Problem with rules on security cubes in TM1 9.5.1

[chrisjdixon]

The following is an example of a very simple rule on }DimensionSecurity that worked perfectly in TM1 9.0

Code: Select all

[{'CHANGE',
'FULLREAD',
'LATE_ADJ',
'READ_ONLY',
'RolloverFinal'}] = S: 'READ';

We are currently testing for an upgrade to TM1 9.5.1 and our cube, dimension and element security rules have all stopped working.

If I look at the data in the }...security cubes then things look fine, but if I check the security through the TM1 security screens then the rules seem to have no impact. Creating a test user has also proven that the security rules are not working.

I have tried performing security refreshes, adding FEEDSTRINGS to the rules and dropping then recreating the rules, with no effect.

Has anybody else come across this issue in 9.5.1?

[chrisjdixon]

Setting the PrivilegeGenerationOptimization parameter in the tm1s config file to F has solved the problem

[lotsaram]

Setting the PrivilegeGenerationOptimization parameter in the tm1s config file to F has solved the problem

PrivilegeGenerationOptimization basically requires that all rules in security cubes need to be fed with FEEDSTRINGS (... presumably from another cube) in order to function.

If you remove the PrivilegeGenerationOptimization parameter then security rules will work without being fed (which is the normal status quo, that parameter is only recommended for use to optimize security refresh time and server load time in large rule based security models with either very very large dimensions with element security and/or lots of cell security cubes.)

There were some issues in 9.5.0 and 9.5.1 with strings not being properly fed. I thought these had been fixed but maybe not? Either the bug in feeding string cells in this version is your issue or else you haven't fed the rules correctly. Hard to say which unless you give a fair bit more information on how you attempted to feed your security rules.