Oracle Business Intelligence

Products Banner

Admin user permissions problem

Received Response

I inherited an OBIEE environment that when logging in with the Administrator user I don't see the "Permissions" icon for any of the folders or objects.

When copying an object, the "Paste" button is greyed out

I can edit objects and/or create new, but if I try to save in any of the folders I get "Access denied to user to path …"

I also don't see the link to "Administration" link that should show to the left of the "Help" link. 

Looking in Enterprise Manager and WebLogic Server it seems as the user has all the possible groups/roles.  What could it be?  Is there a ini file that maybe was modified to harden this environment?

Any ideas/help is most appreciated.


  • Joel
    Joel ✭✭✭✭✭

    Have you tried creating a new WebLogic user with Admin rights? Are you sure that there isn't an "overlap" of granted roles? As it sounds like you've granted the original user with all permissions possible. I'd suggest creating a new user and just granting the new user with the top level WebLogic admin roles and see if this makes any difference.

  • I did as you suggested and created a new user

    Added it only the BIAdministrators group - same result: Administration link does not display, no folders under the Shared Folders display and the "Permissions" does not show in the "Tasks " (not that it is grayed out, it just does not show)

    Added BIAuthors - same

    Added BIConsumers - same

  • Joel
    Joel ✭✭✭✭✭

    I would suggest looking at the catalog in offline mode and checking the permissions there and ensuring all is OK.

  • Please mention the version of BIEE you are using.

    From the name of the roles, it looks like you are on 11g and since you are getting "Access denied to user to path" , it looks like a GUID mismatch or lack of catalog validation issue


    OBIEE 11g: How To Refresh the GUIDs and Perform a Web Catalog Validation - Cluster/Scale-Out - the Reasons to do it, Preventing Inconsistencies and Process Detail (Doc ID 1493912.1)

    Remember, its valida if you are on 11g.


  • 3614817 wrote:Added it only the BIAdministrators group - same result...

    Don't you have any other app roles than BIAdministrator, BIConsumer, BIAuthor? Because those are just the out of the box application roles, but doesn't mean they are really used accordingly to their names.

    In a real environment I would expect these 3 to not be used or just be there as references, but to have many more application roles to define the real security.

    You would need to look into the document describing the security model setup to find out what is really needed to be an admin.

    Right now in your environment you aren't really admin, you don't have any other access than a quite generic BIAuthor I would say.