Hello,
I didn´t find a related topic but I´m sure that I´m not a first one who faced with the following issue. We have two environments - DEV & PROD and we use AD authentication. From time to time we face with the issue when a user doesn´t see application or can´t edit data etc. All these issues are related to the user rights.
I have 5 test users who are saved in LDAP and I need to set up an each user individually according to the user who reported a problem. You can imagine how difficult it is.
Product: Cognos BI 10.2, TM1 10.2.2 FP4
Do you have some reccomendations in this case?
Thanks for help
LJU
Managing user rights
-
tomok
- MVP
- Posts: 2836
- Joined: Tue Feb 16, 2010 2:39 pm
- OLAP Product: TM1, Palo
- Version: Beginning of time thru 10.2
- Excel Version: 2003-2007-2010-2013
- Location: Atlanta, GA
- Contact:
Re: Managing user rights
There are no shortcuts for assigning user rights to objects in TM1. If your security model was designed properly it was done with the concept of "roles" whereby rights are designed to roles in the organization. This way all you have to do is assign new users to their respective roles which should take only a few seconds or minutes, depending on how many roles they have.
-
jwilkins
- Posts: 18
- Joined: Wed Sep 30, 2015 12:40 pm
- OLAP Product: TM1
- Version: 9.5.2+
- Excel Version: 2007
Re: Managing user rights
I'm a software engineer at Motio and we're currently working on a feature for our TM1 admin tool that could be helpful. The goal was to make debugging security issues as easy as possible. The feature is currently in beta but if you want to give it a spin and see if it helps, send me a PM and I'll get you a beta key.
There are some other good 3rd party tools out there, some of which include improved views of security. I'm not sure how much they help in debugging a specific issue, but they may be worth a look.
If you don't want to go with a 3rd party solution, Tom is right. It's all about starting out with a very well designed system and sticking to it. I'd just add that you probably want to document your roles and the types of access they should have so you don't end up with ambiguously defined roles.
There are some other good 3rd party tools out there, some of which include improved views of security. I'm not sure how much they help in debugging a specific issue, but they may be worth a look.
If you don't want to go with a 3rd party solution, Tom is right. It's all about starting out with a very well designed system and sticking to it. I'd just add that you probably want to document your roles and the types of access they should have so you don't end up with ambiguously defined roles.
Emily Wilkins - Software Engineer
Motio, Inc.
Motio, Inc.
-
Elessar
- Community Contributor
- Posts: 412
- Joined: Mon Nov 21, 2011 12:33 pm
- OLAP Product: PA 2
- Version: 2.0.9
- Excel Version: 2016
- Contact:
Re: Managing user rights
1. Login as a test user to TM1 (login to perspectives, open .../pmpsvc, etc). The rights in }clientgroups cube will be filled from Cognos user-groups assignment
2. Open new architect, login as admin. Open }Clientgroups cube, ZeroOut everything in "Tetsuser" column, copy everything from a problem user to the test user.
3. By test user refresh the page. No RefreshSecurity is needed
2. Open new architect, login as admin. Open }Clientgroups cube, ZeroOut everything in "Tetsuser" column, copy everything from a problem user to the test user.
3. By test user refresh the page. No RefreshSecurity is needed