Security - Report level permissions

Similar Messages

• Cannot implment security setting on the report level - SSRS 2012

  Hi All:
  I am having a weird problem on my SSRS 2012 reporting portal, I cannot click any of the drop down list like the example below. Is there anything from the setting?
  It is not only about the reporting level, any arrow on the reporting server, like data source, are kind of dead as well.
  Please kindly help and thanks in advance.
  Cheers
  Johnny

  Hi JohnnyKahWang,
  According to your description, you can view folders and reports on report manager, but you could not click any of the drop down list.
  Reporting Services uses role-based security to grant user access to a report server, and there are two types of roles: Item-level roles and System-level roles. Access to reports, folders, models, shared data sources, and resources is controlled through item-level
  role assignments. Each user who requires access to a report server must have at least one item-level role assignment. On a new installation, only local administrators have access to a report server. In this case, a local administrator need to create a role
  assignment which has Manage folders and Manage reports task to the account by following steps:
  Click Home at the top of the page to open the Report Manager home page.
  Click the drop-down arrow next to the folders and reports.
  Click New Role Assignment.
  In Group or user name, specify the name of a group or account.
  Select a role which can perform Manage folders and Manage reports tasks.
  Click OK to save the role assignments.
  For more information about Setting Item-Level Permissions on a Report Server, please refer to the following document:
  http://technet.microsoft.com/en-us/library/aa337471(v=sql.105).aspx
  If you have any more questions, please feel free to ask.
  Thanks,
  Wendy Fu
  Wendy Fu
  TechNet Community Support

• SharePoint 2010 Item level permissions nightmare...how do I escape this madness?

  We have a custom SharePoint 2010 application that helps process job req. documents from 200+ partner companies. Each company can only see its own job req. documents (done using item level permissions in one document library).
  The number of documents is getting close to 3k. I've read that once you get over 5k, you'll see a huge performance hit because of the number of unique security scopes.
  Creating 200+ libraries is out of the question. That just seems like an even bigger logistical nightmare...especially since we add partners every month almost. We have reports that run off of this data and querying that many libraries would be nuts.
  Next would be making folders for each company. A lot of recoding would need to be done, but my biggest concern will be not being able to sort and filter properly.
  I've tried writing a PowerShell script to copy everything into folders in a new library and the filtering doesn't work even after messing around with the view to not show the folders at all.
  The last thing I'm considering is just archiving older data that may no longer be relevant by year or something.
  Has anyone else run into a similar issue?
  Any suggestions?

  Hi,
  Once you have exceeded the threshold limit, certainly there will be performance issues. However, you can still iterate though lists/libraries that exceed threshold limit by workaround here:
  List Threshold
  Additionally, please refer following link which demonstrates how you can implement sorting/paging for lists exceeding threshold limit:
  https://social.msdn.microsoft.com/Forums/en-US/4f788144-773c-4e63-8c1f-1e51f1c0a82f/client-object-model-fsobjtype-and-list-view-threshold?forum=sharepointdevelopmentprevious
  Hope it helps!
  Thanks,
  Avni Bhatt
  If this helped you resolve your issue, please mark it Answered

• User Level permissions (ACLs) - HOW?

  Dear Expert,
  One more victim of Mackeeper writing to you seeking help...
  I tried my best to remove it from the comp and I have succeded.
  However, I am stuck at 2 points:
  1) How User Level permissions (ACLs)? Please guide....
  2) Mackeeper keeps opening pages in safari on its own, whenever I open a new tab. Please GUIDE.
  Please help.....
  Look forward to receiving valuable inputs.
  Regards,
  Sony Thadani

  There is no need to download anything to solve this problem.
  You may have installed the "Downlite" or "VSearch" ad-injection malware. Follow the instructions on this Apple Support page to remove it. It's been reported that some variants of the malware block access to the page. If that happens, start in safe mode by holding down the shift key at the startup chime, then try again.
  Back up all data before making any changes.
  One of the steps in the article is to remove malicious Safari extensions. Do the equivalent in the Chrome and Firefox browsers, if you use either of those. If Safari crashes on launch, skip that step and come back to it after you've done everything else.
  If you don't find any of the files or extensions listed, or if removing them doesn't stop the ad injection, then you may have an adware variant not covered by the support article. Ask for instructions in that case.
  The problem may have started when you downloaded and ran an application called "MPlayerX." That's the name of a legitimate free movie player, but the name is also used fraudulently to distribute VSearch. If there is an item with that name in the Applications folder, delete it, and if you wish, replace it with the genuine article from mplayerx.org.
  This malware is often found on illegal websites that traffic in pirated content such as movies. If you, or anyone else who uses the computer, visit such sites and follow prompts to install software, you can expect more of the same, and worse, to follow. Never install any software that you downloaded from a bittorrent, or that was downloaded by someone else from an unknown source.
  In the Security & Privacy pane of System Preferences, select the General tab. The radio button marked Anywhere  should not be selected. If it is, click the lock icon to unlock the settings, then select one of the other buttons. After that, don't ignore a warning that you are about to run or install an application from an unknown developer.
  Still in System Preferences, open the App Store or Software Update pane and check the box marked
            Install system data files and security updates
  if it's not already checked.

• Sharepoint 2013 / Office 365 Document library item level permissions problem

  Hello,
  I'm looking for a solution to enable users to upload documents to a document library, the ability to view other documents uploaded to the same document library, but able to edit or delete those other documents.
  With a list you can use Item-Level security in Advanced Settings but this is not available for Document libraries. I could use workflows to assign individual permissions to document, but the the library already contains over 2,000 documents and will continue
  to expand so I don't like the idea of having that many individual permissions set.
  Are there any 3rd party plug-ins or solutions to this issue?
  Thanks,

  Try below:
  http://www.hersheytech.com/Blog/SharePoint/tabid/197/entryid/28/Default.aspx
  As it turns out the, setting Item-Level Permissions in a library is fully supported with PowerShell!
  The PowerShell commands for changing this are very simple:
  $web = Get-SPWeb http://YourSite/
  $list = $web.Lists[“Your Document Library Name”]
  $list.ReadSecurity = 2
  $list.Update()
  $web.Dispose()
  Note the 3rd line which is where you determine the value for this setting using the following values:
  1 = “Read all items”
  2 = “Read items that were created by the user”
  If you wish to modify the values for Create and Edit access instead, replace .ReadSecurity with .WriteSecurity with
  the following values:
  1 = “Create and edit All items”
  2 = “Create items and edit items that were created by the user”
  4 = “None”
  For example:
  $web = Get-SPWeb http://YourSite/
  $list = $web.Lists[“Your Document Library Name”]
  $list.WriteSecurity = 2
  $list.Update()
  $web.Dispose()
  Also check 
  http://sppermissions.codeplex.com/
  If this helped you resolve your issue, please mark it Answered. You can reach me through http://freeit-support.com/

• Always Get Edit Link When Item Level Permissions Set

  We've enabled item-level permissions in a folder, and all users receive the "edit folder" button, regardless of whether we've given them "manage" access. Turning off item-level permissions removes the edit link.
  Is this a known issue? Any workaround/solution?

  That's just a "feature" of item level security, I don't think Oracle has any plans to fix it in 3.0.9X they probably have resolved the issuse in 9.0.2 ..... If you really need it gone you can click "Edit Defaults" when editing the page, right next to the portlet and uncheck the box that says show "Show Edit Link".. But then you just taken away the easy ability of editing the items through the portlet and you have to go back to the Content Area to update anything.
  brad

• Object Level Security,Data Level Security&Row level Security

  can anyone explain main difference between "Object Level Security,Data Level Security & Row Level Security " and how to implement.
  Thanks in advance,
  Kumar

  Hi Kumar
  Dashboards, Reports, Guided Navigation Links, Texts, briefing books are all Dashboard OBJECTS which are available at UI level of OBIEE..if you restrict them Say User 'A' wants to see 2 Dashboards and USer 'B' Wants to see 1 Dashboard....these settings & permission u r restricting in Object level called Object Level Security
  lly datalevel security is restriction of Data.. consider the same above example and User 'B" wants to see 2-3 regions data where as User A will see only Single Region Data..which you will do/restrict at logical tables, using variables..
  Row level security: http://groups.google.com/group/obiee-enterprise-methodology/browse_thread/thread/131ee938a5aefde0 refer this link, clearly explains you
  Please mark Correct or helpful if this clears

• Security report template

  I wanted to know some section details available in Security reports template in design doc
  i.e.
  overview
  reviewed\submitted by
  Data level
  object level
  Thanks in advance
  October 12, 2010 11:31 AM

  overviewWhat type of security you are applying.As the name suggests its overview of security model.
  reviewed\submitted byWho has submitted and who has reviewed.
  Data levelIt means whether you have applied data level scurity or not.If yes on which group and what are the filters for that group in RPD.You can check filters in permission tab.
  object levelIt means whether some of cata;log objects are hidden for some of the groups.You need to check permission in presentation layer as well as in manage previleges.
  Regards,
  Sandeep

• Report level editing option

  Hi Friends,
  we are using disc. desktop and admin for our report system. We manage the access by setting privileges and sharing reports to appropriate set of users.
  can we set edit privileges at report level instade of user level.
  Pankaj

  Hi,
  You should use roles (or responsibilities if you have an Apps mode EUL) to set the privileges and security for your users. Then you can set a role that grants access to one or more reports and business areas. Then when you give the role to a user, the user can access all reports and business areas available to that role.
  Hope that helps,
  Rod West

• Read all items when when item-level permissions set

  I have a SharePoint 2010 list where the general user population should be able to submit and read only their own items.
  Item-level permissions set as follows:
  Read access : Read items that were created by the user
  Creaed and Edit access : Create items and edit items that were created by the user
  That works fine.
  Now, I have a small group of power users that need read-access to all list items. I can do that by granting 'Contribute' permissions, but I don't want them to be able to modify items, so I prefer granting only read permissions. When I do that, they can't
  see all the items due to the item-level permission settings.
  Is there a permission level that I can use (perhaps a custom permission level) that enables a read-all (and overrides the item-level permission)?

  With these specific settings, there are not. It is possible to do security through obscurity by only showing views that allow the users to see their items and use audience targeting for the others, but that is not true security, so it will depend on your
  requirements.
  Andy Wessendorf SharePoint Developer II | Rackspace [email protected]

• Item-level Permissions in List Advanced Settings

  Hi,
  Is the "Item-level Permissions" in List Advanced Settings, a security option or is it a way to filter data for the user?
  How does it work with the permission done on the item level when breaking inheritance with the list?
  thanks.

  I have imncluded snippet bewlow that can be sued to remove all permission and added the permissins you require
  #region "Methods"
  private void HandleNewManuscriptEvent(SPSite _site, SPWeb _web, SPItemEventProperties _properties)
  List<SPUser> Approvers = new List<SPUser>();
  List<String> DepartmentsOfInterest = new List<string>();
  String temp = String.Empty;
  SPUser itemOwner = null;
  //AREA FIELD NAMES
  List<String> ClinicalDevelopments = new List<string>();
  List<String> NonClinicals = new List<string>();
  List<String> NonClinicalMethodologies = new List<string>();
  List<String> Marketings = new List<string>();
  //CRITICAL FIELD NAMES
  String sFirstPresentation = String.Empty;
  String sBiosequenceData = String.Empty;
  String sChemicalStructures = String.Empty;
  String sDetailedFormulationData = String.Empty;
  String sBiologicsManufacturing = String.Empty;
  String sPharmacologyData = String.Empty;
  String sBOTOXFieldName = String.Empty;
  //LEGAL FIELD NAME
  String sLegalFieldName = String.Empty;
  //DUE DATE
  String sDueDate = String.Empty;
  //ACCESSION
  int iAccessionValue = 0;
  String sMonthValue = String.Empty;
  String sAccession = String.Empty;
  String sEventHandler = " Completed ";
  try
  this.DisableEventFiring();
  //this doesn't get elevated rights
  //SPListItem manuscript = _properties.ListItem;
  SPListItem elevatedManuscript = _web.Lists[_properties.ListId].GetItemById(_properties.ListItem.ID);
  SPListItem manuscript = _properties.ListItem;
  _web.AllowUnsafeUpdates = true;
  #region "Departments"
  try
  //AREAS
  #region "Clinical Development"
  temp = String.Empty;
  if (manuscript[this.m_sClinicalDevelopmentFieldName] != null)
  temp = manuscript[this.m_sClinicalDevelopmentFieldName].ToString();
  ClinicalDevelopments = this.GetDepartmentsFromAreaSelections(temp.Split(";".ToCharArray()));
  System.Diagnostics.Debug.WriteLine("Clinical Development count..." + ClinicalDevelopments.Count);
  //for each "Clinical Development" checked
  foreach (var clinicalDevelopment in ClinicalDevelopments)
  //disregard "None" selection
  if (!clinicalDevelopment.Equals("None"))
  DepartmentsOfInterest.Add(clinicalDevelopment);
  #endregion
  #region "Non-Clinical"
  temp = String.Empty;
  if (manuscript[this.m_sNonClinicalFieldName] != null)
  temp = manuscript[this.m_sNonClinicalFieldName].ToString();
  NonClinicals = this.GetDepartmentsFromAreaSelections(temp.Split(";".ToCharArray()));
  //for each "Non-clinical" checked
  foreach (var nonclinical in NonClinicals)
  //disregard "None" selection
  if (!nonclinical.Equals("None"))
  DepartmentsOfInterest.Add(nonclinical);
  #endregion
  #region "Non-Clinical Methodology"
  temp = String.Empty;
  if (manuscript[this.m_sNonClinicalMethodologyFieldName] != null)
  temp = manuscript[this.m_sNonClinicalMethodologyFieldName].ToString();
  NonClinicalMethodologies = this.GetDepartmentsFromAreaSelections(temp.Split(";".ToCharArray()));
  //for each "Non-clinical Methodology" checked
  foreach (var nonclinicalmethodology in NonClinicalMethodologies)
  //disregard "None" selection
  if (!nonclinicalmethodology.Equals("None"))
  DepartmentsOfInterest.Add(nonclinicalmethodology);
  #endregion
  #region "Marketing"
  temp = String.Empty;
  if (manuscript[this.m_sMarketingFieldName] != null)
  temp = manuscript[this.m_sMarketingFieldName].ToString();
  Marketings = this.GetDepartmentsFromAreaSelections(temp.Split(";".ToCharArray()));
  //for each "Marketing" checked
  foreach (var marketing in Marketings)
  //disregard "None" selection
  if (!marketing.Equals("None"))
  DepartmentsOfInterest.Add(marketing);
  #endregion
  //"CRITICALS"
  #region "First-Presentation"
  temp = String.Empty;
  if (manuscript[this.m_sFirstPresentationFieldName] != null)
  temp = manuscript[this.m_sFirstPresentationFieldName].ToString();
  if (temp.Equals("Yes"))
  DepartmentsOfInterest.Add(this.m_sFirstPresentationDepartmentName);
  #endregion
  #region "Biosequence Data"
  temp = String.Empty;
  if (manuscript[this.m_sBiosequenceDataFieldName] != null)
  temp = manuscript[this.m_sBiosequenceDataFieldName].ToString();
  if (temp.Equals("Yes"))
  DepartmentsOfInterest.Add(this.m_sBiosequenceDataDepartmentName);
  #endregion
  #region "Chemical Structures"
  temp = String.Empty;
  if (manuscript[this.m_sChemicalStructuresFieldName] != null)
  temp = manuscript[this.m_sChemicalStructuresFieldName].ToString();
  if (temp.Equals("Yes"))
  DepartmentsOfInterest.Add(this.m_sChemicalStructuresDepartmentName);
  #endregion
  #region "Detailed Formulation Data"
  temp = String.Empty;
  if (manuscript[this.m_sDetailedFormulationDataFieldName] != null)
  temp = manuscript[this.m_sDetailedFormulationDataFieldName].ToString();
  if (temp.Equals("Yes"))
  DepartmentsOfInterest.Add(this.m_sDetailedFormulationDataDepartmentName);
  #endregion
  #region "Biologics Manufacturing"
  temp = String.Empty;
  if (manuscript[this.m_sBiologicsManufacturingFieldName] != null)
  temp = manuscript[this.m_sBiologicsManufacturingFieldName].ToString();
  if (temp.Equals("Yes"))
  DepartmentsOfInterest.Add(this.m_sBiologicsManufacturingDepartmentName);
  #endregion
  #region "Pharmacology Data"
  temp = String.Empty;
  if (manuscript[this.m_sPharmacologyDataFieldName] != null)
  temp = manuscript[this.m_sPharmacologyDataFieldName].ToString();
  if (temp.Equals("Yes"))
  DepartmentsOfInterest.Add(this.m_sPharmacologyDataDepartmentName);
  #endregion
  #region "BOTOX"
  temp = String.Empty;
  if (manuscript[this.m_sBOTOXFieldName] != null)
  temp = manuscript[this.m_sBOTOXFieldName].ToString();
  if (temp.Equals("Yes"))
  DepartmentsOfInterest.Add(this.m_sBOTOXDepartmentName);
  #endregion
  #region "Legal"
  temp = String.Empty;
  temp = manuscript[this.m_sLegalFieldName].ToString();
  if (temp != null & temp != String.Empty)
  DepartmentsOfInterest.Add(temp);
  #endregion
  catch (Exception ex) { sEventHandler += ex.Message; }
  #endregion
  //SET DUE DATE
  DateTime dt = DateTime.Today.AddDays(1);
  sDueDate = dt.ToShortDateString(); ;
  //GET ALL UNIQUE APPROVERS
  Approvers = this.GetAllUniqueApprovers(_web, DepartmentsOfInterest, manuscript);
  //SET ITEM PERMISSIONS
  #region "Permissions"
  try
  String currentuser = _properties.UserLoginName.ToString();
  itemOwner = _web.EnsureUser(currentuser);
  //BREAK INHERITANCE
  if (!elevatedManuscript.HasUniqueRoleAssignments)
  elevatedManuscript.BreakRoleInheritance(false);
  //REMOVE ALL EXISTING USERS FROM ITEM
  foreach (SPUser user in _web.Users)
  //if user is NOT site owner and not current user
  if (!user.LoginName.Equals(itemOwner.LoginName))
  //remove all user permissions from item
  elevatedManuscript.RoleAssignments.Remove(user);
  #region "For Owner of Document/Manuscript"
  if (itemOwner != null)
  SPRoleAssignment sprole = new SPRoleAssignment(itemOwner);
  SPRoleDefinition siteRoleDefinition = _web.RoleDefinitions["Full Control"];
  sprole.RoleDefinitionBindings.Add(siteRoleDefinition);
  elevatedManuscript.RoleAssignments.Add(sprole);
  #endregion
  #region "For Approvers from meta data sheet"
  foreach (SPUser approver in Approvers)
  SPRoleAssignment sprole = new SPRoleAssignment(approver);
  SPRoleDefinition siteRoleDefinition = _web.RoleDefinitions["Approve"];
  sprole.RoleDefinitionBindings.Add(siteRoleDefinition);
  elevatedManuscript.RoleAssignments.Add(sprole);
  #endregion
  //REMOVE ALL GROUP PERMISSIONS TO THE SITE
  foreach (SPGroup group in _web.Groups)
  elevatedManuscript.RoleAssignments.Remove(group);
  catch (Exception ex) { sEventHandler += ex.Message; }
  #endregion
  #region "Writings out to list (Accession + EventHandler)"
  try
  iAccessionValue = this.GetNewAccessionValue(manuscript);
  if (DateTime.Today.Month.ToString().Length < 2)
  sMonthValue = "0" + DateTime.Today.Month.ToString();
  else
  sMonthValue = DateTime.Today.Month.ToString();
  sAccession = "M" + DateTime.Today.Year.ToString() + sMonthValue + iAccessionValue.ToString();
  //only add once. if there is a number in there, don't update.
  if (manuscript[this.m_sAccessionFieldName] == null)
  manuscript[this.m_sAccessionFieldName] = sAccession;
  //update file name to <accession number> <document type> Due <date needed>
  DateTime dateNeeded = Convert.ToDateTime(manuscript["DateNeeded"].ToString());
  manuscript["Name"] = sAccession + " " + manuscript[m_sPublicationTypeFieldName] + " Due " + dateNeeded.Month + "-" + dateNeeded.Day + "-" + dateNeeded.Year;
  manuscript["Editor"] = manuscript["Author"];
  manuscript[this.m_sEventHandlerField] = sEventHandler.Trim();
  manuscript.SystemUpdate();
  catch (Exception ex) { sEventHandler += ex.Message; }
  #endregion
  Hopethis helps please ping back the post and let usinw.....
  -Ivan
  Ivan Sanders My LinkedIn Profile,
  My Blog,
  @iasanders.

• Unable To Change Security/Privacy Level Settings

  I have a MacBook Pro running 10.5.1 (ran the latest updates). When I launch iChat 4.0, I can't add buddies, I can't show status in the menu bar nor (and the most important), I can't set my Security Privacy level. My entire Security window has every selection grayed out. None of the Privacy Level radio buttons are selected which means I can't see any of my buddies online. My buddies are listed and it shows my account available but that's it. I've already deleted all the apple.ichat prefs, rebooted (and relaunched) and tried changing the settings both logged in and off. Help! I need a fix please. Thanks.
  Mike

  Hi,
  I have a theory.
  I have no hard evidence.
  But....
  The firewall in 10.5 was reported as not working properly and if Set to Specific apps was in fact Allowing All
  Now you are updated to 10.5.1
  I have a suspicion that if left at the 10.5 setting the firewall is not properly updated.
  Your symptoms suggest you are not logged into AIM fully/properly as the Security tab is only active when you are logged in.
  I would do the following.
  Use the Logout of AIM item in the iChat Menu list.
  Quit iChat as this tends to rebuild the iChat .plists on closing.
  I would go to the Mac Firewall and set it to Allow All (if different)
  I would then Set it to All Specific and restart iChat.
  If this fails remove iChatAgent from the allow list and Quit iChat and restart it which should put iChatAgent back in the firewall list.
  If this does not work I would delete all apps from the Mac Firewall - set it to Allow All and then back again and add iChat and allow it to add iChatAgent.
  If this still fails I would then delete the com.apple.ichat.AIM.plist that hold the AIM login as there is still the possibility it is corrupt but may need the firewall sorted first.
  Summary.
  I am suggesting it is a set of circumstances that may need a specific approach to sort and are asking you to test this out.
  In essence this is to reset the firewall and possibly delete the .plist involved.
  8:51 PM Friday; December 7, 2007

• Reporting Level - Can someone please explain this attribute?

  All - I am a relative newbie to Siebel on Demand but creating reports with other tools for years. I recently came across some reports that I have inherited that are constantly giving us trouble. They are basic reports that look at the count of calls, meetings, etc. for a given user. What we are finding is that we have used this reporting level attribute to filter but depending on the level of manager logging in it is causing problems. Some people can't see the data and some get a massive amount of duplicated data.
  When it is all said and done we are looking for a simple manager-to-rep list of the counts of these activities. After looking at the reporitng level value it would look like an indicator of relative position from the lowest level in the reports-to heirarchy. We will generally filter for a level = 0 (or maybe 1) in most reports but what I want is a way to control that based on the user. My requirement is to have the level they can see and the detail at one level lower but I dont' fully understand how that gets created or how I can use system variables to find the user's level to control it.
  Anyone that has any background info on this or how I can control a basic anaylytic report in a more maintainable fashion to show my stuff and subtotals at one level lower that would be greatly appreciated.

  Not sure if I can help with the specific report, but I will try to shed some more light on Reporting Level.
  In any report where the Owned By User dimension is exposed, you can find the Reporting Level field. Each user is part of a reporting hierarchy, derived from the "Reports To" value in their user profile.
  The best way to see this is to create a simple report with the User Email, Reporting Level, and Manager Email. This will show you the manager at each level. You can use this to expose and filter on the full management hierarchy.
  Level 0 = the user. All users have a value of themselves as Manager at Level 0.
  Level 1 = Reports To - who the user directly reports to.
  Level 2+ = Up the chain...
  You may want to take a look at some of the pre-built reports to see how this can be used to achieve Team based reports, such as "Team Pipeline Analysis", "Team Sales Effectiveness Analysis", and "Team Activity Analysis". You can open any of the pre-buiilt reports to use as starting points as well.

• Changing date format at reporting level

  Hello,
  Will u plz tell me how can i change the date format at reporting level?
  I want to display date in dd/mm/yyyy, but by default its showing mm/dd/yyyy.
  Delta is already loaded in the system, so i don't want to disturb regular data loading.
  Is there any way so that i can change the format of date.
  Plz help me out.
  Thanks,
  Regards,
  Steve

  Hi steve
  There r so many postings on the same topic
  go through these previous threads
  date format
  Date format
  u can find solution
  regards
  Ravi Kiran

• Variance calculation at reporting level

  Dear All,
  There are two key figures in my report - Plan and Actual amount. Now user wants to see the variance between these two in % terms.
  Formula is ( Acutal - plan )/plan *100 . Now this formula works when plan value is not zero when ever the plan value is zero the display will be X . Now user wants to put a check say whenever the plan is zero then display 100 % variance. How can we achieve this at reporting level.
  Thanks and Regards,
  Anup.

  Hi Anup,
  Try something like this:
  (Plan = 0)*100 + (Plan <.> 0)*((Acutal - Plan) / Plan * 100)
  I'm not sure but you might have to use the NOERR function in case of division by zero:
  (Plan = 0)*100 + (Plan <.> 0)*NOERR((Acutal - Plan) / Plan * 100)
  In both samples remove the "."
  Hope it helps.
  BR
  Stefan
  Edited by: Stefan Stefansson on Jul 21, 2009 1:49 PM