Mapping Apps security profiles in Discoverer

Similar Messages

• How to make Custom Discoverer workbook use Custom Security profile of Apps

  We use Discoverer in Oracle Apps setup. We have added Custom security in our HR People Form of Apps.
  This Custom Security restricts one HR Emplpoyee not view other HR employee record except for himself/herself. Also maintining that they should be able to view all other employee's records.
  The following code was put under the Security Profile Form -- > Custom Security Tab
  exists (select 1
  from per_jobs b
  where ASSIGNMENT.job_id = b.job_id
  and (b.name not like '%HR%')
  and (b.name not like '%Human%')
  and ASSIGNMENT.assignment_number is not null
  union
  select 1
  from fnd_user fu
  where fu.user_name = fnd_global.user_name
  and fu.employee_id = PERSON.person_id
  and ASSIGNMENT.assignment_number is not null)
  Above security profile works fine for HR People Form.
  However, It does not work for our Discoverer Workbooks. I found a note on Metalink 422841.1 which talks about leveraging the Custom Security of Apps in Discoverer Report. I read it, but did not get much clue.
  Can Anyone help.
  Thanks

  Hi,
  If you want to use custom HR security with Discoverer you have to ensure that the correct security filters are applied when the Discoverer reports are run. These filters can use the supplied HR_SECURITY package or you can develop your own conditions using table lookups or functions. To get the filters applied to your reports you have a number of options:
  1. Build the security into custom folders using additional conditions
  2. Use custom database views in Discoverer and build the security into the views
  3. Use mandatory conditions in you Discoverer folders using either a function call or database contexts set at login time
  4. Use VPD (Virtual Private Database)
  I am not sure which of these options you are using to implement your HR security in Discoverer. The last option, VPD, is the most flexible and can give the best performance but maybe it is more complex to set up.
  Rod West

• Security issues for Discoverer 10g apps 12i

  gurus,
  I have couple of things to get it done at client.
  We are on Oracle Apps rel 12i with dicoverer 10g.
  Did anyone setup MOAC to be enabled and operational in business areas?
  Setting up secure responsibilities in discoverer for MOAC?
  Any setup needs to be done for custom report security in discoverer ?
  thx

  Hi,
  I did setup new MOAC security profiles and assigned multiple organizations to that profile for testing purpose.
  After this, I did run concurrent program "Security List Maintennce" etc...
  Tested Upding profile at user level or responsibility level.
  On APPS side fine.
  I need the some basic steps on setup of security issues for discoverer side.
  1) Business areas (any security steps need to be followed in order to access data for single or multi-org)
  2) Custom Reports ( any security setup or any moac security profile setting against responsibilty for accessing single or multi-org data)
  Since we dont have default operating unit parameter as specified in the concurrent program, how do you restrict data?
  3) Reconciling security approach r12 with discoverer (any steps need to be followed here after r12 configuration with security issues)
  4) Custom Views ( any steps to be followed for single or multi-org data as security aspect)
  Looking for info on these setups.
  Thx

• Mixed results from HR EBS Security Profile in new Discoverer 11g  EUL

  Hello,
  We’ve recently implement a new Discoverer 11g (11.1.1.4.0) APPS MODE EUL against out R12.1.3 EBS application.
  In HR EBS we have Security Profiles that limit data access against some responsibilities( No Sr. Exec or HR personnel).
  We are seeing mixed results in Discoverer when accessing Shared Workbooks using these responsibilities.
  Let’s say I’m viewing workbooks that return Current Employee Salary details. For some the data is filtered as expected. For others, all rows are being returned!
  Any ideas on why we’re seeing this behavior and what the resolution might be?
  Thank you ahead of time for you help.
  Rich

  Hi Rod,
  Thanks for the reply!
  I think I understand what you are saying but let me provide some more detail and we'll see if this still applies.
  Yes. We are using custom responsibilities designed against the HR application.
  The user is accessing workbooks through Discoverer Viewer. They are not logged into EBS application. They are logging directly into Discoverer View and are selecting the Limited Inquiry responsibility (As far as I know there is know way to switch resp once logged in so the security profile should be applied).
  In this session, the user opens one workbook and the security options are applied, with limited data being returned. Great.
  Close that workbook and open another. This time the security options are not applied, with all rows data being returned.
  Any ideas?
  Best Regards,
  Rich

• HRMS APP-PER-52803:Your business group does not match your security profile

  I see this as a common problem, please guide me as to what should be done to rectify it.
  While opening \Payroll\Description, it gives message as under:
  HRMS APP-PER-52803:Your business group does not match your security profile
  Regards
  Nemo

  Hi,
  I feel that "HR: Security Profile" option is not set properly, BZ of that screen is errors out.
  Please check the following Profile Options
  HR: Security Profile -- Enter the sec profile name which is business Group name
  HR: Business Group -- Your Business Group Name
  Note: If you set the HR: Security Profile optional first, then system will sets the HR: Business Group profile option too automatically.
  I hope this will solves your problem.
  thanks
  Krishna Prasad Rapolu
  Oracle HRMS Consultant.

• Can't open BB Maps app on Z10

  Hi guys,
  I've had my Z10 for almost 2 weeks now, and absolutely love it (upgraded from 9800 Torch).
  A few days ago I wanted to use the maps app for the first time, but when I click on the icon the screen flicks slightly to the right, and the app doesn't open. I have the icon within a folder, and Wisepilot trial installed (this shouldn't make any difference?). As the Maps app comes pre-installed I cannot delete, and re-install.
  Has anyone else experienced this, or have any suggestions on how to rectify?
  With thanks.
  BB Z10 STL100-2
  10.0.10.690
  Solved!
  Go to Solution.

  If it were me, I would reinstall the OS.  That's all I know at the moment.
  EDIT: You might try a security wipe before trying OS reinstall.
  - Ira

• Setting 'MO: Security Profile or MO: Operating Unit profile option' - Urgen

  All,
  Version: 12.0.4
  Module: Purchasing
  I'm trying to invoke the PO_CHANGE_API1_S.record_acceptance to send the Advance shipment Notice doc to Oracle R12. On invocation I'm getting the following error
  ORA-20001: APP-FND-02902: Multi-Org profile option is required+
  set either MO: Security Profile or MO: Operating Unit profile option+
  1. How do I set this profile option?
  2. Is it required to set both security and OU profile option?
  3. At what level(site,appln,resp,user,ou,...) should I set the profile?
  Please help me.
  Thanks,
  Sen

  Hi,
  You can set those profile options from System Administrator responsibility > Profile > System.
  Please see these docs for details.
  Note: 602141.1 - R12 - Error ORA-20001, APP-FND-02902 Accessing Profile Classes Form With Multi-Org Access Control (MOAC) Enabled
  Note: 338332.1 - App-Fnd:02902: Multi-Org Profile Option Is Required. Ora-20001
  Note: 393560.1 - How To Prevent the Profile Option MO: Operating Unit being set to NULL at Site Level?
  Regards,
  Hussein

• Export - custom queries and reports, and security profiles

  We would like to keep a copy of our customizations to the application. 
  There are ways to import queries, reports and profiles into the app.  Is there any way to export the following to something like a CSV file for the following:
  - custom queries (all tabs)
  - custom reports (all tabs)
  - security profiles (custom and out of box u2013 all access rights)
  Thanks,
  Jerry

  Jerry,
  There are no standard queries that extract security profiles, Query Groups, Reports or Query Defintiions from the system. 
  However you can build custom queries that support this functionality.  During an implementation project I created some custom queries which allowed you to extract these objects for documenting purposes  We likely could supply these to you through SAP Consulting.  Please reach out to your SAP rep and have them Contact Me.  I have created some instruction that explain how to create these.
  Regards,
  James

• Uploading Security profiles & Security rights using sourcing Workbook

  I am trying to use workbook to upload Security profiles & Security rights, and finding it difficult to get the "Resource" field mapping attributes in "eso_security_profiles" tab of the workbook. Is there a reference sheet for this, or a place from where I can map the display names with resource.
  Example: If I want update the security rights for Currency attribute with in Master Data under Security Rights tab, we need to use "masterdata.Currency" in "Resource" field of "eso_security_profiles" tab in the workbook. similarly from where can we get the entire list of attributes and thier Resource.

  Hi,
  When I take the download from localized resources (*.class_name), inorder to map the display security attributes to "Resource" in workbook, I am still unable to find the Resource for few attributes like..below..
  Queued Messages
  User Impersonation For Buyer
  User Impersonation For Seller
  Cache Configuration
  Cluster Configuration
  Daemon Alerts.....
  and there are many more for which I dont have a match. Please suggest if there are any tips or considerations that we can help while trying to achieve this.
  Thanks in advance.
  Vinod.

• Map app issue

  3gs map app in 5.1.1 works great, 4S and ipad 2 With 6.1 map dont work trying to give direction from point A to Point B..it will be fix?
  thanks

  Good, glad it is working.
  Just my $0.02 worth - relying on remote tracking to lock an iPhone after it goes missing is completely false security.  The time to put the passcode lock into effect is now, while you have control of the devie.  Once it is gone, by the time you log in and try to lock it, it may be far too late and someone will have had complete access to your device and all its content for some time.
  According to the FBI, one of the greatest reasons for growing smartphone theft is identity theft and the content on the device, since theives know that statistically, most smartphones are not secured at all - wide open to them the minute they get their hands on them.  So, then they steal your identity, sell or use it, and sell or use your iPhone.  Doubly good payday for them.

• I installed the new google maps app and I am unable to make it work because it says, cannot reach server. I have a iphone 4 with 6.0.1 up to date. Please advise where I can locate to chech if my location is turned on.

  I installed the new google maps app and I am unable to make it work because it says, cannot reach server. I have a iphone 4 with 6.0.1 up to date. Please advise where I can locate to check if my location is turned on.

  i found a solution for this issue when google maps shows you an empty map error message cannot reach server. Click on  the icon next to search and you are supposed to be presented with your profile, if not u will have an empty space. click on that space, then the "gear " Icon and logout.
  restart your iphone then strat google maps again and log back in.
  apparently this is happening when you change your google acount password or enble or disable 2 step verification.

• Restricted Access in Compensation Workbench based on Security Profile

  Customer does not want the HR Professional to access at other team's data even when using Switch Manager in the below scenario.
  1) 2 CWB Plans (CWB Plan for A, CWB Plan for B) are built based on Supervisor Hierarchy. Each of the CWB plan is for a set of organisations for e.g a plan for Organisation 'A' and another for Organisation 'B'.
  2) HR Professionals have a security Profile which restricts them to view employees in either 'A or 'B' organisation.
  3) Switch Manager is enabled for the 'Compensation Workbench Administrator'
  4) There exists a common manager who manages people from 'A' and from 'B'
  5) When HR Professional (who is in the A organisation) switches as the Manager in point (4), he gets to see the details of the 'CWB Plan for B' along with the 'CWB Plan for A' even though the people in the B plan are not part of the HR Professional's security Profile

  Hi,
  Thanks alot. its working fine
  Can we configure DCL Relation two times in one information filed ??? i should not create not more than fields to this requirement.
  Type -> subtype = DCL already existed
  Now, i want to Create DCL to
  Subtype ---> Security group
  As per my requirement, if i change the security group in checkin form, values should be change in the SubType drop down list.
  Created checkin profile there was DCL relation to " Type and "Sub Type" . now i want to map Relation ( DCL ) for subtype to security group.
  i was trying do for DCL for subtype and security group. but there was already existing DCL created for subtype information field (Relation configuration done for content type). even though i was trying to do for DCL in Security group information field. but, i could not find security group information field in configuration manager.
  Now what should i do ?? how to create DCL to subtype and security group ??
  Help would be appreciated.
  yt

• Security profiles attached to an User

  Hi Gurus,
  Can anyone Help me out with the process to know, What all Security profiles are attached to an user in Oracle Apps HRMS.
  or
  any query available to know, What all Security profiles are attached to an user in Oracle Apps HRMS.
  Thanks in Advances

  You can use the following query to look for all the security profiles. You can join the hr_operating_units to fnd_profile_option_values.level_value to get the desired result.
  SELECT psp.security_profile_name,
         psp.security_profile_id,
         hou.NAME,
         hou.organization_id
    FROM per_security_profiles psp,
         per_security_organizations pso,
         hr_operating_units hou
  WHERE pso.security_profile_id = psp.security_profile_id
     AND pso.organization_id = hou.organization_id;Additionally, you can also have a look at the below MOS docs.
  How To Check If a Profile Option Is Set In Oracle Applications? [ID 470102.1]
  How to Search all of the Profile Options for a Specific Value [ID 282382.1]
  How To List E-Business Suite Profile Option Values For All Levels Using SQLPlus [ID 201945.1]
  Script To List The Values Of A Profile Option At All Levels [ID 803587.1]
  How to Search all of the Profile Options for a Specific Value [ID 282382.1]
  How To Find All Users With A Particular Profile Option Set? [ID 367926.1]
  How to Change Profile Option Value Without Forms? [ID 943710.1]
  Cheers,
  ND
  Use the "helpful" or "correct" buttons to award points to replies.

• How to attch the Security Profile

  Hi all
  I have created sec profile. The next step will be Step 3. Attach this security profile as a profile option to our responsibility named “XX HRMS IT Technical Resp”.
  Question: Which responsibility i mus habe, because if i use the responsibility of: Super HRMS Manager, than i can't Super HRMS Manager - Security - Assign Security Profile. I get the error message: APP-PER-52928: You cant use this form when useing Standard HRMS Secruity.
  Please advice.
  Thanks

  Assign it from system administrator.... HR:Security Profile Profile option

• CCA Agent refreshing IP kills mapped apps?!

  L2OOB NAC Deployment with AD SSO - users have login scripts mapping drives and kicking off apps but CCA Agent refreshes IP address which per Cisco TAC is unconfigurable (despite web authen giving it as an option!). During this refresh, any mapped app disappears from desktop and needs to be refreshed. I do NO need the DHCP to be refreshed but since it seemingly must be, how can I avoid these mapped apps from disappearing? Surely this is done in a lot of places with NAC and AD SSO? Thanks!

  Check if the dhcp configuration is done properly on the cisco NAC.
  refer the section "configuring dhcp" in the following url for more information on dhcp configuration:
  http://www.cisco.com/en/US/docs/security/nac/appliance/configuration_guide/412/cas/s_dhcp.html
  Refer the following url for more info on troubleshooting cisco NAC with Active Directory Single Sign-On (AD SSO):
  http://www.cisco.com/en/US/docs/security/nac/appliance/configuration_guide/412/cas/s_adsso.html#wp1156402