To externalize Essbase security or not to externalize?

Similar Messages

• Planning Security Filters not reflecting in Essbase filters for 2 of 4 cube

  We are using Hyperion Planning with essbase. In essbase we have 4 cubes in essbase (BSCF, EMP, IS, MGN). We would like to add security for the entity dimension as we don't use it currently but we do for other dimensions.
  I have created a new group (FIN_APAC) in SS so that restricted access be given to users in Asia for only their LE(s). Then I enabled security for the LE dimension in planning and set security filters through a command line load. For existing groups I gave write access to all LE members and for the new group (FIN_APAC) I gave write access to certain members.
  When I refresh the security filters in planning they should reflect in Essbase and it does for 2 cubes (BSCF & EMP) but for the other cubes (IS & MGN) the essbase security filters are NONE! In planning all the LE members are set to be included in all plan types.
  The main problem seems to be with this new group (CSR_FIN_APAC) as whenever this group is assigned the essbase filters are not assigned properly. For the existing groups that have added LE security for all members the security filters are updated for 4 cubes as expected.
  Any help appreciated
  x

  When you create a planning application we can create 3 essbase cubes as plan types. if you use Capex, Workforce you can able to create max of 5 databases in Essbase version 11.1.1.3.
  if it is 11.1.2 you can add one more cube
  In your question, have you created 4 Essbase cubes. can you explain how that is possible.
  if all the LE members in all plan types means in 3 Essbase cubes. when you refresh security from planning to essbase that works fine.
  Can you explain the situation perfectly so that can able to give ans.
  Thanks,
  Suneel kanthala.

• Using Essbase security filter in OBIEE request ?

  Hello,
  We would like to use OBIEE 11.1.1.6 with Essbase source. We already use Essbase security filter (on dimensions).
  For example, "userA" is allowed to access to Entity A and not Entity B and the opposite for "userB".
  If I loggin as "userA" in OBIEE, is it possible for OBIEE to connect to Essbase with "userA" so that Essbase return data only on Entity A and not Entity B ?
  Thanks!

  Hi,
  The way let OBIEE users, have Essbase security filters running for them, is by integrating OBIEE and EPM using Single Sign On. When, both OBIEE and EPM talk to the same Identity Store like OID/MSAD, you can set this up. For more integration steps, refer to http://www.google.com.sg/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&cad=rja&ved=0CDAQFjAA&url=http%3A%2F%2Fwww.oracle.com%2Ftechnetwork%2Fmiddleware%2Fbi-foundation%2Fhfm-sso-obiee-1112x-1835570.pdf&ei=O7ElUeCTApGzrAeelIHwCw&usg=AFQjCNE1BzMQU6Cwny-0IwcvxkfxeqlONg&bvm=bv.42661473,d.bmk
  Hope this helps.
  Thank you,
  Dhar

• Shared services vs essbase security

  we upgraded from v7 to sys 9 recently..
  when we used V7 essbase security was maintained by maxl scritps..?
  creation of filters granting access and everything was using maxl..
  How can i do the same now?
  I think I cannot grant access to the cube or a filter using maxl anymore?? not sure
  our cube refresh has a cube swap process which I think is done in many companies...
  Can anyone explain the process to have security automated in sys 9

  This is an empty cube that is only used to create the partition to a "back end cube" and support security. The concept of a facade (false front), in cube terms.
  The outline would be a direct match, with security provisioned against it and the partition created as an "all to all" mapping in a "page flipping" approach to one of two alternating back end cubes.

• When I tried to log into my itunes account, I was asked to update my credit card information. When I confirmed my credit card info, I got a response about my security code not being accurate -which is not the case-it is 100% accurate. How do I fix?

  I keep getting a message about my security code not being accurate. I tried 3 different cards & have the same issue. Is this a systems issue? I need to get my apps installed on my new iPhone 4. I am unable to download without confirming my credit card info- My security codes are 100% accurate.Anyone else having this issue? What is the fix for this?

  Ohemod,
  There are 120+ countries that have iTunes Stores, but that leaves many that do not.  You can consult this document:  iTunes Store: Which types of items can I buy in my country?
  Opening in a new country requires a tremendous amount of legal, commercial and financial investment, but I am sure Apple would be interested in knowing where there is unmet demand.  If you wish to make suggestions to Apple, you can use the iTunes Feedback page.

• HT1933 I have old email address's I used for iTune music purchases and cannot change password on several old accounts. Now some of the music I purchased I can not download and authorize it on my device. What can I do password security does not match my bi

  I have old email address's I used for iTune music purchases and cannot change password on several old accounts. Now some of the music I purchased I can not download and authorize it on my device. What can I do password security does not match my birthdate on two of the accounts. Apple can not send me email with a password authorization on several current accounts that I have with them. How can I contact Apple with this annoying problem I can not fix.

  settings - app/iTunes store - sign out and sign back in with your new id.
  Note - if your older apps needs an update it will use your old apple id and password, as Apps are tied to the apple id that was used to purchase it.
  You can't merge apple id.

• LCM causes Essbase security to be overwritten and can no longer log in.

  When using LCM and migrating Foundation / Shared Services and loading it back in from the file.
  It somehow overwrote something with Essbase security so no user (including the admin) can log in. Through EAS or through Workspace / Planning
  Any suggestions how to reset this? Is it that Essbase is no longer connected to Shared services somehow. This is clearly a bug as there is no way that this should be possible. But hoping someone has seen this before and has a work around.

  if you can. Log into the system as the master Essbase admin through EAS and refresh the shared services security.
  Alternatively you may need to kill the essbase.sec file and cause it to reset the master Essbase user. This should be done with care though as you can cause the environment to become corrupt if all the steps aren't done properly

• When trying to empty trash, (securely or not), I get this: The operation can't be completed because an unexpected error occurred (error code -8003).

  When trying to empty trash, (securely or not), I get this: The operation can’t be completed because an unexpected error occurred (error code -8003).  FWIW, there are nearly 3000 items in my Trash - although this does not seem the source of the problem.

  Have you read for possible solutions over in the "More Like This" thread over here?-----------------------> 

• Dimension security is not working if user have two roles in SSAS while connecting from Excel

  Hello Genius,
  I am facing the issue when user trying to connect the cube from excel if user have more than one role in ssas db.
  Role 1: Countryuser, I have implemented the dimension security with country
  dimension and  countrycode attribute.
  Role 2: CityUser,   I have implemented the dimension security with
  city dimension and  citycode attribute.
  If user is mapped to any one of above role dimension security is working perfectly according to the logic but mapped to both role, cube is exposing all the data in this case dimension security is not working.
  Please give me the solution to fix this issue or incase I am wrong kindly advice.
  Thanks
  Ganesh

  This is the expected behaviour as allowed sets in roles are unioned together.
  This is not a problem when your roles are restricting across a single attribute.
  eg.
  US_role = {[Geography].[Country].[USA]
  France_role = {[Geography].[Country].[France] }
  as someone in both roles ends up seeing {[Geography].[Country].[USA], [Geography].[Country].[France] }
  But when you have different attributes:
  NY_role = {[Geography].[City].[New York] }
  France_role = {[Geography].[Country].[France] }
  The first role is unrestricted on countries and the second is unrestriced on cities which is effectively:
  NY_role = {[Geography].[Country].AllMembers , [Geography].[City].[New York]  }
  France_role = {[Geography].[Country].[France], [Geography].[City].AllMembers }
  And when you union those two sets together you end up with:
  {[Geography].[Country].AllMembers , [Geography].[City].AllMembers }
  Which means that someone in both roles can see everything.
  So if you want to restrict someone to City = New York and Country = France you have to create a
  single role where both attributes are restricted. So if you have a lot of these combinations you will either have to create a lot of "combination" roles or look at dynamic security.
  The other thing that might work is make sure that you only give some users access to certain cities and others access to certain countries. It's the mixing of the two for a single person that causes the issues.
  http://darren.gosbell.com - please mark correct answers

• HT5945 Java has updated again today, i use a jave plug in to run my virtual software to access my work from home, today i have an error message saying security will not allow access to my website that i use to log in to work from, this is a JREdetection e

  Java has updated again today,
  i use a java plug in to run my virtual software to access my work from home,
  today i have an error message saying that security will not allow access to my website
  i use to log in to work from, this is a JREdetection error,
  my system runs off java and citrix, i tried chrome,firefox and safari - same issue, if my system cannot detect java it wont run, it runs on plug ins.
  How to i change my sec settings to allow access to this website, as i can only see that i can add apps not web addresses?

  If you get an error that says can't backup, try moving the existing backup file to a safe location and thry again. again. You can find the location of the backup file here:
  iPhone and iPod touch: About backups

• EPM system security is not initialized properly

  Hi,
  We are in the process of installing 11.1.2.2 on Windows 2008 server.
  Step 1. we installed Foundation Service, Reporting and FM
  Step2. 1st did configuration of foundation service and Performance Management Architect
  Result - Successful. Was able to login to workspace ans shared service
  Step 3. 2nd we Configured Financial Management.
  Configuration was successful.
  All services are running but we are not able to login into workspace.
  We are geting following error in log file of HyS9EPMServer
  "EPM system security is not initialized properly"
  Any help will be appreciated.
  Edited by: user8638468 on Aug 15, 2012 9:42 AM

  Yes Vivek.
  We did run Foundation Service --> Configure Web Server after configuring HFM module. It was susccessful.
  After that we run "Start EPM System". Then everything stopped.
  While installing HFM in 2nd leg on "Configure Database" screen we selected "Perform first-time configuration of database".
  Entered username HFM.
  We noticed that after installation EPMSystemRegistry-jdbc got changed.
  Path is C:\Oracle\Middleware\user_projects\domains\EPMSystem\config\jdbc\EPMSystemRegistry-jdbc.xml
  <value>HSS</value> got changed to <value>HFM</value>
  I are not sure but I think we should have selected "Connect to a previously configured database".
  I am going to install it again and will update the forum.
  -Devidas

• Web Service security is not set up on this component

  Hi Friends,
  In RWB, when I click on component monitoring->Integration Engine, I got "Web Service security is not set up on this component"
  I want to send message using soap adapter by encrypting and signing it. for this purpose I need to configure the Web Service Security.
  Can someone please provide some documentation or link on how to set up this Web Service Security?
  thankx

  Hi,
  there is a chapter - Security Configuration at Message Level
  in XI config guide which specifies everything you need - this is what you need
  so I hope no further explanations are necessary
  Regards,
  Michal Krawczyk

• My BT security is not active!

  I keep receiving emails informing me my BT security is not active. Link takes me to a form requesting my credit card details. Is this phishing or is this a genuine BT request. If it's genuine why do BT need my credit card details for 'security'. I pay my bill by DD.
  Solved!
  Go to Solution.

  It is a phishing email DO NOT give your credit card details. BT will never ask you for your card details via an email.
  See link about phishing emails
  http://bt.custhelp.com/app/answers/detail/a_id/919​1/~/what-is-phishing%3F-is-the-email-i-have-receiv​...

• Acrobat X Security Settings Not Working

  I made a PDF portfolio with Acrobat X and set password security to not allow any changes. The document title says it is SECURED, but pages can still be extracted. What is going on? What did I miss?

  I also tried changing the compatibility from Acrobat 7 and later to Acrobat X and later. Still no go.
  Setting security to "any changes except page extraction" is ineffective. The security dialog says that page extraction is not allowed, but I can definitely extract pages. Setting security to "no changes" is also ineffective.
  Here is the dialog from "any changes except page extraction"

• Essbase security Migration from native mode to external authentication

  Hi!!
  I want some guidance on setting up security, all the users are currently in Native user mode and Native groups.
  Now we want to migrate to external mode, current version of hyperion is 11.1.1.3, any steps to follow in
  this direction would be really helpful.
  What is the best way of migrating huge user base from native directory to setting up for external authentication,
  this is the first time move from native to external authentication, If anyone who has done this will be helpful.
  steps to setup , maxl based migration will be helpful or utility based.
  Thanks

  When you say native mode do you mean that that essbase security is in native mode and you want to convert to shared services security mode,or do you mean you are using shared services securtiy with native users and you want to use an external directory like MSAD.
  For your question ::
  Yes the first piece is correct, our security is in native mode.
  and we want to convert to shared services security mode,
  The request involves moving from essbase native mode to Shared services native user mode (moving all the existing users, groups and existing provisioning)
  The next stage is moving from Shared services native user mode to external directory. (moving all the existing users, groups and existing provisioning)
  Your input will guide me in the direction.
  Thanks