Exclude a user from Shared Services LCM export
How do I exclude a specific user from the Shared Services LCM export? In the migration definition file I am trying to specify something like the following:
pattern="*" and pattern<>"lcm_admin"
What exactly you want to try after/by exporting users from Shared services?
Regards,
Santy.
Similar Messages
-
Total de-provisioning of user from shared services
Hi All,
Can anyone please let me know how to de-provision a user from all individual & group access from shared services. I know that we can do this from Shared service web-link but that process is very time consuming. Is there any other way like script or macros etc.......Depending on version you can look at using the CSSimportexport utility or LCM which both can be run by command line scripts or you could use the API
Cheers
John
http://john-goodwin.blogspot.com/ -
Administration Users from Shared Services...
Dear Experts,
Am using OEPM 11.1.1.2
I have one basic question on Shared Services Users...As we are using the default login of Essbase administration services after installation and configuration to
login to the server and this is already changed to Shared Services Security during Configuration..
My question is can we be able to create user related to EAS from Shared Services or still we need to use the same default 'admin'? If so,
In any case if i want to provide one user with only "create/delete applications" for Essbase....i will go and do it in Shared Services.....
but if i want to modify something in Essbase...i still need to use EAS for modifying the application/Database information
How can i create multiple users in EAS?
One More, i don't see any project for Essbase Administration Services like Essbase, APS created in Shared Services after the applications have moved to Shared Services Security Mode...Is this correct? Please clarify
Moreover, in my case userid "admin" is used for all the Application groups in Shared Services...So if i change the password for this "ID", will it reflect to all the application groups who are privileged to...
ThanksMy question is can we be able to create user related to EAS from Shared Services or still we need to use the same default 'admin'? If so,
In any case if i want to provide one user with only "create/delete applications" for Essbase....i will go and do it in Shared Services.....
but if i want to modify something in Essbase...i still need to use EAS for modifying the application/Database information
How can i create multiple users in EAS?
One More, i don't see any project for Essbase Administration Services like Essbase, APS created in Shared Services after the applications have moved to Shared Services Security Mode...Is this correct? Please clarify
Moreover, in my case userid "admin" is used for all the Application groups in Shared Services...So if i change the password for this "ID", will it reflect to all the application groups who are privileged to...
Firstly, Shared services is a centralized User management console for all hyperion applications. Once you externalize your security to shared services, You can create as many users as you want in shared services and assign him access to Essbase. How ever, You will have to go to EAS and do a "refresh security from shared services" for changes made to users in shared services to reflect in Essbase.
For projects to appear under shared services project list, you will have to register each product with the shared services.
If the same admin ID is used for all applications, Yes, the password change will reflect to all applications he has access to.
-Nra -
Remove users from Shared Services/ EPM
Gurus
I have some users who have gone to different department and some who are no more with the companies. I was just wondering if there is a script I can run in the EPM Environment/ Shared Services to remove users and the provisioning in bulk.
Thank you for your response.Hi John,
I got it.
What I did was that I exported the GROUPS under APPLICATION GROUP -> FOUNDATION > SHARED SERVICES -> NATIVE DIRECTORY -> GROUP. Created a CSV file and deleted the user and then imported back again.
This is how it works right?
ALSO, can I totally erase the user. The above process deleted user from group. But if I need to delete the user overall from everywhere in the EPM app, is there a way to do so?
OR do I need to ask the server team to remove the user from MSAD.
Thanks -
Hi,
I have a security group in shared services, which has external directory users. I want to extract the list of users from shared services RDBMS repository using a SQL query. Please let me know if this is possible and from which table(s) I can query such list.
Thanks...You need to use CSS_Groups, CSS_GROUP_MEMBERS and CSS_USERS tables in your Foundation DB. Something like below will give you these details:
select b.Name ,a.Name from HYPFOUND.CSS_GROUPS b ,
HYPFOUND.CSS_USERS a ,
HYPFOUND.CSS_GROUP_MEMBERS c
WHERE c.MEMBER_IDENTITY = a.IDENTITY_ID and
c.GROUP_IDENTITY = b.IDENTITY_ID
GROUP BY (b.Name,a.name) -
How to sync user for planning from Shared Services
Hi ..
Can anybody please let me know how to sync users for planning from shared services.
Thank you.You need to expand on your question.
But the basic concept is you create or connect (for LDAP) users in Shared Services. You also create groups as required for these users. Then in shared services you provision those user to Planning applications (directly or indirectly through groups)
Then in Planning you will see users or groups. And in planning you connect them to either members in dimensions or to objects like Forms, Task lists, Business Rules.
There is therefore no such thing as synching Shared Services with Planning.
Note: the 2 steps mentioned above can be done in batch through load utilities.
Please expand you question if necessary -
How to get New Added User's log from shared services in 2012--Important
Hi Experts
All my user are MSAD users but i want to generate See log for all users in Hyperion who are all added in 2012.
Please let me know ,we will get this information from Backend SQL and what are the tables related for this.
Any one help me in this...highly appreciated.
Thanks,
RKHi,
You don't add MSAD users in shared services. The users is added to the directory that is configured as MSAD in shared services and you will
see the user in shared services after that. I don't think so that Hyperion can provide any info regarding the users addition in shared services.
Thanks,
Sourabh -
Error from EAS - "refreshing security from Shared Services failed"
Hi,
I was using Native only security in HSS for Essbase 11.1.1.3 and EAS allowed me to Refresh security from Shared Services. (Essbase security was already externalized to HSS.)
However, after I added "MS Active Directory", and provisioned a MSAD user to a native Planning group, EAS errors out with "refreshing security from Shared Services failed" .
I checked Essbase security and that MSAD user is not added to Essbase.
From Essbase Log I see:
Essbase failed to get roles list for [ESB:Analytic Servers:servername:1] from Shared Services Server with Error [32:1062:Failed to connect to the user directory [ HSS'sMSADname].
I then tried to remove MSAD from our H Shared Services and see if this problem goes away. However, MSAD still shows on the left panel menu in H Shared Services. How can I get rid of MSAD?
Any suggestions?
Edited by: user643332 on May 12, 2010 12:05 AMHi,
Are you sure you have removed it from shared services, you may have just disabled it.
You must restart the shared services application server to apply any changes made.
Cheers
John
http://john-goodwin.blogspot.com/ -
Grant the Essbase application permission to user in Shared Services
Hi,
We got a problem in granting the Essbase permission to user using Shared Services. We are using Hyperion 9.3.1.
(1) We created an Essbase application + database through Essbase Administration Console, say TBC.Sales.
(2) Provision the Essbase "Server Access" + Essbase Application "Read" roles to a user.
(3) In Essbase Admin Console, we "Refresh Security from Shared Services".
However, the user still cannot see the Essbase Database in SmartView. Does anyone know how to fix the problem?The problem is fixed with Essbase 9.3.1.3.0.5.
-
How to Generate a Report for a list of Users in Shared Services.
I am using Hyperion 9.3.1 version.
I have around 120 (MSAD) users in shared services and now i want to generate a report which tells what all access is given to a particular application for these users. Can anyone let me know the steps how to acheive this.
Regards,
Vijay Krishna.Hi,
Have you tried generating a provisioning report in Shared Services, have a read of :- http://download.oracle.com/docs/cd/E10530_01/doc/epm.931/html_cas_help/provrep.htm
If that doesn't suit your requirements then you could always have a look at using CSSImportExportUtility to export provisioning to a csv file. The utility is located in hyperion\common\utilities and has a pdf on instructions how to use it.
Cheers
John
http://john-goodwin.blogspot.com/ -
Can someone tell me if there is a SQL table somewhere that stores the listing of users in Shared Services?
Where would that data be stored?so John, you say that there is no chance to retrieve those users from relational-tables before v.11.1.2, right? is it possible in 11.1.2?
actually i also need a scheduled report to see all users in HSS hence we're using same HSS with another project-team and both teams need such a kind of control report: "which users are able to see our project, who are in the other project... etc."
i think, i should use CSSExport utility for creating such a scheduled report?
do you have any suggestion?
rgds,
ozmo -
Refresh Security from shared services fails.
Hello all,
On our environment I went into shared services with admin rights and changed the native directory password. And from then on I have not been able to refresh the security of essbase server in EAS. I get the following error,
Essbase failed to get roles list for [ESB:Analytic Servers:Servername:1] from Shared Services Server with Error [32:1062:Failed to connect to the user directory [Native Directoy].]
Also I would like to know if native directory password means the password "password" which comes as default for the username admin. Am new to essbase and was under the impression that native directory password means the password "password" which came as default for the username admin. Please help, this is a production issue which started only because I changed the native directory password and now I need to get it fixed.
Thanks.
Edited by: Teddd on Jan 6, 2013 4:07 PMPlease confirm the version of the Shared Services (HSS) and Essbase, EAS server.
Also let me know, if the HSS, ESSBASE & EAS installed on the same box ?
If they are on the different servers, ensure that there is no network communication issues.. (try performing telnet on the port from each other servers)
E.g Open command prompt - telnet servername port (telnet HSS_SERVER 28080), hit enter.. if it shows the blank screen .. it is successful and there is no communication issues.
Also you could try..
On EAS server, add the below in windows registry under EAS... and restart the machine..
ESS_CSS_JVM_OPTION1 = -Dcom.hyperion.css.socketTimeout=60000
if you are not comfortable updating the registry contact you admin and ensure to take the backup before editing... -
Error with Active Directory Synchnorisation from Shared Services to Essbase
Have recently installed HS9 v 9.3.1
In Shared Services i have created both native and MSAD users. Everything works fine with the native users (Planning,EAS etc...)
MSAD user directory has been configured & tested -ok on Workspace.
The MSAD users have been provisioned and can access Workspace & Shared services without any issue.
However, when accessing Planning, the following error is displayed in the Essbase server log:
Tue Mar 18 15:12:39 2008]Local/ESSBASE0///Info(1051001)
Received client request: Create External User With Type (from user [hyperion])
[Tue Mar 18 15:12:39 2008]Local/ESSBASE0///Error(1051205)
Single Sign On function call [css_getUser] failed
[Tue Mar 18 15:12:39 2008]Local/ESSBASE0///Warning(1051003)
Error 1051205 processing request [Create External User With Type] - disconnecting
[Tue Mar 18 15:12:39 2008]Local/ESSBASE0///Info(1051001)
Received client request: Set Application FrontEnd Type (from user [hyperion])
[Tue Mar 18 15:12:39 2008]Local/ESSBASE0///Info(1051001)
Received client request: Get Security Mode (from user [hyperion])
[Tue Mar 18 15:12:39 2008]Local/ESSBASE0///Info(1051001)
Received client request: Set Application Id For Planning (from user [hyperion])
[Tue Mar 18 15:12:39 2008]Local/ESSBASE0///Info(1051001)
Received client request: Get Security Mode (from user [hyperion])
[Tue Mar 18 15:12:39 2008]Local/ESSBASE0///Info(1051001)
Received client request: Get Security Mode (from user [hyperion])
[Tue Mar 18 15:12:39 2008]Local/ESSBASE0///Info(1051001)
Received client request: Re-Sync User/Group with Single application (from user [hyperion])
[Tue Mar 18 15:12:39 2008]Local/ESSBASE0///Info(1051590)
Synchronization started for user/group [MSADUser]
[Tue Mar 18 15:12:39 2008]Local/ESSBASE0///Info(1051591)
Synchronization completed for user/group [MSADUser]
[Tue Mar 18 15:12:39 2008]Local/ESSBASE0///Error(1051013)
User/group MSADUser does not exist
[Tue Mar 18 15:12:39 2008]Local/ESSBASE0///Warning(1051003)
Error 1051013 processing request [Re-Sync User/Group with Single application] - disconnecting
---------- When accessing through XL Addin, the foll is displayed:
[Tue Mar 18 16:49:09 2008]Local/ESSBASE0///Error(1051012)
User MSADUser does not exist
[Tue Mar 18 16:49:09 2008]Local/ESSBASE0///Warning(1051003)
Error 1051012 processing request [Login] - disconnecting
Thanks !!!Hardcode IP addresses instead of the server names in the essbase.cfg file and the Shared Services CSS.XML file for the Shared Services server references.
Restart SS/Essbase, provision an MSAD user, then do a Refresh from Shared Services in AAS.
Verify your MSAD userID then shows up as an Essbase user in AAS(Display User list for the Essbase server)
As long as the MSAD users show up in the user list, they should be working. -
Externalise users to Shared Services fails
I recently tried to Externalise users to Shared Services. However, when I attempted to do this, I received the following error:
[Thu Nov 13 15:29:12 2008]Local/ESSBASE0///Error(1051449)
Analytical Services failed to get group with Error com/hyperion/css/spi/util/CSSGroupComparator
I tried to Externalise again and then I received this error:
[Thu Nov 13 15:33:20 2008]Local/ESSBASE0///Error(1051449)
Analytical Services failed to get group with Error [CSS Error: Invalid Argument: Principal passed is NULL]
And also, now whenever I tried to add a new user to Essbase thats authenticated externally, I receive this error:
[Fri Nov 28 16:56:20 2008]Local/ESSBASE0///Error(1051223)
Single Sign On function call [css_getUser] failed with error [CSS Error: Invalid Argument: Principal passed is NULL]
Note, it did partially succeed in externalising to shared services, as the Essbase Cubes & Project to appear.
Does anyone have any ideas on how to resolve these errors and successfully externalise to shared services?
Edited by: user2062993 on 30/11/2008 19:32I have a similar situation at my end.
reconfigure EAS console as from the configuration utility or mere editing the properties of the administration server will do.
I tried editing the properties in the administration server but it dint help so should i go and reconfigure the EAS from the configuration utility . -
Problem with Business Rules access from Shared Services
Hello,
When trying to access Business Rules from Shared Services (expand Business Rules and click on the application) I get the "Refer to the Security Guide to configure security permissions for this application" message, but the user is fully provisioned for Business Rules. It happens even logged on as admin. Access from Administration Services works fine. The version Hyperion system 9 (9.3.0.1). What is wrong? Help, please.
Thanks,
TimurYou can't access Business Rules from Shared Services. This is no different from any other application - Planning, Essbase, etc. You can provision users to the application roles, but you can't actually do anything with the application, other than security, in Shared Services. You use Admin Services to maintain Business Rules.
Maybe you are looking for
-
Error while starting discoverer 10g
Dear All, Currently we are facing issue while starting the WLS_DISCO discoverer service through node manager as: java.io.IOException: Server failed to start up. See server output log for more details. at weblogic.nodemanager.server.ServerManager.star
-
I am trying to turn on iCloud on my Macbook but all I get in Preferences - Internet and Wireless - is Mobile me and not iCloud. Can you tell me how to switch it on? Regards annie
-
LAN driver for Satellite Pro L20 Windows 2000
I am looking for a LAN (ethernet) drive for my Satellite Pro L20, which has Windows 2000 on it. I have found one for the WiFi, but not for the Ethernet (cable/CAT) connection.
-
I cannot download videos with flash video downloader from other websites also.Whenever I want to download video it says choose file.
-
Como puedo cambiar mis respuestas en las preguntas de seguridad si las he olvidado?
como puedo cambiar mis respuestas en las preguntas de seguridad de iTunes si las he olvidado?