Shared services access

Hello

I created the user under directory Native sample and some groups which they are responsible. When I tried to check their sample-(R.C) available roles->... I see not all roles, the roles on the right is empty. But when I login for user example of workspace, I see that he has all access to his group. And when I am trying to assign security training 'Assign access control', I can ' t able to see sample user. But I can see befor created other native directory and user LDAP user. Can someone tell me how the system behaves like that.

Thank you
Fri

If I understand the question, you have added the user to a group and the Group's commissioning for roles? If this is the case, you should not see these roles when you right click on the user and the selection they are not explicitly granted to the user.

What you can do is well a right click on the user, select view report and then choose the application in question and choose Yes from the drop-down list box display the effective roles.

You should see what you're looking for.

Tags: Business Intelligence

Similar Questions

Error access to groups of App EssbaseCluster-1 to Shared Services

Team,
When attempting to access the Group of App EssbaseCluster-1 under HSS, we get the following error:
EPMLCM-34040: unable to connect to the olap service. Unable to connect to the Essbase server. Error: Essbase Error (1030024): entry in the format IP: port (null: null) but port numbers not when it is passed to the EssLoginEx of ESSAPI function
This error occurs in the process to access shared Services > > Application groups > > EssbaseCluster-1 (as well as any room listed resulting). Of course, we have problems to run a LCM export because of this.
We use Mcsft. Clustering in an active/passive cluster nodes Essbase (2) for this environment. Everything else works with Essbase. We followed Oracle Tip and instructions of thing for a correct adjustment of the alias in DNS registry of EPM (www.oracle.com/technetwork/middleware/bi-foundation/epm-tips-issues-73-102-1612164.pdf) and we have also ensured that the corresponding component.properties of the file for the EssbaseCluster-1 artifact indicates the correct failover cluster server.
The pointers will be greatly appreciated.

We had the similar problem when build of failover cluster.

Try adding The TRUE FAILOVERMODE in essbase.cfg (and restart EPM and essbase), because the default value is false and essbase does not failover mode

"Assign access control" on essbase applications through shared services

Hi Experts,
I just install an Essbase 11.1.2.4 environment, where I could see that the ability to assign filters to users in environmental assessments is disabled (I guess maybe it's that this version does not support the autonomous concept).
So I thought of attribution of the filters to users through shared services groups\Essbaseinstance1\sampleapp Application - access entitlement control, but when I click on "Assign access control", it says in the right pane that the page cannot be displayed.
Any tips? for your information, I use IE 11.
Thank you
Siva

I gather from your question that EAS runs like it enough to be upward, as you did that you have configured the web server again after that the configuration of the Regional service otherwise it will be a communication error.

See you soon

John

Restrict a user/group to allow access only to specific shared services groups

Hello team,
I have EMP 11.1.2.2. I created different groups) a ' Admin_groupA') b ' App_groupA' c) "App_groupB" under the native directory. I have configured Shared services-> administrator to this 'AdmingroupA '. Those who belong to this group "AdmingroupA" is able to add a new user to the directory of companies to provide access to the group 'App_groupA '. But I don't want the users of 'Admin_groupA' to access 'App_groupB '.
Since I put in service Shared services administrator privelge to this group of "AdmingroupA", "AdmingroupA" users are able to access "App_groupB" also. Can you please let me know how I can limit 'AdmingroupA' to provide access to users to the group "App_groupA".
Thank you for your valuable contributions.

You said, as you have configured administrator privileges of shared services to this 'AdmingroupA '. I don't think that you can restrict the user from this group to provide access to other users.

...

Did you hear about delegate user management? Managing Director can view and manage only those users and groups which they are responsible. Good read on the your hss version Administrator's guide and see if it helps!

See you soon

BP

Shared Services Assign Access Control for Essbase

Hi we have an opportunity which has its commissioning as filters in the essbase group. I tried assigning its filter to thim thanks to assign a control access to shared services. I am able to see the user as well as the filter that I created for the user, but when I try to assign them to him and save is really not get assigned. He rest of stays the user doesnot have filters assigned to his account. Have I missed something.
Thank you.

Did you try maxl:

grant appname.dbname.filtername user filter;

See you soon

John

http://John-Goodwin.blogspot.com/

Planning application no no projection in Shared Services 11

11.1.2.3 version
Last week our planning database got corrupted, do not know how, but it happened. I went through the steps to recreate and restore the data, however, there is a small problem. The application is now not showing in Shared Services, therefore, that I can't access SmartView. Here is what happened.
1. because I'm a nervous nelly, I first renamed 'PLAN' "PLAN1" via EAS
2. I then selected "Create Database" planning and had no problems, a new Essbase application and databases have been created. The new application called 'PLAN' as expected
3 al ' Shared services, now, what emerges are two applications "PLAN1" which is clearly a single essbase application and "PLAN1" which is a planning application.
I can select plane1 as the planning application and can get security charge very well, however, in SmartView, users cannot connect.
How the world make it only show 'PLAN' and get rid of the old "PLAN1" applications.
Thank you!

Finally, I felt comfortable enough to register the application with Shared Services. A few seconds, the problem was solved!

ERROR - 1051414 - cannot set the role of group with shared services [30:1101:JNDI error] error.

Hi all
I tried provide access to filter the group in both SSP and thru Maxl command but still get the error below. Any experience of this problem? If Yes, please let me know how you solved this problem.

ERROR - 1051414 - cannot set the role of group with shared services [30:1101:JNDI error] error.

Thanks in advance!
Krishna

Read the support document that I posted the link, prior to changes for openldap ensure you that it is saved.

Security planning vs Essbase in Shared Services (v.11.1.2.2 and v.11.1.2.3)

Hello. Is it possible in v.11.1.2.3 or v.11.1.2.2 planning to restrict access through shared Services so that a user is forced to access data through a form of planning Planning Excel Smartview and that the user cannot directly access the Essbase cube and run ad-hoc queries? We try to apply data and governance processes so that users must perform their updates and queries via the planning of forms in SmartView calc Manager rules are executed, etc.
Thank you!

You need to remove the access Essbase writable & rights special user for these users.

Unable to start Shared Services

Hi all

I've updated an existing version of EMP Installationsur 11.1.2.1 to 11.1.2.3 using the release of maintenance.

I was able to improve the environment, the greater part of the dowry of requests (essbase, space to work, planning, aps, smartview), but I couldn't the SSP to work. I could not access services shared workspace. I have the following error when I try to start the services of the Foundation. the services start but shared services does not work. Can someone tell me please to the right direction on how I should fix this error

Marbles:

8 October 2013 12:48:35 PM CDT > < HTTP > < Server > < FoundationServices2 > < error > < ExecuteThread [ASSET]: '0' for the queue: '(self-adjusting) weblogic.kernel.Default' > < < WLS Kernel > > <>< 0000K6PBjoQ9Tc7InIy0VJ1IL4LQ000002 > < 1381254515279 > < BEA-101216 > < Servlet: 'WorkflowEngine' failed by preloading at startup in a Web application: "interoperability."

javax.servlet.ServletException: error of initialization of the DSF ORA-00904: "PROCESSNAME": invalid identifier

at com.hyperion.cesdsf.server.framework.DsfServer.init(DsfServer.java:70)

to weblogic.servlet.internal.StubSecurityHelper$ ServletInitAction.run (StubS

# < 8 October 2013 12:48:35 PM CDT > < Info > < hats > < FDM10 > < FoundationServices2 > < ExecuteThread [ASSET]: '0' for the queue: '(self-adjusting) weblogic.kernel.Default' > < < WLS Kernel > > <>< 0000K6PBjoQ9Tc7InIy0VJ1IL4LQ000002 > < 1381254515295 > < BEA-149059 > < interop SSP request Module [Version = 11.1.2.0] changes from STATE_ADMIN to STATE_PREPARED on the FoundationServices2 server. >

# < 8 October 2013 12:48:35 PM CDT > < Info > < hats > < FDM10 > < FoundationServices2 > < ExecuteThread [ASSET]: '0' for the queue: '(self-adjusting) weblogic.kernel.Default' > < < WLS Kernel > > <>< 0000K6PBjoQ9Tc7InIy0VJ1IL4LQ000002 > < 1381254515342 > < BEA-149060 > < interop application SHARED services [Version = 11.1.2.0] Module successfully go from STATE_ADMIN to STATE_PREPARED on server FoundationServices2. >

# < 8 October 2013 12:48:35 PM CDT > < error > < hats > < FDM10 > < FoundationServices2 > < ExecuteThread [ASSET]: '0' for the queue: '(self-adjusting) weblogic.kernel.Default' > < < WLS Kernel > > <>< 0000K6PBjoQ9Tc7InIy0VJ1IL4LQ000002 > < 1381254515357 > < BEA-149231 > < cannot create the activation to true for the application state "SHARED services [Version = 11.1.2.0]'."

weblogic.application.ModuleException: [HTTP:101216] Servlet: 'WorkflowEngine' failed by preloading at startup in a Web application: "interoperability."

javax.servlet.ServletException: error of initialization of the DSF ORA-00904: "PROCESSNAME": invalid identifier

at com.hyperion.cesdsf.server.framework.DsfServer.init(DsfServer.java:70)

to weblogic.servlet.internal.StubSecurityHelper$ ServletInitAction.run (StubSecurityHelper.java:283)

at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)

at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)

Validation report

Foundation of Hyperion

Validation of audit FAILED that the audit has been initialized

Error: http://bas10.mnapps.state.mn.us:19000/interoperability/status? component = AUDIT

Recommended action: check the logs of validation for exception details.

0 seconds

Not a NOT THESE validate that CES has been initialized

Error: http://bas10.mnapps.state.mn.us:19000/interoperability/status? component = THESE

Recommended action: check the logs of validation for exception details.

0 seconds

CFG PAST: Configuration validating this configuration tasks is completed

0 seconds

Is NOT CSS validation CSS has already been initialized

Error: http://bas10.mnapps.state.mn.us:19000/interoperability/status? component = CSS

Recommended action: check the logs of validation for exception details.

0 seconds

PASSED DB: Database Connectivity Checking connection to database jdbc:oracle:thin:@(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=dm01client01-vip.mnapps.state.mn.us)(PORT=1521))(ADDRESS=(PROTOCOL=TCP)(HOST=dm01client02-vip.mnapps.state.mn.us)(PORT=1521))(ADDRESS=(PROTOCOL=TCP)(HOST=dm01client03-vip.mnapps.state.mn.us)(PORT=1521))(ADDRESS=(PROTOCOL=TCP)(HOST=dm01client04-vip.mnapps.state.mn.us)(PORT=1521))(LOAD_BALANCE=yes)(CONNECT_DATA=(SERVER=DEDICATED)(SERVICE_NAME=BPAS1APX.mnapps.state.mn.us)(FAILOVER_MODE=(TYPE=SELECT)(METHOD=BASIC)(RETRIES=180)(DELAY=5)))

0 seconds

PAST EXT: Provider Configuration external native authentication control external authentication directory

7 seconds

HTTP FAILED: HTTP check availability of HTTP context http://bas10.mnapps.State.mn.US:19000 / interop

Error: Bad response codes with the methods GET and POST: 404 and 404

Recommended action: Verify that the application is started

0 seconds

HTTP FAILED: HTTP check availability of HTTP context http://bas10.mnapps.State.MN.us:19000/Hyperion-BPMA-server/applications.asmx

Error: Bad response codes with the GET and POST methods both: 503 and 503

Recommended action: Verify that the application is started

0 seconds

HTTP FAILED: HTTP check availability of HTTP context http://bas10.mnapps.state.mn.us:19000 / WebAnalysis

Error: Bad response codes with the methods GET and POST: 404 and 404

Recommended action: Verify that the application is started

Sounds like the upgrade to the relational tables of SSP was not implemented when the database has been set up again.

If you look in the repository and the table CES_PROCESS_DEF you have a column called PROCESSNAME? I think that in 11.1.2.1 table had 4 columns and now have 9

Field	Type	Null values?
ID_PROCESSUS	VARCHAR2 (100)	NO.
PARENT	VARCHAR2 (100)	Yes
THE TYPE OF THE OBJECT	NUMBER	NO.
OBJVALUE	BLOB OBJECT	Yes
APPLICATIONNAME	VARCHAR2 (100)	Yes
PROCESSNAME	VARCHAR2 (100)	Yes
REVIEW	VARCHAR2 (100)	Yes
AUTHORNAME	VARCHAR2 (100)	Yes
DESCRIPTION	VARCHAR2 (100)	Yes

See you soon

John

http://John-Goodwin.blogspot.com/

Hyperion Shared Services - security in excel file

Hi all
Is there a way we can get security information in a format that excel services, and then we can play with this excel file. Once the necessary changes are made, we import it referring to shared services.
We use active directory for user maintenance.
Kind regards

They are stored in the application of planning and the steps of Shared Services, the access permissions for the export of the planning applications using LCM or exportsecurity utility.

See you soon

John

http://John-Goodwin.blogspot.com/

We can EAS Hyperion and Hyperion Shared Services 11.1.1.3 via web link on Internet Explorer 10

Hi all
The company where I work is ready to be upgraded to Internet Explorer 10 on all machines.
We are working on Hyperion Essbase Administration Services and Shared Services for Hyperion (11.1.1.3 Version) and want to be able to access those using the Web link.
The oracle-hyperion-epm-system-certific-2-128342 document on the Oracle's Web site
http://www.Google.co.in/URL?SA=t & rct = j & q=oracle-hyperion-epm-system-certific-2-128342 & source = web & cd = 2 & ved = 0CC4QFjAB & url = http %3 has % 2F % www.oracle.com%2Ftechnetwork%2Fmiddleware%2Fbi-foundation%2Foracle-hyperion-epm-system-certific-131801.xls 2F & ei = ZXBUcWrD4bwrQeon4DIAQ & usg = AFQjCNFzyCHuQTfsekOn-ekJi6ogAwtaVg, & bvm = bv.47883778, d.bmk & cad = AJLN
said
Internet Explorer 6.0
Internet Explorer 7.x
Internet Explorer 8.x
are compatible but not Internet Explorer 10.
We have access to Hyperion Essbase Services of Administration and Shared Services for Hyperion (Version 11.1.1.3) using Web on Internet Explorer 10 link?
Thanks in advance

There are no patches for IE10 and EMP 11.1.1.3

Same 11.1.2.3 does not yet support IE10, until the arrival of the PSU.

Tests - "Enterprise Performance Management product compatibility with Internet Explore (IE6, IE7, IE8, and IE9) [ID 1355681.1].

See you soon

John

http://John-Goodwin.blogspot.com/

Shared services - specified Cluster name is not valid
I'm giving a user access to run a calc script (11.1.2) - when I go to Shared Services for the launch of "cede control of access" I get the message "the Cluster name [Essbase: MyServer name: 1] specified is invalid. How can I fix it? or I go about it the wrong way?

Thank you

Paul
You can use grant Maxl command.

Grant execute 'Sample'.' Basis '.' naked ' for the user 'admin ';

http://docs.Oracle.com/CD/E17236_01/EPM.1112/esb_tech_ref/frameset.htm?maxl_grant.html

Essbase works well? What url you use to start Shared Services?

Concerning

Celvin
http://www.orahyplabs.com

Error in shared services
Hi team,
I see the error in shared services below when I go under user-> Native directory directories - > select a group-> members users Properties.

«EPMCSS-05261: could not get the information of the Aboriginal group.» Error getting to some of the affected user entries. Check the configuration and user directory State.

I tried to reboot the SSP, but I can still see the error. Users get access questions of privilege.

Can you please help.
I had the same error message. It seems to be that an external user (from the Active Directory in MS) has been added to the group. The user is no longer in MS Active Directory. I'm still working on a clean and simple slution to fix this. You can add a user to the groups (SSP) and save the group. You will get a warning that some info will be lost (invalid user info will be lost/removed from the SS registry DB, so no problem there). I have over 700 groups, so it won't be a long term solution (like every Monday, check all 700 + groups). I tried to add a user to the Group of MaxL, but does not remove the invalid user from the group. I was not able to identify the specific invalid user in the SS DB tables.

Furthermore, I believe that in addition to the error message, we have a few problems with intermittent access because of this.

Shared Services vs. .sec in HFM
Hi guys,.

I'm not sure I understand the link between the SSP and the .sec file that is transferred to the application.

I usually give access through properties of Shared Services. What is the difference between giving rights with the SS and do so via a .sec file?

Thank you!
HFM file security manages the following:

-What groups / users are configured for this specific application
-What security Classes exist for this app
-What are the roles for this app do users / groups.
-What class of security access level users / groups in this app

Provides shared Services for the following
-Management of Aboriginal communities and users (add/remove/modify) for the whole of the environment. (no App or same HFM)
-Management composition of Aboriginal groups / users. Linking groups to other groups and/or users
-Commissioning of roles for users/groups to an application (similar to what can be done in the security file)
-Creation of Classes of security (as in the security file)
-Assign the class of access between the classes and the users and/or groups (as you can do in the security file)
-Managing roles for elements OTHER THAN HFM (area of work/reports, etc.)

Your specific question, it is not a difference when it comes to the allocation of rights between Shared Services or via the SEC file. If you were available to users through the Shared Services U / I and then create a security from you would see these changes reflected. (access to a class, rights service, etc.)

Hope that helps

Type of user to the Shared Services
All,
I'm on 9.3.1
So far I have users only to the planning application.
Now, most of the users above have need to access an application native essbase (with planning).
In shared services, under project-> AnalyticServer-> AnalytciServer, only users are listed (no groups) and their Type 'user' is planning.
Now I have to change them to "Planning, Essbase" for each user.
I found no "user Type" in the corresponding section in the export of the CSSImportExport utility.
have many users, is it possible to automate?

Thank you
Krishna
You could look at using maxl

For example

ALTER user user_name add application_access_type Essbase;

or

ALTER user user_name add application_access_type planning;

See you soon

John
http://John-Goodwin.blogspot.com/

Shared services access

Similar Questions

Maybe you are looking for