Categories
- All Categories
- Oracle Analytics Learning Hub
- 19 Oracle Analytics Sharing Center
- 18 Oracle Analytics Lounge
- 231 Oracle Analytics News
- 44 Oracle Analytics Videos
- 15.9K Oracle Analytics Forums
- 6.2K Oracle Analytics Idea Labs
- Oracle Analytics User Groups
- 86 Oracle Analytics Trainings
- 15 Oracle Analytics Data Visualizations Challenge
- Find Partners
- For Partners
Shared Folders Permissions Greyed Out for BIAdministrator
Hi Team,
I am not able to view the permissions on shared folders for BI Administrator user. The option is greyed out.
I believe BIAdministrator should be able to view all the permissions.
Please explain the expected behavior
OBIEE Version: 12.1.1.4
Answers
-
2634558 wrote:I believe BIAdministrator should be able to view all the permissions.
"BI Service Administrator" is just an application role like any other, it's called administrator but it doesn't mean that it will always have access to everything...
Is that a new instance you just installed? Or maybe somebody already changed some permissions like removing the rights to "BI Service Administrator" to manage permissions on the base shared folder?
Everything can always be changed if needed, it just depends if it is like that by choice or by mistake ...
0 -
BIAdministrator and BIServiceAdministrator are totally different things. That's the difference between 11g and 12c.
Is this a migrated instance? Did you forget to switch out the roles?
0 -
Hi Gianni,
Thank you for the reply. Actually the weblogic user had all permissions until yesterday morning.
I had denied permission to shared folders to another application role created by us. But after that even weblogic user permissions to shared folders greyed out.
I am not getting any option to revert it back. The Weblogic user is the one which is supposed to have all privileges and permissions.
But now for this user itself, it is greyed out.
I hope I was able to explain it correctly.
0 -
Hi Christian,
Thank you for the reply.
This is not a migrated instance.We do not have any role by name BIAdministrator in our set up.We only have BIServiceAdministrator.
As explained above, the user had permission earlier and now it is not there after permission was denied to another application role.Weblogic user does not have the application role for which the permission was denied and there is no inheritance as well. I have check everywhere possible.
Please guide on how to it back to its original access. Since the option is greyed out for weblogic, I am unable to change the permissions.
0 -
If you have full access to everybody it's not impossible that somebody removed BIServiceAdministator from the full access permissions and reduced them to "Read" or the likes.
I.e. somebody did this:
Which is a pretty bad thing to do (in order not to use un-nice language).
Open the catalog using Catalog Manager in offline mode and change the permissions.
0 -
As Christian said: Catalog Manager in offline mode allows you to change permissions.
Keep in mind inheritance is a thing: a "deny" is really strong and can be inherited by your weblogic account too. Instead of deny you often avoid setting permissions, which (if there isn't an explicit grand inherited) has the same effect but you don't have side effects because of inheritance.
0 -
Hi Christian,
Thank you the solution. I can see that BIServiceAdministrator application role permission is denied. I have updated it to Full Control in offline mode in catalog manager. Can I replace the updated shared.atr file in the server. Would it work fine.
Or it is better to change permission in online mode.
0 -
Hi Gianni,
Thank you for the solution. I will ensure not to use deny as mush as possible and will explicitly grant permissions.
0 -
Stop OBIPS, do the changes in offline mode, start OBIPS.
0 -
Thank you for your inputs. Your guidance is extremely useful for all the OBIEE developers.
0
