OBIEE BI Answers: Query filter on USER GROUP

Hi,
I have following problem.
In Administration Tool i've defined a catalogue and I have associated to it a User Group "Ter Group". Then I have attached to this group a user with credentials: Username="Ter User" Password:"Ter".
So in Answers i log in as Ter User , Ter to see the catalogue and create my request.
Now, I must filter query generated by requests, on User Group to which belongs the User and not on User Username (so i can't use default session variable :USER which retrieves value filled in log in form).
For example if I have another group "Quarter Group" with a user "Quarter User" with credentials: "Quarter User" Password:"Quarter". If I log as "Ter User" - "Ter" i must retrieve value "Ter Group", but if I log in as "Quarter User" - "Quarter" I must retrieve value "Quarter Group".
How can I retrieve this information?
Thanks
Giancarlo

Hi Alastair,
I've used nqudmlexec.exe in following way:
I've created a txt file userexport.txt:
DECLARE USER "MFNC44R288" AS "MFNC44R288" FULL NAME {Automatic Import} PASSWORD 'MFNC44R288' NEVER EXPIRES HAS ROLES ("Group ASL AVELLINO") PRIVILEGES (READ);
where Group ASL AVELLINO is the group which must contain the user.
I've launched script as following:
nQUDMLExec -U Administrator -I "C:\Documents and Settings\giancarlo murino\Documenti\userexport.txt" -B "C:\OracleBI\
server\Repository\TerPermissions.rpd" -O "C:\OracleBI\server\Repository\TerPermi
ssions.rpd"
where TerPermissions.rpd is the repository to modify.
Procedure completes successfully, and I can view my new User under Administration Tool.
So in Answers I log in as:
Username: MFNC44R288
Password: MFNC44R288
but i see error: Authentication failed
But if I log in as:
Username: MFNC44R288
Password: <empty>
I can access.
Why password setted in my txt file is skipped? What I wrong?????
All Regards
Giancarlo
EDITED: I have modified my txt file and replaced my password MFNC44R288 with your encrypted password: 'D7EDED84BC624A917F5B462A4DCA05CDCE256EEEEEDC97D54A286E822D97C35C7AD5C43AD4F2A09EAC4D07C3A079829F'
Then in Answers I logged as:
Username: MFNC44R288
Password: welcome1 (decrypted password)
and it works.
Now I would know which alghoritm have you used to obtain encrypted version of password "welcome1" ?
Edited by: user5380662 on 8-apr-2010 3.05

Similar Messages

  • Copying a query from different user group

    masters,
    is it possible to copy a query from different user group?
    if so please tell me how
    thnks!

    The query made from SQVI is only intended for individual use. It cannot be transported and there is no concept of Global/Standard area. To be able to transport or share the query to other users is by converting it to SAP Query wherein the source of data will also be converted to an Infoset. Remember that is done in the Standard query area. To do this, go to SQVI-> click SAP Query then go to menu Query -> Convert Quickviews... Select your Quickview queries and provide and infoset name.

  • Can I import the assginment of Essbase Filter to Users/Groups in HSS?

    Hi, I want to assign some Essbase filters to the users/groups in Shared Services. Can I do it in a batch? (Import Utility of Shared Services?)
    Thanks.

    Hi,
    I don't believe you can use the CSSImportExport utility to assign filters to users, this is because even though you assign the filters in Shared Services this information is still stored on the essbase side.
    You should still be able to use maxl to grant the access to the filters even in Shared Services mode.
    e.g. grant filter Sample.basic.exampleFilter to essUser;
    Cheers
    John
    http://john-goodwin.blogspot.com/

  • While launch ad hoc query - always defaulted to user group 10

    Hi All,
    When I launch ad hoc query, I am always defaulted to particular user group 10. Everytime I have to change it to different user group. So is there any defaulted user group parameter so that when i open ad hoc query, my required user group gets defaulted. I dont want to change manually.
    Regards,
    kumar

    rohit,
    just now my client informed that, he is getting same user group, not which he changed from AQB.
    Please let me know if there is any other setting....
    early reply appreciated..
    thanks,
    kumar

  • Can I get the members of Domain Users group (AD specific) with JNDI?

    Hi All,
    I've found these forums very helpful and full of great information, I've been able to retrieve all members of groups that I search for (from the information on this forum), and get the member's attributes such as email addresses through that.
    The question I have is, is there a way to query the Domain Users group, since it's a special group in Active Directory, and retrieve the members of it? So far I have been unsuccessful. Here's a query I found that works on .Net:
    (|(&({ClassFilter})(memberOf={GroupDistinguishedName}))(distinguishedName={G
    roupDistinguishedName}))
    I haven't been able to get it to work with JNDI however. Can anyone point me in the right direction?
    thanks,
    Matt

    It's not so much that the Domain Users is a special group, it's more that because by default, all users have their Primary Group set to Domain Users, that it appears to behave differently.
    So the query that you're trying to execute via JNDI, would be something like:String searchFilter = "(&(objectClass=user)(memberOf=CN=Domain Users,CN=Users,DC=Antipodes,DC=Com))";And of course if everything has been left to defaults, it doesn't return any results.
    Similarly if you look at the member attribute of Domain Users, it will be empty.
    Assuming the defaults, and every user's Primary Group is set to Domain Users, the following query would return all the user's whose primary group is Domain Users:String searchFilter = "(&(objectClass=user)(PrimaryGroupID=513))";Note that 513 is the Relative ID (RID) for Domain Users.
    Now if you set a user's Primary Group to be something other than Domain Users, then the Domain Users group would now have a value
    for it's member attribute and conversely the respective user would now have Domain Users as one of the values of their memberOf attribute.
    So then your query would be something like:
    String searchFilter = "(&(objectClass=User)(|(memberOf=CN=Domain Users,CN=Users,DC=Antipodes,DC=Com)(PrimaryGroupID=513))){code}
    I guess the fundamental question, is why do you need to determine whuch users are members of Domain Users ?
    If this is for usie in an application, where the user has authenticated and you are using group membership to make authorisation decisions, perhaps the constructed tokenGroups attribute may be more useful  as it contains the Security Identifiers (SID) for all the groups the user is a member of ?                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           

  • To create new user group

    Hi all,
       I want to create a new user group..can u tell me step by step instructions.
    Thanks.

    Hai,
    Here you specify the users who should be authorized to run the query. A user group is always associated with a Functional Area.
    •         Go to the menu path Environment => User Group. Give a user group name in the screen that comes next.
    •         Specify the sap logins of the users whom you want to authorize for using the functional area and click on the Create button.
    •         Use the menu path Assign Functional Area to assign the functional area to the user group.
    •         Save the user group and back out of the screen by clicking the Back button.
    Note: One user group can be assigned to any number of functional areas with logical database or without logical database.
    The final step is to create the actual query.
    I hope this will help you.....

  • How to create secutiry filters and users, groups in system 9

    HI,
    Could you please help me how to create security filters and groups, users in system 9. I need it very ugent. i am very much thankful to you.. if you respond immediatly.
    Thanks,
    sudhakar.

    In short here's how I did it in 9.3.1 but there are multiple ways to do it.
    I'm using MSAD external authentication.
    Using EAS right click on database, Edit, Filters. Create your filters.
    Then go to Shared Services.
    Find the MSAD user/group and provision them to the Essbase database that you have your filters on. Access level is "Filter".
    Then go back to EAS and Refresh Security From Shared Services.
    Then go back to Shared Services.
    Navigate to Projects & then your Essbase server. Find your Essbase database and click on it. To the right it'll populate a list of all the users/groups you provisioned to above. Select all of them and click Next.
    Now you should see a drop down at the top showing your filter(s). Click the checkbox(s) next to the users/groups you want to apply that filter to. Click the green checkmark to apply the filter, and repeat for your various filters that you want to apply. Only 1 filter per user/group.
    Then go back to EAS and Refresh Security From Shared Services again.
    Good luck, hope this helps.

  • Query for tasks assigned individually to all members of a user group

    I am looking for a query that will allow me to create a list view that will show all tasks assigned to the current user (in the Assigned To field), as well as to other members of the user group that the current user belongs to. The scenario is that we want
    a student to see tasks assigned to them, as well as to other students in the class. Each class is its own user group. I have seen a lot of examples where the filter shows tasks assigned to the current user and the current users group - that is NOT what I am
    looking for.
    For example - Todd (me), Fred and John are members of one user group. When I look at this class view, I should see tasks assigned to me, as well as those assigned directly to Fred and John.
    Does anyone have a CAML query for this? I am thinking it would need to include the SPGroup element. Thanks!

    Hi William,
    I've tried this, but it isn't working for me. Should I chnge the Smart Group, to an ordinary one?
    Thanks

  • Querying user groups while using @RunAs on a bean

    Hi,
    I am trying to implement a scenario in which I have three entities:
    - bean A - datastore for all users
    - bean B - implementing logic, filtering results from datastore for specific user based on groups he is in
    - User - calling bean B
    Calling chaing is User -> bean B -> bean A.
    bean B has to query user groups and filter data based on that. I've implemented that using:
    Subject subject = Security.getCurrentSubject();
    for (Principal principal : subject.getPrincipals()) {
    if (principal instanceof WLSGroup) {
    Without any security specified (like @RolesAllowed) it works like charm.
    But I want to add security constraints to the beans:
    @RolesAllowed("admin")
    class A {}
    @RolesAllowed("user")
    class B {}
    The problem is that B cannot acces A methods because it is calling A using 'user' security context.
    I've thought I change it to:
    @RunAs("application")
    @RolesAllowed("user")
    class B {}
    "Application" is an account in group admin.
    Now B can call A. The problem is that security context is switched to "application" on entering B's methods. Inside them I cannot query user groups using method presented above, because I get "application" groups.
    Is there a way to change security context on calling other bean methods? Like using Security.runAs( somehowGetApplicationSubject(), runnable) ??
    Other method I've thought of, but I have no idea how to implement that, is somehow querying weblogic to get groups of SessionContext.getCallerPrincipal(), which returns user account regardless of using RunAs.
    Hope someone made through this problem before,
    Krzysiek

    getBounds() will only generally make sense while the component itself is being rendered. I wouldn't be completely surprised if the framework which gets that component also resets its size once it's done painting the thing.
    If you're calling it from outside the rendering loop, perhaps you could try calling validate() on the component, which should force it to determine its size.
    Failing that, you could possible use getPreferredSize() instead, which will likely obtain a similar result in most cases.

  • Move a query to from one user group to another user group

    Hi,
    it's possible to move a query (SQ01) from one user group to another user group ??
    Thank you.

    Hi,
    You can copy queries only if you have the authorization to make changes. Within your current user group, you can copy all queries. However, queries of other user groups can only be copied if the InfoSet used to define the query is assigned to both user groups.
    To copy a query, proceed as follows:
    1. Choose the name of the query you want to copy on the initial screen.
    If you do not know the name, use the directory functions to display the query directories and then choose a query to copy from there.
    2. Choose Copy.
    3. Enter the name and the user group of the query that you want to copy in the dialog box. Furthermore, you must enter a name for the copied query. The system proposes values for this.
    4. Choose Continue.
    This takes you to the initial screen. The query is added and appears in the query directory. You can now continue.
    Regards,
    Amit

  • SAP Query, user groups, revoking 'change' rights

    Hi,
    I have a problem regarding SAP Queries and revoking the change rights. This is what I have done:
    1. Created the new user group in SQ03
    2. Created the new InfoSet (SQ02), assigned it to the above UG (SQ03)
    3. Created the new user, assigned it to the UG in SQ03 and removed the Change checkbox (revoke change rights)
    4. Logged on as the new user
    5. Started SQ01, switched user group to the new one
    6. Created the new SAP query based on the new InfoSet, run the query
    As I understand the principles of user groups and queries, I wasn't supposed to be allowed to do the step 6 as the new user, as it was revoked the change rights. Why wasn't I stopped?
    I searched for reply in previous posts - everybody agrees on principles, but I didn't find explanation on why it doesn't work.
    Thanks in advance!
    KR,
    Igor

    The table AQGDBBN seems to display a mapping of User Group with use rindeed but the results are less than the actual assignment. And the mapping does not have the Z query usergroups that have users assigned in SQ03.
    Anything that I may be missing?
    Thanks,
    Kashif

  • How to change user group of a query (sq01)

    Hi,
    I'm working with SAP Queries (SQ01) and I don't know how can I change the user group assignation of a query. We did only one user group for all users and queries and know in order to arrange it a bit we've created three user groups.
    We know how to assign users to new user groups but for each query of the old group we neet to move it to one of the new user groups, how could we do this?
    thanks in advance

    Hi
    pls go through these links
    http://help.sap.com/saphelp_46c/helpdata/en/35/26b413afab52b9e10000009b38f974/content.htm
    Step-by-step guide for creating ABAP query
    http://www.sappoint.com/abap/ab4query.pdf
    ABAP query is mostly used by functional consultants.
    SAP Query
    Purpose
    The SAP Query application is used to create lists not already contained in the SAP standard system. It has been designed for users with little or no knowledge of the SAP programming language ABAP. SAP Query offers users a broad range of ways to define reporting programs and create different types of reports such as basic lists, statistics, and ranked lists.
    Features
    SAP Query's range of functions corresponds to the classical reporting functions available in the system. Requirements in this area such as list, statistic, or ranked list creation can be met using queries.
    All the data required by users for their lists can be selected from any SAP table created by the customer.
    for more information please go thru this url:
    http://www.thespot4sap.com/Articles/SAP_ABAP_Queries_Create_The_Query.asp
    http://goldenink.com/abap/sap_query.html
    Please check this PDF document (starting page 352) perhaps it will help u.
    http://help.sap.com/printdocu/core/Print46c/en/data/pdf/BCSRVQUE/BCSRVQUE.pdf
    check the below link will be helpful for u
    Tutorial on SQVI
    once you create query system generates a report starting with AQZZ/SAPQUERY/ABAGENCY2======= assing this report to tr code for the same

  • Re:User group,info set and Query combination table

    Hi,
      I would like to know the combination table of User group,info set and Query.
    Can any body please respond to my question?
    Regards,
    Suresh Kumar.

    Hi,
    Check the tables starting with AQG*.
    Reward points if useful.
    Regards,
    Atish

  • How many ways we can create authorization for user groups in sap query reports

    Hi Gurus, I am getting a problem when I am assigning users to user group in sap query report .The users other than created in user groups are also able to add &change  the users .So please suggest me how to restrict users outside of the user group.
    Please send me if u have any suggestions and useful threads.
    Thank You,
    Suneel Kumar.

    I don't think it can be done. According to the link below 'Users who have authorization for the authorization object S_QUERY with both the values Change and Maintain, can access all queries of all user groups without being explicitly entered in each user group.'
    http://help.sap.com/saphelp_46c/helpdata/en/d2/cb3f89455611d189710000e8322d00/content.htm
    Although I think you can add code to your infoset and maybe restrict according to authority group, i.e.:
    Use AUTHORITY-CHECK to restrict access to the database based on user.
    Press F1 on AUTHORITY-CHECK to find out how to use it in the code

  • ABAP Query : user is not assigned to user group

    Hello All,
    i have created user group using sq03 and assigned user name for change authorization in 'assign users and infosets'.
    But when user tries to run query using sq01 system is giving message 'User XXX is not assigned to any user group'.
    I tried every thing but facing same problem.
    Could anyone please help me out .
    Thanks

    I actually assigned the user group to a role in SQ10.  The user is assigned to the role.  I also created a new post under Security which has more detail:
    http://scn.sap.com/thread/3198604

Maybe you are looking for

  • How can I get a hidden back

    How can i get a hidden app back on my home screen of my iPhone It was purchased and then deleted by accident

  • How I fixed Finder Crash, dmg's not opening and 2 apps not working?

    I have to say a big thank you to this forum because I was having some big problems and was told to do a fresh install which I did but then when I migrated my main account over the problem kept happening. My Quicktime and itunes would not work and fin

  • Error in XI Configuration

    I am not able to perform Role Assignment step in J2EE Visual Administrator. I am following XI installation Guide pdf. This error comes while performing the following step. Assign Application Roles to User Groups 1. Start the J2EE Engine Visual Admini

  • 10.9.2 update broke my macbook

    I updated downloaded 10.9.2, and chose 'Not Now' to the question about restart. I set a timer on my computer to go to sleep (counting sheep dashboard widget that I've used since Tiger), because I anticipated a long download. I wake up this morning to

  • What happened to my text?!

    This is a problem I've been seeing ever since the first day I turned on my new iMac, but it's never given me enough trouble to bother asking about it until today. http://img511.imageshack.us/img511/9937/mactext2gj8.png Before today, it would just dro