TM1 Forum

Not vitally important but I was curious if anyone out there knew a way

Are there any ways to open a .cub file from a tm1 model without using tm1 (via architect, server explorer, contributor,etc.)?

You can "open" it with anything you want but the only way to make any sense of what is in there you'll need to take the .cub file and all the related .dim files the cube uses, plus the .rux file if it exists, and run a TM1 server on it. Then you can use Architect, Perspectives, or TI to get the data out.

Ok, Thanks.

One of the reasons I ask was if there was a way to edit cube data without having architect. perspective, contributor, etc.

So for some reason if you couldn't log into a tm1 model but had access to the cube files, you couldn't edit the }ClientProperties cube and find out what the login/password for a user was.

mastertito4 wrote:So for some reason if you couldn't log into a tm1 model but had access to the cube files, you couldn't edit the }ClientProperties cube and find out what the login/password for a user was.

Even if you knew how to get into the }ClientProperties cube the password is encrypted so you wouldn't be able to see what it is, and if you change it, the person won't be able to log in afterwards because it will be comparing an encryption key against non-encryped data.

Wow, third post today - can you tell I'm bored waiting on massive TI jobs?

If you're looking at it from an audit point of view (as it appears), bear in mind that by copying all the files and dumping it into a new server but deleting the }Clients dim will give you free reign over all the data in the system by allowing you to sign in as admin with a blank password.

Pretty big security loophole really - usually bypassed in audit by the "you need access to the files in the first place" argument.

Edit - and let's not forget copying the encrypted password from }CLientProperties and pasting to excel, changing it, doing what you want to do as that user then pasting it back from Excel to set someone up (remembering to turn logging off on the cube first obviously). Unless of course you're using LDAP.