Folder Security Query
BOE XI R2
I need help extracting rights information on folders. I have an Excel spreadsheet that I currently get a list of folders in the system. I need to extend this to show which groups have access rights to each folder. Can this be done using a Query that I can replicate in the Query Builder? If not, how do I accomplish it? I am not a full time programmer so more detailed explanations are better. I do have extensive experience administering BOE, so I understand the how it all works.
Thanks
Brian
Hi Brian,
I suggest reading the BusinessObjects Enterprise SDK Documentation.
The SDK documentation is found on the following site:
https://www.sdn.sap.com/irj/boc/sdklibrary
For XI R2, please scroll down to the bottom of this page.
The "Developer Guide" contains several tutorials that may help you with understanding how to use the SDK.
I do not have a COM based sample but below is a Java based sample.
The workflow is basically the same.
Hope this helps.
Regards,
Dan
<%@ page import = "java.util.*"%>
<%@ page import = "com.crystaldecisions.sdk.framework.*"%>
<%@ page import = "com.crystaldecisions.sdk.occa.infostore.*"%>
<%@ page import = "com.crystaldecisions.sdk.occa.security.*"%>
<%@ page import = "com.crystaldecisions.sdk.exception.*"%>
<%@ page import = "com.crystaldecisions.sdk.properties.*"%>
<%@ page import = "com.crystaldecisions.sdk.plugin.*"%>
<%@ page import = "com.crystaldecisions.sdk.plugin.desktop.user.*"%>
<%
IEnterpriseSession es = null;
//Get html form values
String user = request.getParameter("username");
String password = request.getParameter("password");
String apsName = request.getParameter("apsname");
String apsAuthType = request.getParameter("authType");
//Logon and get the iStore back
es = CrystalEnterprise.getSessionMgr().logon( user, password, apsName, apsAuthType );
IInfoStore boInfoStore = (IInfoStore) es.getService("", "InfoStore" );
out.println("<TABLE BORDER='1'>");
out.println("<TR WIDTH='300' ALIGN=CENTER BGCOLOR=KHAKI><TD COLSPAN=2>Folder</TD><TD COLSPAN=4>Rights</TD></TR>");
out.println("<TR ALIGN=CENTER BGCOLOR=KHAKI><TD>ID</TD><TD>Folder Name</TD><TD>ID</TD><TD>Principal</TD><TD>Inherited</TD><TD>Role</TD></TR>");
out.println(getFolders(boInfoStore, 0, 0));
out.println("</TABLE>");
%>
<%!
String getFolders(IInfoStore boInfoStore, int parentId, int level) throws SDKException {
String output = "";
String query_folder = "Select * From CI_INFOOBJECTS Where SI_KIND = '" + CeKind.FOLDER + "' AND SI_PARENTID=" + parentId + " ORDER BY SI_NAME";
IInfoObjects boInfoObjects_folder = (IInfoObjects) boInfoStore.query( query_folder );
IInfoObject boInfoObject_folder = null;
IObjectPrincipals boObjectPrincipals = null;
int iPrincipalCount = 0;
String levelPad = "";
for ( int i = 0; i < level; i++ ) {
levelPad += " ";
for ( int i = 0; i < boInfoObjects_folder.size(); i++ ) {
boInfoObject_folder = (IInfoObject) boInfoObjects_folder.get(i);
boObjectPrincipals = boInfoObject_folder.getSecurityInfo().getObjectPrincipals();
iPrincipalCount = boObjectPrincipals.size();
output += "<TR><TD ROWSPAN=" + iPrincipalCount + ">" + boInfoObject_folder.getID() + "</td>";
output += "<TD ROWSPAN=" + iPrincipalCount + ">" + levelPad + boInfoObject_folder.getTitle() + "</td>";
if (iPrincipalCount > 0) {
output += getPrincipals(boObjectPrincipals);
} else {
output += "<TD COLSPAN=2>No rights associated with this folder.</td></TR>";
output += getFolders(boInfoStore, boInfoObject_folder.getID(), (level+1));
return output;
String getPrincipals(IObjectPrincipals boObjectPrincipals) throws SDKException {
String output = "";
IObjectPrincipal boObjectPrincipal = null;
Iterator iterator_principals = null;
boolean firstPrincipal = true;
iterator_principals = boObjectPrincipals.iterator();
firstPrincipal = true;
while (iterator_principals.hasNext()) {
boObjectPrincipal = (IObjectPrincipal) iterator_principals.next();
if (firstPrincipal) {
firstPrincipal = false;
} else {
output += "<TR>";
output += "<TD>" + boObjectPrincipal.getID() + "</td>";
output += "<TD>" + boObjectPrincipal.getName() + "</td>";
output += "<TD>" + boObjectPrincipal.isInherited() + "</td>";
output += "<TD>" + boObjectPrincipal.getRole().getDescription(Locale.ENGLISH) + "</td>";
output += "</TR>";
return output;
%>
Similar Messages
-
Cmc rights to use Security Query Export functionalities
In Cmc when I create a Security Query it shows the list of rights a user has on Business Objects objects, and that's fine, however when I try to export those results I get a message like this:
You don't have rights to 'Schedule document to run' (id:21) for Security Query Export (ID: 1074)
On which folder or object in Cmc should I set that right? I have no idea! I'm using the Admiistrator account so I don't understand why I don't have rights to export the results of the query. I'm using BusinessObjects xi r3.
Edited by: PadawanGirl on Feb 1, 2012 5:09 PMHello Erika,
In your CMC > Folders > Administration Tools, make sure Administrators group has Full Control, in particular make sure that the right "schedule Document to run" is granted. If it looks fine, check the same right on Security Query Export object itself.
Frederique -
Upgrade of Business Objects v3.0 to v3.1 makes folder security disappear
Hi All,
re: Upgrade of Business Objects v3.0 to v3.1 makes folder security disappear
We just upgraded to v3.1 and the security I put in place in v3.0 did not carry over for the folders. Our company wanted to secure the folders per SAP security role, so I did that by breaking the inheritence relationship from the Root Folder on child folders that they should not have access to (see SAP note#1281763 for explaination on this type of procedure). It worked fine in v3.0, but after the upgrade, all of those changes had disappeared and every SAP role was able to see every folder. This was a major effort to secure those folders and I do not want to do it again. Also, we did import the roles into the upgrade BO v3.1 before we imported the BO structure, which as told to us by SAP, would work and not cause this issue.
Thanks for your help!Hello Gary,
I recommend to post this query to the [BusinessObjects Enterprise Administration|BI Platform; forum.
This forum is dedicated to topics related to administration and configuration of BusinessObjects Enterprise, BusinessObjects Edge, and Crystal Reports Server.
It is monitored by qualified technicians and you will get a faster response there.
Also, all BOE Administration queries remain in one place and thus can be easily searched in one place.
Best regards,
Falk -
Hi,
We are struggling with this issue, I have various report folders in Explore within Workspace. I would like my users to view (and run) reports in the folders for which permissions have been granted. Even after granting permissions, my users are able to view all report folders and also able to run reports from them.
How do we restrict users to view only relevant folders for which permissions have been granted for. My users are grouped in various groups and folder security is being given to these groups. All my reports are FR and some WA reports.
Am I missing something silly completely? Any guidance will be of great help. Thanks in advance.Two things i have run into:
1) the group WORLD has access to the folders. You need to remove this group from each folder.
2) The users have admin rights for Reporting. This overrides folder security. -
Security - Query - XML Publisher
Hello,
I need some help concerning the security for queries and XML Publisher.
I am on an HR peoplesoft, tools8.49.
When I am with user PS I see my query in query manager and my XML Publisher report.
My query is Public and my report definition for XML Publisher too.
My problem is that I am not able to publish my query to see it in query viewer and I suppose (perhaps I'm wrong) that's why when I'm connecting with another user which have access to the security query tree to see this query, I am not able to see my XML Publisher report definition.
Could you tell me where I should search to publish this query in query viewer ? Or is it something special to do to see my XML Publisher report definition ?
Any ideas are welcome.
Thanks in advance for your help.Problem solved : I have forgotten to add my role in Reporting Tools > XML Publisher > Setup > Report Category.
-
Cannot view the folder security after removed the default "users" group from folder
Hi guys
Due to the domain change, I am doing a windows 2003 server migration to windows 2012 for a file server.
Tones of data have been copied from the old 2003 server to the new setup 2012 server.
We need remove the "builtin\users" group from the folder security to maintain correct rights access of user to network folder.
Once the "builtin\users" group has been removed, the account in domain admin group can no longer read the folder security.
Has anyone faced the similar situation?
Or, is there any change in folder security rights of Windows 2012?
Thanks in advance
KC@ITLHi,
Glad to hear that the issue has been resolved.
If you need any assistance in the future, please do not hesitate to post in our forum.
Regards,
Mandy
We
are trying to better understand customer views on social support experience, so your participation in this
interview project would be greatly appreciated if you have time.
Thanks for helping make community forums a great place. -
Details on Force Folder Security
When I create a folder in UCM, there is a boolean field called "Force Folder Security". How does this folder metadata get used?
Hi
CollectionForceFolderSecurityEnabled is related affect Security Group and Account for contents that are in the folder . If it is set to true, then any any new, copied, or moved content placed into that folder will have the content’s security fields overridden to match the Security Group and Account of the folder. If it it set to false and you move content from one folder to another, the content keeps its original Security Group and Account, and does not change to match the Security Group and Account set on the new folder.
Hope this helps .
Thanks
Srinath -
We our migrating our reporting services to a new server. The current reporting services folder security is setup incorrectly and I have to change the security for EVERY FOLDER (hundreds of them). I have to go to the drop down > Security >
Revert to Parent Security for every single folder on our SSRS!
Is there not a way to set all sub folders to inherit security? Like on Windows folder security you just "Replace all child object permissions with inheritable permissions from this object" on the parent folder and it applies all the permissions
to every child folder.
SQL Server 2014 Business Intelligence edition.Hi Kelvin.uk,
According to your description, you want to set all folders which exist in report manager to inherit security in a batch, right?
In this scenario, we can use Windows PowerShell script to achieve your requirement. Using the script, we should get all folders in the report manager, then check if the folder inherit security. If not, set the folder inherit security again. For your requirement,
you can execute the script below:
$ReportServerUri = "http://<ServerName>/ReportServer/ReportService2010.asmx";
$Proxy = New-WebServiceProxy -Uri $ReportServerUri -Namespace SSRS.ReportingService2010 -UseDefaultCredential ;
#check out all members of $Proxy
#$Proxy | Get-Member
#http://msdn.microsoft.com/en-us/library/reportservice2010.reportingservice2010.listchildren.aspx
$items = $Proxy.ListChildren("/", $true);
foreach($item in $items){
if($item.TypeName -eq "Folder")
write-host $item.Name
$inherited = $true
$itempolicies = $Proxy.GetPolicies($item.Path,[ref]$inherited)
if (-not $inherited){
$Proxy.InheritParentSecurity($item.Path)
If you have any question, please feel free to ask.
Best regards,
Qiuyun Yu
Qiuyun Yu
TechNet Community Support -
SECURITY query running slow with Prompts!!
Hello All,
Version: PeopleSoft HRMS 9 with PeopleTools 8.49.09
DB Version: 10.2.0.3 (Oracle)
My client is running a security query, given below, with and without prompts. Without prompts it is completing in 35 seconds but with prompts (even if the values in the prompts are blank!), the query is taking more than 4-5 hours but not completing!!
SELECT /*+ OPT_PARAM('_optimizer_mjc_enabled', 'false')
opt_param('_optimizer_cartesian_enabled', 'false') opt_param('optimizer_index_caching', 0) opt_param('optimizer_index_cost_adj', 0)*/ B.OPRID, A.EMPLID, A.PWCUK_LEGACY_ID, A.NAME, A.EMPL_STATUS, A.EMPL_CLASS,
to_char(to_date( TO_CHAR(A.HIRE_DT, 'YYYY-MM-DD'), 'yyyy-mm-dd'), 'dd/mm/yyyy'),
to_char(to_date(decode( TO_CHAR(A.REHIRE_DT, 'YYYY-MM-DD'), '',
TO_CHAR(A.HIRE_DT, 'YYYY-MM-DD'), TO_CHAR(A.REHIRE_DT, 'YYYY-MM-DD')), 'yyyy-mm-dd'), 'dd/mm/yyyy'),
to_char(to_date( TO_CHAR(A.TERMINATION_DT, 'YYYY-MM-DD'), 'yyyy-mm-dd'), 'dd/mm/yyyy'), A.DEPTID, A.DEPT_DESCR, A.PWCUK_BUSINESSUNIT, A.PWCUK_BU_DESCR, A.PWCUK_SUBREGION, A.PWCUK_SR_DESCR,
A.PWCUK_REGION, A.PWCUK_R_DESCR, B.ROWSECCLASS, E.CLASSDEFNDESC, C.ROLENAME, D.DESCR,
Case C.ROLENAME When 'UK_OTG_Query_Access' then 'Y' When 'UK_Self_Service_Query_Access' then 'Y' When 'UK_Prtner_Affairs_Query_Acces' then 'Y' When 'UK_SelfServ_Sens_Basic_Query' then 'Y' When 'UK_ESC_Extra_Query_Access' then 'Y' When 'UK_BCI_Query_Access' then 'Y' When 'UK_Self_Service_Non_Sens_Q Acc' then 'Y' Else 'N' END, TO_CHAR(A.EFFDT, 'YYYY-MM-DD'),
TO_CHAR(A.EFFDT, 'YYYY-MM-DD'), D.ROLENAME FROM PS_PWCUK_EMP_C_VW A, PS_PERS_SRCH_QRY A1, PSOPRDEFN B, PS_ROLEU SER_VW C, PSROLEDEFN D, PSCLASSDEFN E WHERE A.EMPLID = A1.EMPLID
AND A1.OPRID = 'kcooper001a' AND ( B.OPRID = A.PWCE_GUID AND B.OPRID = C.OPRID AND C.ROLENAME NOT IN ('Orbit User', 'PWCUK_LOS_ADMIN_PLANNER', 'Query Designer', 'Query User', 'PWCE_EMEA_AUDIT_RLE_NO_BSE_TBL', 'PWCE_REPORT_DIST', 'EOPP_USER', 'PAPP_USER', 'PWCUK_XMLP_REPORT_DEVELOPER', 'GBR_PEOPLE_MANAGER_CONFIG_UPD', 'PWCUK_EX_EMPLOYEE', 'ReportSuperUser', 'PWCE JOBCODE LOAD UTILITY',
'PWCE EMPLOYEE RVW LOAD ACCESS', 'PwCE Bonus Upload Access', 'GBR_EP_SYSADMIN') AND ( C.ROLENAME NOT LIKE 'PWCUK_EP%' OR C.ROLENAME = 'PWCUK_EP_ADMIN') AND C.ROLENAME NOT LIKE 'PWCUK_SP%' AND C.ROLENAME NOT LIKE 'GBR_PMGR%' AND 0 < INSTR(:1, decode(trim(:2), null, ' ', B.OPRID)) AND 0 < INSTR(:3, decode(trim(:4), null, ' ', B.EMPLID)) AND 0 < INSTR(:5, decode(trim(:6), null, ' ', A.PWCUK_LEGACY_ID)) A
ND 0 < INSTR(:7, decode(trim(:8), null, ' ', C.ROLENAME)) AND 0 < INSTR(:9, decode(trim(:10), null, ' ', E.CLASSID)) AND C.ROLENAME = D.ROLENAME AND E.CLASSID = B.ROWSECCLASS ) ORDER BY 4, 20Below are some more useful information I have gathered from DB level for this query:
+--------------------------------------------------------------------------------------------------+
|Plan HV Min Snap Max Snap Execs LIO PIO CPU Elapsed |
+--------------------------------------------------------------------------------------------------+
|770792495 39602 39747 5 1,181,648,326 6,823 7,433.93 7,481.60 |
+--------------------------------------------------------------------------------------------------+
========== PHV = 770792495==========
First seen from "10/19/12 10:00:44" (snap #39602)
Last seen from "10/25/12 11:00:28" (snap #39747)
Execs LIO PIO CPU Elapsed
===== === === === =======
5 1,181,648,326 6,823 7,433.93 7,481.60
Plan hash value: 770792495
| Id | Operation | Name | Rows | Bytes | Cost (%CPU)| Time |
| 0 | SELECT STATEMENT | | | | 35 (100)| |
| 1 | SORT ORDER BY | | 1 | 645 | 35 (6)| 00:00:01 |
| 2 | NESTED LOOPS | | 1 | 645 | 34 (3)| 00:00:01 |
| 3 | NESTED LOOPS | | 6 | 1122 | 10 (10)| 00:00:01 |
| 4 | NESTED LOOPS | | 1 | 165 | 5 (0)| 00:00:01 |
| 5 | NESTED LOOPS | | 1 | 122 | 4 (0)| 00:00:01 |
| 6 | NESTED LOOPS | | 1 | 81 | 3 (0)| 00:00:01 |
| 7 | NESTED LOOPS | | 552 | 29256 | 2 (0)| 00:00:01 |
| 8 | INDEX FULL SCAN | PSAPSROLEUSER | 550 | 15950 | 1 (0)| 00:00:01 |
| 9 | TABLE ACCESS BY INDEX ROWID | PS_ROLEXLATOPR | 1 | 24 | 1 (0)| 00:00:01 |
| 10 | INDEX UNIQUE SCAN | PS_ROLEXLATOPR | 1 | | 1 (0)| 00:00:01 |
| 11 | TABLE ACCESS BY INDEX ROWID | PSOPRDEFN | 1 | 28 | 1 (0)| 00:00:01 |
| 12 | INDEX UNIQUE SCAN | PS_PSOPRDEFN | 1 | | 1 (0)| 00:00:01 |
| 13 | TABLE ACCESS BY INDEX ROWID | PSCLASSDEFN | 1 | 41 | 1 (0)| 00:00:01 |
| 14 | INDEX UNIQUE SCAN | PS_PSCLASSDEFN | 1 | | 1 (0)| 00:00:01 |
| 15 | TABLE ACCESS BY INDEX ROWID | PSROLEDEFN | 1 | 43 | 1 (0)| 00:00:01 |
| 16 | INDEX UNIQUE SCAN | PS_PSROLEDEFN | 1 | | 1 (0)| 00:00:01 |
| 17 | VIEW | PS_PERS_SRCH_QRY | 483 | 10626 | 5 (20)| 00:00:01 |
| 18 | SORT UNIQUE | | 483 | 62790 | 5 (20)| 00:00:01 |
| 19 | NESTED LOOPS | | 483 | 62790 | 4 (0)| 00:00:01 |
| 20 | NESTED LOOPS | | 483 | 49749 | 3 (0)| 00:00:01 |
| 21 | NESTED LOOPS | | 1 | 67 | 2 (0)| 00:00:01 |
| 22 | TABLE ACCESS BY INDEX ROWID| PSOPRDEFN | 1 | 40 | 1 (0)| 00:00:01 |
| 23 | INDEX UNIQUE SCAN | PS_PSOPRDEFN | 1 | | 1 (0)| 00:00:01 |
| 24 | TABLE ACCESS BY INDEX ROWID| PS_SJT_OPR_CLS | 1 | 27 | 1 (0)| 00:00:01 |
| 25 | INDEX RANGE SCAN | PS_SJT_OPR_CLS | 1 | | 1 (0)| 00:00:01 |
| 26 | TABLE ACCESS BY INDEX ROWID | PS_SJT_CLASS_ALL | 482 | 17352 | 1 (0)| 00:00:01 |
| 27 | INDEX RANGE SCAN | PS_SJT_CLASS_ALL | 1158 | | 1 (0)| 00:00:01 |
| 28 | INDEX RANGE SCAN | PS_SJT_PERSON | 1 | 27 | 1 (0)| 00:00:01 |
| 29 | VIEW | PS_PWCUK_EMP_C_VW | 1 | 458 | 4 (0)| 00:00:01 |
| 30 | UNION ALL PUSHED PREDICATE | | | | | |
| 31 | TABLE ACCESS BY INDEX ROWID | PS_PWCUK_EMPLOYEES | 1 | 169 | 1 (0)| 00:00:01 |
| 32 | INDEX RANGE SCAN | PS_PWCUK_EMPLOYEES | 1 | | 1 (0)| 00:00:01 |
| 33 | FILTER | | | | | |
| 34 | NESTED LOOPS OUTER | | 1 | 220 | 3 (0)| 00:00:01 |
| 35 | NESTED LOOPS OUTER | | 1 | 208 | 2 (0)| 00:00:01 |
| 36 | TABLE ACCESS BY INDEX ROWID | PS_PWCUK_EX_EMPLS | 1 | 161 | 1 (0)| 00:00:01 |
| 37 | INDEX RANGE SCAN | PS_PWCUK_EX_EMPLS | 1 | | 1 (0)| 00:00:01 |
| 38 | TABLE ACCESS BY INDEX ROWID | PS_PWCE_EP_ROLES | 1 | 47 | 1 (0)| 00:00:01 |
| 39 | INDEX RANGE SCAN | PS_PWCE_EP_ROLES | 1 | | 1 (0)| 00:00:01 |
| 40 | INDEX RANGE SCAN | PS_PWCUK_EMPLOYEES | 1 | 12 | 1 (0)| 00:00:01 |
| 41 | SORT AGGREGATE | | 1 | 23 | | |
| 42 | INDEX RANGE SCAN | PS_PWCE_EP_ROLES | 1 | 23 | 1 (0)| 00:00:01 |
Summary Execution Statistics Over Time
Avg Avg
Snapshot Avg LIO Avg PIO CPU (secs) Elapsed (secs)
Time Execs Per Exec Per Exec Per Exec Per Exec
19-OCT 10:00 1 374,309,812.00 1,469.00 2,286.32 2,291.32
25-OCT 10:00 3 86,033,085.00 1,567.67 543.68 546.11
25-OCT 11:00 1 549,239,259.00 651.00 3,516.56 3,551.96
avg 336,527,385.33 1,229.22 2,115.52 2,129.80
sum 5
Per-Plan Execution Statistics Over Time
Avg Avg
Plan Snapshot Avg LIO Avg PIO CPU (secs) Elapsed (secs)
Hash Value Time Execs Per Exec Per Exec Per Exec Per Exec
770792495 19-OCT 10:00 1 374,309,812.00 1,469.00 2,286.32 2,291.32
25-OCT 10:00 3 86,033,085.00 1,567.67 543.68 546.11
25-OCT 11:00 1 549,239,259.00 651.00 3,516.56 3,551.96
avg 336,527,385.33 1,229.22 2,115.52 2,129.80
sum 5I'm not at all proficient in PeopleSoft.
Please advice how we can get faster runs for this query.
Note: We have already checked all other possibilities, like network, application, web services, etc, and they look normal.
Thanks,
SuddhasatwaIf the hints are there only for the "cost", then I'm sorry to say, but they are useless. Did you say that was not efficient to the Oracle Support ?
I asked earlier if that query already ran in a reasonnable time, is it the case, or always took that time ? Is it a change of behaviour after a db upgrade ?
Have you tried to work with AWR snapshots with a short gap in between ? I mean between the AWR snapshots (every 15 minutes or so), not between the runs of the query.
If there's no values for the bind variables, I assume this is what you mean when you said "no prompts", then Oracle can go much faster because of the few (or no?) data repartition to retrieve.
However, when given values to some (all?) of the bind variables, then all the problem will be on the data repartition. That's why I was asking how you gathered statistics on the involved objects, in other words, the histograms may be wrong somehow.
There's a lot of litterature on this, have a look to the Jonathan Lewis blog for more information.
Anyway, I think there's not enough information here and does not look easy to work on it in that state from the other side of the network.
Nicolas. -
BBID - Forgot Password and Answer to Security Query
Hi All,
I forgot my password for BB-ID.
I already tried to recover it by using below link:
https://blackberryid.blackberry.com/bbid/recoverpassword?i=2899178
However as I'm not able to remember the answer to the security query, I have not been able to reset the password.
Does anybody have any idea on how I can reset Password and Answer to Security Query?
I still remember my email-adress for setting up my BB-ID ... unfortunately that's all I remember.
Thanks for your help.Read this for full information and suggestions to regain access to your BBID >> http://supportforums.blackberry.com/t5/BlackBerry-World/How-to-regain-access-to-your-BBID/td-p/25467...
You have to remember either the BlackBerryID password, or the secret question answer. Without either, you're stuck.
Your choices are:
--Use another email account to create an entirely new BlackBerryID (with which you will lose access to any purchased apps using the "forgotten" first BlackBerryID, or
--Find the initial email you were sent to confirm the initial BlackBerryID, and in it is a link to click to cancel and delete the account. Click on that, delete the account and then you can use that same email to create an entirely new account.
Good luck.
1. If any post helps you please click the below the post(s) that helped you.
2. Please resolve your thread by marking the post "Solution?" which solved it for you!
3. Install free BlackBerry Protect today for backups of contacts and data.
4. Guide to Unlocking your BlackBerry & Unlock Codes
Join our BBM Channels (Beta)
BlackBerry Support Forums Channel
PIN: C0001B7B4 Display/Scan Bar Code
Knowledge Base Updates
PIN: C0005A9AA Display/Scan Bar Code -
SSRS security to view folder security rights
What access is necessary for a user to view (not be able to change) folder level security for a particular SSRS folder. Managers are consistently asking me to send them what security groups have access to a particular production SSRS folder.
Allowing them to be able to view the Properties-security of a folder with out the right to change would be helpful.MicMikey,
The original response to your question was in regards to security. If you are trying to determine the data source that a report is using, that is an entirely different question. I would suggest that if your question has changed, you open a new
question in the forum so people can answer it appropriately.
Regardless, to see which data source a report is using, you can use Report Manager, and select "Manage" from the drop down on that particular report and view which data source its using from the "Data Sources" tab on the left. Otherwise you can write
a script using the SOAP APIs. Either way, each time run a script or query to get this data, the query or output data should reflect the most up to date data. Historical data of what folders were called is not kept in the DB. -
Built-In Users-group is suddenly gone on folder security tab.
Dear forum-members,
I have got a problem with folder-permissions (acl) on a Windows 2003 Server with Terminal Services (Citrix).
The application "Sybase" is installed on the D-drive (disk). A thrid party application needs Sybase to communicate through the sql.ini with the database. All terminal server users needs read permissions on the Sybase install directory to
use the sql.ini.
Normally every new folder on a server has the Builtin Administrators-group and System account "Full-Control" permissions and the Builtin Users-group had "Read en List" permissions. Now on the Sybase folder only the Builtin Administrators-group
en System account are at the security tab, but
not the Builtin Users-group.
When I manually set the Builtin Users-group with read permissions it okay, but after a while the Builtin Users-group is gone/deleted/removed. There is no signal that a person, proces or action removes the permissions for the Builtin Users-group. I set
Auditing on the folder, but with no result. I know for sure there is no GPO (Group Policy) that removes this group.
For now I have a dirty solution to run a scheduled task every 10 minutes that run xcalcs to set the permissions. A tried a GPO to set the permissions, after a reboot the group policy doesn't apply (only after a gpupdate /force).
Does some one of you has another proper/nice solution to force the read permissions on the Sybase folder for the Builtin Users-group?
Thanks in advance.
Greetings, SidneyHi Shaon,
Thank you for your reply.
The 'third party app' is APP-V sequenced and not in production yet, so only some test users are using the app.
I did a test today to use Domain Users instead of Builtin Users, but the same problem. After a reboot only the Builtin Administrators and SYSTEM has permission on the Sybase installation folder and Domain Users (& Builtin Users) were automatically
removed again.
We have 6 terminal (citrix) servers and all of them has the same problem, so it's not server related.
Could it be an issue with the way how Sybase is packaged (it's a silence install through our deployment application)?
Before I do the next test: Will it help to force the rights (replace permissons) from the upper folder to the sub-folder(s)? (force the inheritance)
Greetings, Sidney -
at customer:
created a content area (public) with two folders. one folders is public, one is NOT public.
when i am not logged in I only get the public folder. when I am logged in with any new user (no memeber of any group) I get both folders.
What's wrong? Any hint?
Item level security works fine.
Portal 3.0.8 (migrated from 3.0.6)You are (by definition) member of the group AUTHENTICATED_USERS. Is this group authorized to view items in the non-public folder?
Ton -
Accessing Active Risk Manager (ARM) folder security markings through Risk Performance Manager
Hello folks,
I am building custom reports in RPM to display ARM data but am struggling to get a security label assigned to the reports.
In the standard reports the security label changes according to the risks inputted but I can't see the wood for the trees in the expression used!
Any hints or tips?
Many thanks,
ChristianHi sea_lene,
In Reporting Services, each subreport instance is a separate query execution and a separate report processing task. So it the performance should be an issue. To improve the performance, we can consider changing the dataset query in the main report by using
one of the following mitigation strategies:
Collect data in a data warehouse and use the data warehouse as a data source for a single dataset.
Use SQL Server linked servers and write a query that retrieves data from multiple databases.
Use the OPEN ROWSET capability to specify different databases.
References:
Troubleshooting Reports: Report Performance
More tips to improve performance of SSRS reports
Hope this helps.
Thanks,
Katherine Xiong
Katherine Xiong
TechNet Community Support -
Hello Experts,
I have a client that is using the Human Resources module in B1 and is storing confidential information, such as employee reviews in the B1 attachments folder. A while ago they restricted access to this folder on the server for most of their employees so they wouldn't be able to view these reports. Recently they have also expanded the use of Outlook Integration. Outlook integration requires full access to the attachments folder in order to attach any files to the email. So now they are running into the issue of needing to restrict access to some things stored in the folder while still allowing Outlook Integration to function properly.
We've tried giving users write permission to the attachments folder, but Outlook Integration will still not function properly. The client is also not interested in restricting access on a report by report basis.
Anyone else out there run into something similar and have a handy workaround available?Ryan,
Did you manage to find a solution with your Attachments security issue?
I found a solution buts it can be a bit expensive.
regards, Sotos
Maybe you are looking for
-
How can move Grid Control Repository to other server
hi, We need to move our Oracle Grid Control Repository to Other server due to some Server Issuse....can someone helpme out...... OMR and OMA : Server A (Windows 2003 Server) OMS : Server B (Windows 2003 Server) Target Server : Server C (Windows 2003
-
BPEL implementation design suggestions
Hi all, Being new to SOA, I'm not really sure whats best practice regarding BPEL and certain problems. I just think that the way I have implemented a BPEL solution is "ugly" and was hoping there was a better solution. So I hope some of you may have s
-
How can i access my sons laptop computer to set up security if i don't know his password'
How can i access my sons laptop computer to set up security if i don't know his password?
-
Can't stop "screen record" from menu bar. Bug?
When you begin a "screen record" in Quicktime X, there is supposed to be "stop recording" option next to the Help menu in the menu bar.. However, mine does not... The only way for me to stop recording is to use the key command... Anyone else experien
-
Changing slide transition direction
Hi, I was wondering if it's possible to change the slide transition "wipe" to go from right to left, instead of left to right. Is this possible or are we stuck with what is default in Captivate? I'm on Captivate 7. Thanks! Kev