TM1 Forum

Is there a configuration file in TM1 that you can set to limit the allowed number of user per TM1 Server? I can only find the configuration for the number of TM1 Groups allowed to create.

Are there any other configuration that is not found in the manual that can be useful in being able to create a well-secured access & performance of a TM1 Server?

appleglaze28 wrote:Is there a configuration file in TM1 that you can set to limit the allowed number of user per TM1 Server? I can only find the configuration for the number of TM1 Groups allowed to create.

Are there any other configuration that is not found in the manual that can be useful in being able to create a well-secured access & performance of a TM1 Server?

Applix implemented this through the GUI rather than the .cfg file. It works this way.

If you're the administrator, you limit the number of users by:
(a) Not right clicking on the server icon and selecting Security-> Clients/Groups.
(b) If you DO select that option, avoiding selecting the Clients -> Add New Client menu option.

Assuming that you're on a named user licence, this process does also require the administrative skill of being able to track how many client logins you've assigned, removing ones which are no longer needed, and only assigning new ones to people who actually need the access. Hint: can help here.

Voila, you have limited the allowed number of clients without having what would be a completely pointless server configuration setting.

(The setting for the maximum number of groups is there because it can have memory impacts given that in each secured dimension, every element intersects with every group. To store a dormant client, the memory usage is negligible. Hence, the reason that you have a GroupsCreationLimit (though even that isn't enforced when you use TI to create groups), but not a ClientsCreationLimit.)

Okay I was thinking of in a license perspective. If for example, your from IT and you let another department handle the security, users and groups of TM1 and be the adminsitrator...just to ensure you abide by the rules and have equal number of users in your TM1 Application with the license you bought.

I guess you'll just have to remind them of the # of liscense.

There is a switch in TM1S.LIC file
This switch used to work at Applix time. I have not tired it now. Hopefully this works for you.

From my understanding the license file (though still there) was made useless a few releases ago. The first or second Cognos release specifically removed license controls out of the product and placed the responsibility on the admin. I could be wrong, I have not tested it, this is based on my recollection of the docs from that release.

George Regateiro wrote:From my understanding the license file (though still there) was made useless a few releases ago. The first or second Cognos release specifically removed license controls out of the product and placed the responsibility on the admin. I could be wrong, I have not tested it, this is based on my recollection of the docs from that release.

Yes, I think you're correct. The other thing is that IIRC the max users value in the old licence files related to concurrent users as per the original Applix licencing model, and not to the number that you can create on the server as per the current named user model. (Some sites are still on legacy concurrent licences, though since Appleglaze is relatively new I doubt that he's among them.) I also recall seeing a document like the one that you're describing; one which states that licence compliance is the responsibility of each customer, subject to audit.

Upon reflection I did once work in a place where TM1 was run out of the IT department and the idiot IT manager centralised creation of logins for all systems with the help desk, so I can see his problem... but the best solution is to have the policy reversed and hand it back to a proper TM1 admin who can (a) Ensure correct authorisation of access (b) Allow access for only those who need it, (c) Monitor who's accessing it so that dormant logins can be queried or killed but most importantly of all (d) Plan for any expansion so that the number of client licenses matches future needs. Someone at a help desk working off a "how to create a login" checklist simply won't know /be able to/ be interested in how to do that.