How do I automate security filter verification?

Similar Messages

• Security filter verification failed

  Hi All,
  We are trying to create security filter which is combination of 4 sparse dimensions.
  The relationship between members in the filter is AND (so the filter will be created under one row).
  We encountered the below error in applying security filter
  ====
  [Mon Apr 13 03:42:16 2009]Local/GLOBAL///Error(1200467)
  Error parsing formula for [REGION DEFINITION]: status code [1130203] in function [@_U]
  [Mon Apr 13 03:42:16 2009]Local/GLOBAL///Error(1200467)
  Error parsing formula for []: status code [1130203] in function []
  ====
  It seems like if the combination of the members on the filter hit the limit of allocated memory, the filter got failed.
  Is there any way to calculate how many memory absorb in one filter?
  or is there any memory limitation for security filter?
  It will be great If anyone can share the experience of this issue.
  Thanks.
  Regards,
  Ai

  That's interesting, I have never head of a limit on the number of members that a filter can address. How many accounts do you have in your database?
  I took a look at the Limits section of the DBAG and found the following re filter limits:
  Filter name
  * Non-Unicode application limit: 30 bytes
  * Unicode-mode application limit: 30 characters
  Number of security filters
  * Per Essbase Server, 65535
  * Per Essbase database, 32290See: http://download.oracle.com/docs/cd/E10530_01/doc/epm.931/html_esb_dbag/limits.htm#limits_1
  That's it -- nothing on the number of members that can be addressed in a filter. Of course it is possible (insert sacarsm, irony, or wonder per your personality) that the documentation is not correct.
  I have never run into what you described, but Essbase is vast and mysterious country, so perhaps that isn't so surprising.
  I'm glad you were able to find a workaround.
  Regards,
  Cameron Lackpour

• Issue in Implementing OR Logic in Security Filter for Essbase in OBIEE

  I am implementing OBIEE using Essbase as the data source. The requirement is to implement OR logic in the security filter. And I got error message from the MDX query generated by OBIEE. Below is the details. Anyone knows how to solve this issue? Thank you very much.
  1.     The “Booking Location” dimension has three hierarchies (ragged hierarchies).
  http://img.photobucket.com/albums/v216/stewart_life/1.png
  2.     I only want to take the first hierarchy, which is “Total booking”. Thus, I filter the Logical Table Source of “Booking Location” in the business model layer.
  http://img.photobucket.com/albums/v216/stewart_life/2.png
  3.     The “Incorporation Country” dimension doesn’t have any multiple hierarchies.
  http://img.photobucket.com/albums/v216/stewart_life/3.png
  4.     Thus, I don’t filter the Logical Table Source of “Incorporation Country” in the business model layer.
  http://img.photobucket.com/albums/v216/stewart_life/4.png
  5.     I filter the permission of a user. This filter applied to the fact table (RISK) in the business model layer.
  http://img.photobucket.com/albums/v216/stewart_life/5.png
  6.     Then the filter applied so that the particular user can only see the data where the Incorporation Country level is Singapore OR the Booking Country level is Singapore:
  "Risk"."Incorporation Country"."Country" = 'SINGAPORE (INC)' OR "Risk"."Booking Location"."Booking Country" = 'SINGAPORE (CBE)'
  http://img.photobucket.com/albums/v216/stewart_life/6.png
  7.     Here is the first report that is working fine if run by a user without any security filter.
  http://img.photobucket.com/albums/v216/stewart_life/7.png
  8.     The result of that report when run by the user whose security filter above has been applied to.
  http://img.photobucket.com/albums/v216/stewart_life/8.png
  9.     The MDX query generated from that report is shown below. Note that the error refers to the line 4, which is in bold below. Somehow, the query generated always include Incorporation Country and Booking Location in the “With” clause, since both of them are placed in the security filter.-----
  Sending query to database named Risk-MI Essbase (id: <<399750>>):
  With
  set [Booking Location2|http://forums.oracle.com/forums/] as '{[Booking Location|http://forums.oracle.com/forums/].[Total booking|http://forums.oracle.com/forums/]}'
  set [Booking Location4|http://forums.oracle.com/forums/] as 'Generate({[Booking Location2|http://forums.oracle.com/forums/]}, Descendants([Booking Location|http://forums.oracle.com/forums/].currentmember, [Booking Location|http://forums.oracle.com/forums/].Generations(4),SELF), ALL)'
  *set [Incorporation Country4|http://forums.oracle.com/forums/] as ''*
  set [Time3|http://forums.oracle.com/forums/] as 'Time.Generations(3).members'
  set [Year2|http://forums.oracle.com/forums/] as 'Year.Generations(2).members'
  member Measures.[MS1|http://forums.oracle.com/forums/] as 'Rank(Time.Generations(3).Dimension.CurrentMember, Time.Generations(3).Members)'
  set [Axis1Set|http://forums.oracle.com/forums/] as 'crossjoin ({[Booking Location4|http://forums.oracle.com/forums/]},crossjoin ({[Incorporation Country4|http://forums.oracle.com/forums/]},crossjoin ({[Time3|http://forums.oracle.com/forums/]},{[Year2|http://forums.oracle.com/forums/]})))'
  select
  {Measures.[Netted EAD|http://forums.oracle.com/forums/],Measures.[Netted Nominal|http://forums.oracle.com/forums/],Measures.[Wt_LGD|http://forums.oracle.com/forums/],
  MS1} on columns,
  NON EMPTY filter({[Axis1Set|http://forums.oracle.com/forums/]}, [Incorporation Country|http://forums.oracle.com/forums/].currentmember IS [Incorporation Country|http://forums.oracle.com/forums/].[SINGAPORE (INC)|http://forums.oracle.com/forums/] OR [Booking Location|http://forums.oracle.com/forums/].currentmember IS [Booking Location|http://forums.oracle.com/forums/].[SINGAPORE (CBE)|http://forums.oracle.com/forums/]) properties ANCESTOR_NAMES, GEN_NUMBER on rows
  from [http://RISK-P.RISK]
  where ([CRG (ORG)|http://forums.oracle.com/forums/].[Good Book (ORG)|http://forums.oracle.com/forums/], Method.ADV)
  +++stewart:370000:370021:----2009/02/17 13:56:06
  Query Status: Query Failed: Essbase Error: Syntax error in input MDX query on line 4 at token '''

  From what I have read on this forum, people have managed to get the DC In Board replaced for a little over US $100. This would be at an Apple authorized repair shop rather than by Apple itself. This is much less than the cost of a new MacBook. I don't know what might be available in your area, but it would be worth asking at a repair shop.
  Good luck!

• Adobe has 'SECURED' itself! How do I 'un-SECURE' it?

  My adobe reader had an issue - it couldn't save. Then it shut itself down. When I re-opened the program, every document now comes up as 'SECURE'. This means, I can't add text or my signature to ANY document. How can I 'un-SECURE' my adobe reader so that I can use it again?
  Thanks for the help!

  Which Reader version (including minor), which platform/OS?
  Reader by itself does not secure PDFs. In order to secure a PDF the user must provide a password. This cannot be done automatically.

• Security Filter Problem

  Hi ,
  I am facing one problem related to security Filter for one user. We are on the Hyperion Version 11.1.2.1 Fusion Edition.
  We had one user created in Shared Services with ID : TESTUSER and added in the group. Initially access for this user was working fine. Later on we deleted this user from shared services as we no longer needed this.
  As per new requirement we are supposed to create a same user with same user name so we created again new user 'TESTUSER' and added into the same user group then we refreshed security from Planning Application through " Administration -> Application -> Refresh Database->Security Filters ". Refreshing security Filters created filter for above user and we checked this from EAS consol.
  However when we log in to the Application through Smart View we are getting the below Error.
  Cannot Open cube View.Essbase Error ( 1054060 ):Essbase Failed to select
  Application APP1, because TESTUSER@Native Directory is not\
  completely Provisioned by Planning.
  Could you please advice how could we resolve this issue.

  Check whether the user is only an Essbase user. (I don't think that is the case, but in case)
  Try changing the access type using
  alter user username add application_access_type Planning; (don't know whether this works in latest release)
  Try the stepsRAvery and _RahulS_mentioned.
  Tried that in 11.1.2.2 access_type Planning is defered.
  Regards
  Celvin
  http://www.orahyplabs.com

• "OR" function in Security filter

  HI All,
  I am trying to implement "OR" function in security filter. i mean for security i have created on group and i am trying to implement following query i am getting error. if i replace "AND" with "OR" then report is showing data. but that is not perfect data because of AND
  "Employee ID" = VALUEOF(NQ_SESSION."”EMPLOYEEID”") OR T_CLBI_SV_VISIBLE_OPTY."Employee ID" = VALUEOF(NQ_SESSION."”EMPLOYEEID”") OR T_CLBI_SV_VISIBLE_OFFICE."Employee ID" = VALUEOF(NQ_SESSION."”EMPLOYEEID”") AND T_CLBI_SV_VISIBLE_OFFICE.INHERITED_FLAG = 'F'
  my question is how i can i use OR in security filter.
  Please help me to solve this issue. really appreciate for your help.

  Thank you for your response.
  but it is not working even i did try with following simple query
  "Employee ID" = VALUEOF(NQ_SESSION."”EMPLOYEEID”" OR T_CLBI_SV_VISIBLE_OPTY."Employee ID" = VALUEOF(NQ_SESSION."”EMPLOYEEID”")
  it is giving following error
  State: HY000. Code: 10058. [NQODBC] [SQL_STATE: HY000] [nQSError: 10058] A general error has occurred. [nQSError: 14026] Unable to navigate requested expression: Pipeline Fact.Office ID. Please fix the metadata consistency warnings. (HY000)
  any idea?????????

• Essbase Security Filter issue.

  Hi,
  Its regarding the security filter issue.
  The major problem is whosoever user is provisioned under that security filter, if the user is trying to connect to Application using Excel Addin / Smartview, it crashes the essbase server [Network Error [10061], timed out error)]
  When we figured out because of this filter essbase server is crashing, we tried to edit the filter. sometimes if we click on edit, it crashes the server or sometimes we can see some junk characters in the filter.
  We have applied the security on Entities dimension and problematic filter is ASP.
  Now the hirerachy is like this.
  Entities dimesnsion and then ASP member and under ASP we have our several members.
  Filter is like this:
  Write : @Idescendants("ASP")
  It was working fine for almost 15 days.
  Now if i edit the filter, i can see like this:
  Write : @Idescendants("ASP")
  Metaread:@Idescendants("*&^%?)
  Junk characters are coming in and no idea from where they are coming.
  I can't delete the filter also, again it crashes the essbase server.
  As a workaround i have created a temp filter and dome the assignation for this group, according to that.
  Everything is working fine.
  I just wanted to know, has anybody faced such kind of problem earlier.
  What cud be the root cause for this.
  How could I delete the filter.
  I have also get messages like security file is corrupted (we have restored it from old backup) but really worried about security file as we are moving the whole thing to production server this weekend.
  Please advise me on this, Please help me. Any help would be highly appreciated.
  I am really in trouble.
  Thanks,
  Pankaj Mehta.

  Try to edit the filter from MaxL command line using
  alter filter sample.basic.filt7 add write on '@IDescendants("ASP")';
  here sample=application
  basic=database
  filt7=filtername
  have good luck

• HT5621 How to change you security questions

  How to change you security questions

  The Three Best Alternatives for Security Questions and Rescue Mail
      1. Use Apple's Express Lane.
            Go to https://expresslane.apple.com ; click 'See all products and services' at the
            bottom of the page. In the next page click 'More Products and Services, then
            'Apple ID'. In the next page select 'Other Apple ID Topics' then 'Forgotten Apple
            ID security questions' and click 'Continue'. Please be patient waiting for the return
            phone call. It will come in time depending on how heavily the servers are being hit.
       2.  Call Apple Support in your country: Customer Service: Contact Apple support.
       3.  Rescue email address and how to reset Apple ID security questions.
  A substitute for using the security questions is to use 2-step verification:
  Two-step verification FAQ Get answers to frequently asked questions about two-step verification for Apple ID.

• HFM security filter ?

  In HFM, I don't seem to have a way to achieve this:
  One user has write access to Entity A + all products
  The same user needs Read Only access to Entity B but a couple of the products only
  Because the security classes attached to Entity and Product(Custom2 for us) dimensions are layed out flat on Shared Service. I can only assign one type of access to the same security class.
  This is different in Essbase for example, I can create security filter and grante user access to different combination (intersection) of dimensions.
  Is there such thing as security filter in HFM?
  Thanks in advance!

  I do plan to assign unique security classes to entities and products.
  But how do we assign access to combos? In the Pivot table where you have all the security classes on the row, and all the users(groups) on the columns.
  The goal is to prevent the product line leader user from reading other products in the entity that he's not responsible for.
  For example, this user has Write access to E_Brazil, and all data loaded on C2 for Brazil. Then he needs to have Read access to E_China, but only C2_Golfball. We do not want him to see other products for China, however, he needs to load data to other products in Brazil. This is especially true with the Custom2 member [None] for all the data that do not require a product. Then what access shall we give to the security class C2_None ? It doesn't seem that we have a way to assign access to a combo, but just to each unique security classes ?

• Security Filter

  Hi everybody.
  I am using BAM's security filter and I need integrate it with LDAP.
  Is there a way to connect to LDAP through a BAM's webservice?
  I want not need a static dataobject providing security informations, but a dinamic dataobject, updated by an webservice periodically.
  Thanks for the help.
  Luciano Gomes

  Hi
  BAM Web Services can be called to update/create/delete a DO as well as the content of the DO.
  I would recommend using the BAM Webservices that referenced the DO by name.
  In this case, I do not see how would BAM invoke LDAP . You will need some trigger to create a payload that BAM WebService can consume.
  One thing that I can think of is to have a BAM alert invoke the BAM Webservice but how would it figure out the payload i.e. security filter values that need to be updated?
  This is an interesting use case and would like to know more on what are you trying to accomplish.
  Regards
  Payal

• Security filter for multip^e users

  Hi All,
  I created the security filter for 1 user ok its working fine but i want to give that filter for multiple users so we have so many users so how can we do that
  we have to creat the users manually is there any other way in ASO
  Plz help me on this
  Thanks in Advance

  Thanq for ur reply
  Im creatin in EAS i dont access for shared services thts not available in my desktop so i hav to creat in EAS so how can we create filters for multiple users
  can i create groups for multiple users is this the corect way plz tell me how can i create the groups explain me clearly
  it would be appriciated
  Thanks

• How to disable automatic login and to see other accounts?

  I bought MacBook Pro Retina with Mac OS X 10.8.2 in a shop, where there already was account "kiosk".
  I created new account, gave him Administrator priviliges.
  In the Preferences / Users & Groups I see kiosk account as "Managed", and my new account as "Admin".
  I set:
  System Preferences / Security & Privacy / General / Disable automatic login = Checked.
  System Preferences / Users & Groups / Login Options / Automatic login = Off.
  But still I have two issues:
  1) After start the laptop automatically logins into kiosk account, while I explicitly switched off this option
  2) Apart from kiosk account, the OS doesn't see any other accounts, for example my new account.
  For example, when I changed login shell for kiosk account into /usr/bin/false, I couldn't login at all. The OS said something like, there are no active accounts. So I had to set login shell back to /bin/bash using single-user mode.
  The questions are:
  How to disable automatic login into kiosk account?
  How to see a choice between kiosk account and my new account in the login dialog?
  How to delete kiosk account? Currently the delete option is disabled for kiosk in System Preferences / Users & Groups.
  So far after laptop start I automatically login into kiosk, then switch into my new account with entering a password, which is weird.
  Thanks in advance.

  It is your only option if you want to get rid of that other user account. It seems the system is Hard Set to boot to that account. How and why I have not Idea but the first thing you should of done was Restoring it to the Original OS, if it was not Mt Lion to begin with, in doing so getting rid of all other accounts and files from that other account.
  Time to Bit the Bullet and Erase the drive completely and reinstall the original shipping version of OS X on that system.
  Anton Mironenko wrote:
  Reinstalling the OS would be too extreme. I already have many programs installed, and I tuned a lot of params. Data migration is another pain.
  I hope, it is possible to solve this issue in another way.

• How can change my security answer

  how can change my security answer

  The Three Best Alternatives for Security Questions and Rescue Mail
      1. Use Apple's Express Lane.
            Go to https://expresslane.apple.com ; click 'See all products and services' at the
            bottom of the page. In the next page click 'More Products and Services, then
            'Apple ID'. In the next page select 'Other Apple ID Topics' then 'Forgotten Apple
            ID security questions' and click 'Continue'.
       2.  Call Apple Support in your country: Customer Service: Contact Apple support.
       3.  Rescue email address and how to reset Apple ID security questions.
  A substitute for using the security questions is to use 2-step verification:
  Two-step verification FAQ Get answers to frequently asked questions about two-step verification for Apple ID.

• Planning security filter got corrupted

  Hi Hyperion Gurus,
  We are using Hyperion 9.3.0 and recently found that security filter of one of the Planning user has been corrupted, whenever that user logs in Excel addin or Smart view the essbase service goes down and when I try to open the security filter through AAS it again brought the service down, this led me to think that the filter has been corrupted.
  I have deprovisioned the user from Shared Service and after that refreshed the security in AAS to sync with Shared Service this removed the user from Essbase system now I tried to delete the filter through aas and also by running maxl script but am not able to delete it and every time I try to delete this brings the service down. I was planning to refresh the security from Planning apps now but am bit scared to do that as am not sure if this will corrupt essbase security file.
  So my questions to you all are
  1. How to delete this corrupted security filter.
  2. Will refreshing the security from Planning can remove this filter as the user has been deprovisioned from Shared Service.
  3. What all steps need to be taken before refreshing security from Planning so that if there is any serious issue system can be restored back.
  Thanks in advance.

  Hi,
  We had the same issue with a corrupted security filter. Any time the filter was referenced it would bring down essbase. In 9.3.1 you can export security (right click the security object). What we saw ws when the export hit the bad filter it would shut down essbase. We discovered which filter was bad because the output from the export would stop right before the bad filter.
  The bad news is there is not a way to delete the bad filter AAS or Maxl. So you need to find a backup security file that is good and will export. Once you do that i would think that you could create or refresh the security filters from the planning web and it would re-create the users/filters in essbase.
  Keith

• How can I automatically deploy certificates to iphones

  How can I automatically deploy certificates to iphones from an internal Windows Certificate Root Authority?  I want to use device certs with a combination of username and password in order to access a secure wireless network.
  I have this working fine with AD joined Windows PCs - I am just having trouble doing the same for our many iphones.
  Many thanks in advance

  Most corporations nowadays are moving towards responsive designs with a mobile first approach.  This tends to be the most efficient and compatible since there is no need for javascript or other scripts to redirect users.
  The following is a simple example for phones and desktops only, and most examples I was finding were that way due to their publishing date.
  http://css-tricks.com/snippets/javascript/redirect-mobile-devices/
  The trick is going to be getting lists of devices and resolutions to make sure they are all captured which can be a major pain since that information updates all the time.  With that said, if I were you doing it this way I would do away with the tablet version.