Dimension Level Security on a Data Form

Similar Messages

• How to implement Dimension Level Security on Tabular?

  Not possible on SQL Server 2014 SSAS Tabular? How to work around?
  Kenny_I

  Hi Kenny_l,
  According to your description, you want to implement dimension security in SSAS 2014 tabular. Right?
  In Analysis Services Tabular mode, dimension level security (based on role permission) is not supported. This security can only used in Multi-dimension mode. In tabular mode, we can only use row-level security based on role permission.
  Please refer to links below:
  Implement Dynamic Security by Using Row Filters
  Reference:
  Comparing Tabular and Multidimensional Solutions (SSAS)
  If you have any question, please feel free to ask.
  Best Regards,
  Simon Hou
  TechNet Community Support

• Dimension level Security

  Hi All,
  Can anyone help me in providing Dimension level security for some members in a dimension? I have given planning application access as "Interactive User" and Reporting Level as "Explorer and Viewer".
  I am using Hyperion 11.1.1.3.
  Thanks in advance

  No the roles in Shared Services are not for defining member access in the planning application, if you want more information on the planning roles in shared services have a look at http://docs.oracle.com/cd/E12825_01/epm.111/epm_security/apas07.html
  Cheers
  John
  http://john-goodwin.blogspot.com/

• Domain level security issue with InfoPath Form

  I have followed the article “Submitting Data from InfoPath 2007 to a SharePoint List” which can be found at
  http://msdn.microsoft.com/en-us/library/cc162745.aspx.
  But instead I am using SharePoint and InfoPath 2010.
  I get the following error after deploying and running the form with its security level set to domain.
  “A query to retrieve form data cannot be completed because this action would violate cross-domain restrictions. If this form template is published to a SharePoint
  document library, cross-domain access for user form templates must be enabled under InfoPath Forms Services in SharePoint Central Administration, and the data connection settings must be stored in a UDC file in a data connection library in the same site collection.
  If this is an administrator-approved form template, the security level of the form must be set to full trust, or the data connection settings must be stored in a UDC file by using the Manage data connection files option under InfoPath Forms Services in SharePoint
  Central Administration.”
  How do I get this form working on the server and client using domain level security?
  Extra Note: On an additional not the form works fine in SharePoint and InfoPath designer when the security level is set to Full Trust.

  Hi, Is this possible over a SharePoint "LIST"? I'm hitting brick walls and can't set the Security level on my form at all. Everything that I'm reading refers to Document Libraries but nothing about SharePoint List. It seems that this should work over a list,
  but I'm hitting brick walls all the way around. Here is a copy of the question that I posed below under Todd.Wilder's post:
  Hi,
  Following this forum question/comment I am attempting to set the security on my Infopath form to Full Trust. But, I don't have the Security and Trust option. I can set the Trusted Location through the Trust Center but I can't find anywhere to set security.
  I am using InfoPath 2010. What am I missing? Everything that I'm reading says that this is the problem and my error message is exactly like SomeGuy's message. One more piece to this is...this is a form over an Existing SharePoint List. I've found that I can
  see the Security if I start InfoPath and start a New Blank Form, but by editing the form from a SharePont list, the option to edit Security is not there. HELP!!
  I am following the instructions below that come from:
  http://msdn.microsoft.com/en-us/library/ee526352.aspx
  The InfoPath form designer automatically selects the appropriate security level (either Restricted or Domain) based on the features that you are using in the form. The security setting is always as restrictive as possible, starting at Restricted, to help
  ensure a greater level of protection for you and your data. Users can manually override this automated setting to select a level of security that is more appropriate for the form by following these steps:
  Click the File tab, and then click Form Options on theInfo tab.
  In the Categories list, click Security and Trust.
  Uncheck the Automatically determine security level (recommended) check box.
  Select the desired security level.
  Thank you,
  ~Tina~
  ~Tina~

• How to set dimension level security with multiple levels

  Hi,
  We have hierarchy with Level 0 codes to Level 4 codes.
  For e.g.
  Region 1 : Level 0 code 10000, Level 1 code 10001, Level 2 code 10011, Level 3 code 10111, Level 4 code 11111
  Region 2: Level 0 code 20000, Level 1 code 20001, Level 2 code 20011, Level 3 code 20111, Level 4 code 21111
  Region 3: Level 0 code 30000, Level 1 code 30001, Level 2 code 30011, Level 3 code 30111, Level 4 code 31111
  From SSAS role administration, I would like to assign a user permission to all Region 1 codes and only Level 3 code (30111) of region 3.
  How and where do I set this kind of permission?
  Thanks in advance.
  Manisha

  see
  http://www.mssqltips.com/sqlservertip/1834/introduction-to-dimension-security-in-sql-server-analysis-services-ssas-2005/
  Please Mark This As Answer if it helps to solve the issue Visakh ---------------------------- http://visakhm.blogspot.com/ https://www.facebook.com/VmBlogs

• Dimension level Security in SSM

  Hello,
  Requirement,
  The dimension PLANT in PAS under PAS Model ABCD looks as below
  ROOT
        ASSET1
        ASSET2
  we have single CONTEXT called ASSET meaning one model connection to link ASSET context to PAS Model ABCD.
  CE level SSM users USER1 and USER2 are created.
  When user1 logins, he should be dyanamically restricted to ASSET1
  When user2 logins, he should be dyanamically restricted to ASSET2
  Please help.
  Best Regards

  Hi Shashi,
  This is a standard feature used already in many implementations worldwide. For the same context, you can restrict which measures and/or dimension members a user or user group can have access to.
  In order to put in place this kind of security, you have to create different Application Server Connections inside the Model Connection you have associated with the Context.
  In the Model Connections screen, search for a box called App.Server Connections. Click on new. This will allow you to establish a connection to the same PAS model, but using a different PAS user. In the end, you will need to create as many App.Server Connections, each one with a different PAS user associated, as the different access profiles you want to create for your users.
  To each App.Server Connection, and so to each PAS user, you can assign different user groups and/or users.
  The rest of the configuration has to be done directly in the PAS model, creating a procedure called SECURITY and specifying there which measures and/or dimension members each PAS user will have access to. You will need, of course, to create all of the PAS users first.
  Hope this helps!
  Best regards,
  Ricardo Vieira

• Security error in Planning when accessing a data form

  Hi,
  I have a question regarding dimension level security and user access.
  We have a user who has been assigned a data form but still he is not able to access it. There is dimension level security applied to each user. When he tries to access the form it throws an error –
  “Security and/or filtering has resulted in a required dimension not being represented on this data form”.
  How do you know which dimension is it??? Is there any other way other than the manual method of going into each dimension and checking it?
  Please let me know your ideas.
  Thank you so much in advance.
  ~ Adella

  I am not sure of any other way apart from Alp's Suggestion of cross checking security export or play with USER_ID and OBJECT_ID in HSP_Access_Control Table or take a LCM export of just security and have a look at users.xml.
  Cheers..!!!

• Data level security for Dashboard pages.

  Hi all,
  I have a question.I want to apply data level security to the data in Dashboard pages .
  Any Answers.
  Thanks Sunny.

  Thanks Srikanth and Aravind .
  I have studied abt the data level security for dashboard.
  My question is : Is there any way to apply dataleve security to dashboard pages . like id dashboard D1 has pages p1,p2,p3
  and if we want to implement datalevel security to page is that possible.
  Thanks
  Sunny.

• Order Management Data Level Security

  Hi All,
  I have worked on OBIEE standalone and implemented data level security from custom data warehouse but never worked on BI Apps.Currently I am working Order Management and trying to implement data level security but I have no clue which OOTB init block to use for it.When i check the Order Management Group's--> permission there is no filter condition on them which i am thinking there no data level security on OM may i thinking wrong.Here is req users must able to see data by Division and Region they belong to and I am trying use OOTB security option for it OR do i need to build custom init block and related keys in all the sales order fact tables to implement it.
  Any documentation or links or information will be appreciated.
  This might be silly question but I would find a way better way.Please let me know if you need any information.
  Thanks

  Forgot to mention :Soruce is Oracle EBS

• View dimension hierarchy using the filter property of data form

  Hi,
  I created a data form where I want to show the dimension hierarchy. But when I am filtering the form using attribute dimension then the hierarchy is not being shown in the form.Is their any way so that I can use the filter property also and make the dimension hierarchy visible in the data form?
  Thanks.

  847833 wrote:
  Hi Endy,
  Thanks for your reply. I have used the "equal" function as to set that specific attribute as I am choosing the descendants function against the attribute dimension,it's showing error.Hi,
  What's the error ? You have to use a function, otherwise it will only display the member you picked.
  Actually in our dimension structure we have a 3 generation hierarchy and the attribute is only associated with the 3rd generation member. So we want to display the 3rd generation having the specific attribute "xx" wit the entire hierarchical structure in our data form.
  Can you please tell me if I have missed anything?
  Thanks.If you want to display the attribute value in the form, edit the form, go to the "Layout" tab, and click on your row. On the right side of the screen, you have a section called Display Properties. Check the box called Enable custom attributes, then check your attribute name. Save the form and you will have the attribute value displayed at the right of the member name.

• How to make Report for Data Forms ?

  Dears
  I need to make a report for specifice Data Form to show me who have access on this data form and the kind of security which took on dimensions members on the same data form. Just be note that the Security is assign on the Folders of data forms and is assgin by groups not users.

  There is no pre-built report that will do what you're describing. Last year at KScope, Brian Marshall gave a presentation on pre-built queries to run against the Planning repository. I don't see it on the ODTUG site, but here's some SQL that might get you started. It's not exactly what you're looking for, but it's a start:
  SELECT
       o.[OBJECT_NAME] AS [Secured_Object]
       ,uo.[OBJECT_NAME] AS [User_Name]
       ,CASE a.ACCESS_MODE
            WHEN 3 THEN 'Read'
            WHEN 1 THEN 'Write'
            WHEN -1 THEN 'Deny'
       END AS Access_Level
       ,CASE o.OBJECT_TYPE
            WHEN 24 THEN 'Task List'
            ELSE ot.[TYPE_NAME]
       END AS Object_Type
       ,CASE a.FLAGS
            WHEN 0 THEN 'Member'
            WHEN 5 THEN 'Children'
            WHEN 6 THEN 'Children (Inclusive)'
            WHEN 8 THEN 'Descendants'
            WHEN 9 THEN 'Descendants (Inclusive)'
       END AS Access_Level
  FROM
       HSP_ACCESS_CONTROL a
  INNER JOIN
       HSP_OBJECT uo ON a.[USER_ID] = uo.[OBJECT_ID]
  INNER JOIN
       HSP_OBJECT o ON a.[OBJECT_ID] = o.[OBJECT_ID]
  LEFT JOIN
       HSP_OBJECT_TYPE ot ON o.OBJECT_TYPE = ot.OBJECT_TYPE
  ORDER BY
       o.OBJECT_TYPE
       ,o.[OBJECT_NAME]

• How to Add a new Currency in HFM Data form and grid (Rates)

  Hi Gurus,
  Am very new to this forum.
  Can someone explain me how to add a new currency to the existing data for or grid in the Workspace.
  Regards,
  Vinod

  Hi Sandeep,
  To add a new currency in Metadata, just add in Currencies dimension, and to add in Data form-just send the script what you are using as of now for rest of the currencies, or follow the same steps as specified above. or just add the script A#CLORATE.w#Periodic.C2#XYZ in rows of your data form (where XYZ- is the new currency).
  To add a new location in FDM login to FDM web client- click on Metadata--> locations and select the Controls review location where you want to add the data load location, right click and add the new location.

• Object Level Security in OBIEE 11.1.1.5

  Hi All,
  I am trying to implement object level security for certail groups. We have BI Apps 7.9.6.3 implemented in whch obiee 11.1.1.5 is integrated with EBS R12. Users are able to login through diffrent responsiblities to OBIEe. I need insight into how to implement object level security. Below are the steps whihc i have followed but still i am facing strange issues i.e. some users are able to see dashboards which they have no access with view display error. I checked in dashboard permission. They do not have access
  1) Created application roles in OBIEE with the same resposiblity names
  2) Grouped the application roles in diffrent groups. I.e. if application roles a,b,c should have access to dashboard x then i made b and c member of a.
  3) Configured security in manage previleges and catalog for these application roles i.e. i used application role a mentioned in step 2 in manage previleges etc.
  4) Restarted the BI server and presentation servers.
  Are there any other steps which should be followed apart from above mentioned steps. Do i have to make use of groups.
  Regards,
  Sandeep

  Sandeep Saini wrote:
  I checked the inheritance. I did a lot of investigation but it is weird. My purpose of asking the question was to find out if there are any bugs in version 11.1.1.5 otherwise i didn't see any issues.
  There are a couple of bugs related to the issue but I have checked that on 11.1.1.5.5 and its works as expected.
  Bug 13982971 : PERMISSIONS ON WEB CATALOG OBJECTS NOT APPLIED IMMEDIATELY
  In case you see anything like this -> QA:USER WITH NO ACCESS OVER A FOLDER IS ABLE TO RUN ANALYSIS REPORT CONTAINED then [Patch ID 15626966]
  1) I want to check if there are any components i.e. BI server, presentation server or any other service that should be started after creation of application roles. I started only BI server after creating application rolesAny changes made to the Application policies should need a restart of admin and managed server however if you are not creating policies just Roles with similar names OPMN restart should be good to see the changes made.
  2) I made use of application roles throughout in object level security . Is it the correct approach ?Yes that is the right approach to use application roles for defining object level permission settings throught, do not go for catalog groups its makes it nasty to manage. Here is the quote from Sec Guide : " Using catalog groups is not considered a best practice and is available for backward compatibility in upgraded systems."
  3) To check if there are any object level security related bugsThere might be more than once mentioned above since 11.1.1.5 .. I do not trust that version it bites a lot ;)
  And to explain step 2 lets say there are n number of application roles which should have same object level security but diffrent data level security. In that case i made all such application roles member of another application role and configured object level security for that group only. For ex in manage previlege i configured "Access to Answer" for one application group and made other application group member of this group. I hope its clear now .Grouping of Roles with other similar roles is what needs to done to get functionality like catalog groups.However a reference of the 5 basic rules is always a lifesaver : [Rules for Inheritance for Permissions and Privileges|http://docs.oracle.com/cd/E29505_01/bi.1111/e10543/mgrgrpsusers.htm#autoId16]
  Hope this helps.!
  SVS

• Error when opening large data forms

  Hi,
  We are working on a Workforce planning implementation. We have 2 large custom defined dimensions.
  When opening large data forms we get a standard "Error has occurred" error. If we reduce the member selection the data form opens fine.
  Is anyone aware of a setting that can be increased to open large data forms? Im not referring to the "Warn id data form is larger than 3000 cells" setting.
  Im pretty sure there is a parameter that can be increased but I cant find it.
  Thanks for your help.
  Seb

  Hi Seb,
  If you do find the magic parameter then let us know because I would be interested to know.
  It is probably something like ALLOW_LARGE_FORMS = true :)
  In the planning logs is the error related to planning or is essbase related error.
  Is it failing due to the amount of rows or is it because it is going beyond the max of 256 columns ?
  Cheers
  John
  http://john-goodwin.blogspot.com/

• How to change the order of parent member on data forms

  Hi,
  Is there any way to show parent on top of its children in data form row level?
  By default data form display members like this:
  __Child 1
  __Child 2
  +Parent
  Instead of above i want this sequence:
  +Parent
  __Child 1
  __Child 2

  Have a read of
  Can we change the display order of member set functions like @Idescendant?
  Re: the order of member showing in dataform
  Cheers
  John
  http://john-goodwin.blogspot.com/