt. How do I implement this?
If I simply remove Report Date being used as a filter, report will run without asking user but this Report Date is being used as a variable and will #ERROR.
Please advise.
Thanks
PriteshPritesh,
Well you can create a Prompt at universe level with if and else as user input or Month end date( eom function ) or you can create variable today at universe level and schedule the every month end.
Thanks,
Venkat -
Data Level security for specific Users
Hi,
Can you please suggest some ideas on by-passing the Data Level security for specific users or specific group?
Currently, we have data level security defined on a group permissions for one group and for people belonging to another group, the security should not apply and they should see entire data.
But, key thing here is that, the user belongs to both the groups.
Any ideas helps.
Thanks,
Chandu.So you are saying you want a user to belong to a group with data-level security filters, but you don't want the filters to apply to that user?
Why are they in the group then?
Are the data filter defined with variables or are the hard-coded?
If variables, you may be able to put logic in initialization block to set the variable appropriately for specific users.
I'd rethink the security model - when I define data level security filters, I tend to force users to only belong to a single group/role. -
Blazeds + Spring security: fetch data based on current user
Hi,
I'm currently learning flex by trying to build an application with
flex, blazeds and Spring. My application lets users log on using
spring security (which I will probably combine with
AcegiLogonCommand). I would like my assemblers to return different
data based on which user is currently logged on (for instance to show
that specific user's to-do list). To do this, I added a userId
property to my spring security principals (by subclassing
org.springframework.security.userdetails.User)
and added user_id columns to user-specific data in the database. Now
I would like to know how I can get the currently logged on user in my
assembler so I can use its userId to fetch the user's data.
Is the assembler the right place to decide which data to send to my
flex application? If so, can anyone tell me how to determine which
user is currently logged on in my assembler? If not, what would be the
recommended way of dealing with user-specific data in my database in
combination with blazeds?
The only examples I have been able to find on the Internet so far only
use different roles to determine what a user is or is not allowed to
do, I have yet to find any examples where users store and retrieve
user-specific data.
Kind regards,
JeroenHi,
There is a field “Target Audience” in list whenever “Target Audience” is enable in “List Settings”, it accepts the name of a SharePoint group.
For your requirement, you will need to get the name of the group which the current user belongs to. Then perform a query in a specific list to get all the items that
contains the specific value in “Target Audience” field.
Here is a code snippet about how to set Target Audience for an item, there are code lines about
how to get the value of a “Target Audience” field:
http://social.technet.microsoft.com/Forums/sharepoint/en-US/a3ac41d8-42e9-4ec7-999f-036c4b06d3e2/programatically-set-target-audience-in-list-item
A method about checking whether the current user is a member of the specified group:
http://msdn.microsoft.com/en-us/library/microsoft.sharepoint.spweb.iscurrentusermemberofgroup.aspx
Best regards,
Patrick
Patrick Liang
TechNet Community Support -
User Data Security through forms.
Hi All,
I am working on a forms(10g) which once deployed in application env. will have different level of accesses to different users , like view,edit,etc.
could you please let me how to set up this user data security ,and access levels ...
Is this to be done through forms development , or any environmental setups required?
Any quick pointers in this regard are highlu appreciated.
Thnaks.Hi,
you can define your user level on oracle form,but these user only work on form level not on database level direct,you can make a proper setup form or role form to provide access to different user but you must mentioned these security on each transactional form.You also make a global procedure as security which maintain security only on form.Hope it'll helpful for you.
Thanks
Baloch. -
Using Data Security under Functional Developer / User Manager
Has anyone succesfully carried out any Data Security policies in Oracle Apps. I would like to get details on this.
Thanks in advance.Actually the other scripts on the http://www.petefinnigan.com/tools.htm site seem to do the trick where you can check for who has DBA and who has SELECT ANY TABLE.
The next questions is .... what other privs should I be concerned with? Just want to make sure I am checking for all possibilities of access to a particular object. -
The report of user activity
Can anyone show how the sample report of user activity?
Is there information that the website opened and how much time was running applications? Is used in an active way of running applications?
I will be grateful for your help.
JerryFinding a program of monitoring user activity MAC OS X okazauje be very difficult.
The program aims to monitor sites visited, but:
- Can not save passwords
- It can not sending data to an external server
I can not find such software
I found: http://www.net-monitoring-software.com/secure-order.html
but it turns out that the manufacturer no longer supports MAC platform.
Help! Is anyone familiar with this type of software?
Pls. Help me. -
Problem with cgicmd.dat in reports 10g
Dear Sir/Mam,
I've configured report serve on solaris 10. When executing reports using web url with key map given in cgicmd.dat file, I'm getting a very strange problem. Whatever parameters m passing to the reports through web url an additional "=" character is appended automatically. I'm giving details of the files below. Please help me out. Thanks in advance.
Content of rwservlet.properties:-
SERVER_IN_PROCESS=YES
RELOAD_KEYMAP=YES
DIAGNOSTIC=YES
TRACEOPTS=TRACE_ALL
TRACEFILE=rwservlet.trc
TRACEMODE=TRACE_REPLACE
SERVER=test
#IMAGEURL=http://<web_server_name>:<port_num>/reports/rwservlet
KEYMAPFILE=cgicmd.dat
#DBAUTH=RWDBAUTH.HTM
#SYSAUTH=RWSYSAUTH.HTM
#ERRORTEMPLATE=RWERROR.HTM
#COOKIEEXPIRE=30
ENCRYPTIONKEY=reports9i
#DIAGBODYTAGS=<reports_servlet_help_file_title>
#DIAGHEADTAGS=<reports_servlet_help_file_body_tag>
#HELPURL=<url_of_customized_help_file_for_reports_servlet>
#SINGLESIGNON=YES
OID_ENTITY=%REPORTS_OID_ENTITY%
#ALLOWHTMLTAGS=NO
#REPORTS_NETWORK_CONFIG=rwnetwork.conf
#OIDCON_INIT=10
#OIDCON_INCREMENT=10
#OIDCON_TIMEOUT=0
DEFAULTCHARSET=JA16EUC
#DEFAULTCHARSET=EUC-JP
Content of cgicmd.dat:-
osk47zgenp: report=%1 userid=utimainapp/utimainapp@testdb rundebug=NO desformat=delimited destype=cache mode=bitmap mast_ext=roymask.xls p_start_dt=%2 p_end_dt=%3 p_srvc_id=%4 p_sch_id=%5 p_agnt_cd=%6 p_user_id=%7 p_sesn_id=%8
Report URL is:-
http://10.10.100.110:8890/reports/rwservlet?osk47zgenp+rp_os424_mat_recon.rdf+30-JUN-2009+01-JAN-2010++31++shashi+1492544
Error coming on browser:-
REP-110: File 'rp_os424_mat_recon.rdf=' not found.
REP-0110: Unable to open file 'rp_os424_mat_recon.rdf='.
Content of rwservlet.trc:-
[2011/1/19 7:37:1:624] (RWClient:doGet) enter...
[2011/1/19 7:37:1:625] Debug 50103 (RWClient:doGet): QueryString: osk47zgenp+rp_os424_mat_recon.rdf+30-JUN-2009+01-JAN-2010++31+
shashi1492544
[2011/1/19 7:37:1:625] Info 50103 (RWClient:processRequest): reload key map file: s_reloadKeyMap: YES
[2011/1/19 7:37:1:626] Debug 50103 (KeyEntry:replaceParams): report=rp_os424_mat_recon.rdf= userid=utimainapp@testdb rundebug=N
O desformat=delimited destype=cache mode=bitmap mast_ext=roymask.xls p_start_dt=30-JUN-2009= p_end_dt=01-JAN-2010= p_srvc_id=31=
p_sch_id=shashi= p_agnt_cd=1492544= p_user_id= p_sesn_id=
[2011/1/19 7:37:1:626] Debug 50103 (RWClientUtility:isFromPortal): portal: null
[2011/1/19 7:37:1:626] Debug 50103 (RWClientUtility:isFromPortal): webdbversion: null
[2011/1/19 7:37:1:627] Info 50103 (RWClientUtility:findServer): Failed to bind to server: test
[2011/1/19 7:37:1:627] Warning 50103 (RWClient:startInProcessServer): start inprocess server test
[2011/1/19 7:37:1:657] Debug 50103 (NetworkUtility:getIOR): Found a server and returning the IOR
[2011/1/19 7:37:1:658] Debug 50103 (ServerManager:getServer): Found server class object
[2011/1/19 7:37:1:659] Debug 50103 (ServerManager:getServer): ping server successfully
[2011/1/19 7:37:1:660] Debug 50103 (RWClientUtility:getReportsServer): server: test
[2011/1/19 7:37:1:660] Debug 50103 (ServerManager:getServer): Found server class object
[2011/1/19 7:37:1:660] Debug 50103 (ServerManager:getServer): ping server successfully
[2011/1/19 7:37:1:661] Debug 50103 (AuthManager:getAuthId): server secure: false
[2011/1/19 7:37:1:663] Debug 50103 (RWClientUtility:getReportsServer): server: test
[2011/1/19 7:37:1:664] Debug 50103 (RWClientUtility:getReportsServer): server: test
[2011/1/19 7:37:1:664] Debug 50103 (ServerManager:getServer): Found server class object
[2011/1/19 7:37:1:665] Debug 50103 (ServerManager:getServer): ping server successfully
[2011/1/19 7:37:1:666] Debug 50103 (RWClientUtility:isFromPortal): portal: null
[2011/1/19 7:37:1:666] Debug 50103 (RWClientUtility:isFromPortal): webdbversion: null
[2011/1/19 7:37:1:667] Debug 50103 (RWClient:runReport): cmdline: p_end_dt=01-JAN-2010= baseUrl=http://10.10.100.110:8890/report
s/rwservlet/getfile/ userid=utimainapp@testdb USER_AGENT="Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0)" p_srv
c_id=31= SERVER_NAME=10.10.100.110 jobname="rp_os424_mat_recon.rdf=" p_sesn_id= mast_ext=roymask.xls getFilestr=/no> imagekey=re
ports9i p_user_id= REMOTE_ADDR=10.10.105.54 SERVER_PROTOCOL=HTTP/1.1 authid=RWUser p_start_dt=30-JUN-2009= mode=bitmap REMOTE_HO
ST=10.10.105.54 destype=cache SERVER_PORT=8890 p_sch_id=shashi= report="rp_os424_mat_recon.rdf=" expiredays=0 ACCEPT_LANGUAGE=en
-us desformat=delimited p_agnt_cd=1492544= SCRIPT_NAME=/rwservlet rundebug=NO
[2011/1/19 7:37:1:668] Debug 50103 (ServerManager:getServer): Found server class object
[2011/1/19 7:37:1:669] Debug 50103 (ServerManager:getServer): ping server successfully
[2011/1/19 7:37:1:669] Debug 50103 (ReportRunner:connectToServer): New Connection request for userid: RWUser to server: test
[2011/1/19 7:37:1:673] Debug 50103 (ReportRunner:connectToServer): Connection succeeded for user: RWUser to server: test
[2011/1/19 7:37:1:709] Info 51022 (ReportRunner:Release): Connection object has been released
[2011/1/19 7:37:1:711] Exception 110 (): File 'rp_os424_mat_recon.rdf=' not found.
REP-0110: Unable to open file 'rp_os424_mat_recon.rdf='.
oracle.reports.RWException: IDL:oracle/reports/RWException:1.0
at oracle.reports.RWExceptionHelper.read(RWExceptionHelper.java:67)
at oracle.reports.server._ConnectionStub.runJob(_ConnectionStub.java:504)
at oracle.reports.client.ReportRunner.dispatchReport(ReportRunner.java:288)
at oracle.reports.rwclient.RWReportRunner.dispatchReport(RWReportRunner.java:86)
at oracle.reports.rwclient.RWClient.runReport(RWClient.java:1671)
at oracle.reports.rwclient.RWClient.processRequest(RWClient.java:1525)
at oracle.reports.rwclient.RWClient.doGet(RWClient.java:366)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at com.evermind.server.http.ResourceFilterChain.doFilter(ResourceFilterChain.java:65)
at oracle.security.jazn.oc4j.JAZNFilter.doFilter(Unknown Source)
at com.evermind.server.http.ServletRequestDispatcher.invoke(ServletRequestDispatcher.java:663)
at com.evermind.server.http.ServletRequestDispatcher.forwardInternal(ServletRequestDispatcher.java:330)
at com.evermind.server.http.HttpRequestHandler.processRequest(HttpRequestHandler.java:830)
at com.evermind.server.http.HttpRequestHandler.run(HttpRequestHandler.java:285)
at com.evermind.server.http.HttpRequestHandler.run(HttpRequestHandler.java:126)
at com.evermind.util.ReleasableResourcePooledExecutor$MyWorker.run(ReleasableResourcePooledExecutor.java:192)
at java.lang.Thread.run(Thread.java:534)
[2011/1/19 7:37:1:711] Debug 50103 (RWClientUtility:isFromPortal): portal: null
[2011/1/19 7:37:1:711] Debug 50103 (RWClientUtility:isFromPortal): webdbversion: null
[2011/1/19 7:37:1:716] Debug 50103 (RWClientUtility:isStatusFormat): statusformat: null
[2011/1/19 7:37:1:717] Debug 50103 (RWClientUtility:isStatusFormat): statusformat: null
[2011/1/19 7:37:1:717] (RWClient:doGet) ...exitHI,
From where can I get access of the Doc id 341188.1. Could u tell me the solution? I'm stuck with it for more than 2 weeks.
Thanks in advance.
Regards,
Shashi Ranjan -
How to add "Team leader" field in standard BPC security report
BPC Expert,
We are using BPC MS 5.0 version.
There is a checkbox in the security setup to make someone a "Team Leader" when you add him/her to a team and this checkbox determines who can post data and who cannot. When we run the user report we see which team the user is in but we do not have visibility to whether or not they are a "Team Leader" which is what business owner needs to see to approve user access.
I figured out "dbo.userteamassign" is the table which hold team leader value. Can anyone please tell me all the steps of adding team leader field in the standard BPC 5.0 security report.
Thanks,
KetanRoberto,
Thanks for the response. I know associated steps to declare business user as a team leader but my original question is "how to add a column in standard BPC security report that says who is team leader or who is not".
Do you know the Dtx package that is responsible to supply the data to Standard BPC security report? We can enhance standard data package to pull/display extra "Team leader" column in standard security report.
Appreciate your inputs.
Thanks,
Ketan
Maybe you are looking for
-
How do you open Garageband for iPad files with Garageband?
I was led to believe that Garageband could open up Garageband For iPad files, but not vice versa. However when a friend sent me his Garageband For iPad file, and I tried to open it, a "compatibility updater" started running then stopped halfway throu
-
Why is it when I bought my first generation iPad in October 2010 the sales rep at the Orange County California South Coast Plaza store suggested that I buy Mobile Me service for $99 which he assured me was a one time charge and now, of course, Mobile
-
Calculating App sizes on Startup
Each time I startup my Mac, I hear the hard drive spinning and the computer's less responsive than usual. I finally found that it's going through all the apps in the Applications folder and calculating their size, plus possibly indexing my drive. I'm
-
Fix for "Credit Card Rejected" / "Can't buy apps" / other CC issues
If you're having problems buying things from iTunes such as: -- Credit card rejected (even if you're paying by PayPal) -- Session Timeouts (on a non-Microsoft platform -- there is a different fix for Session Timeout on a Microsoft platform) -- Credit
-
Multiple execution of BAPI_GOODSMVT_CREATE for same batch.
Hi all, I use bapi_goodsmvt_create in IDOC to transfer from one storage location to another. We use WM. Example: We want to move batch1 from storage location x1 to x2 These are the steps I do. Call function bapi_goodsmvt_create to move from x1 to TR-