Categories
OBIEE - Manage Privilege - Upgrade Stability
Organization Name
Southern
Description
We are using "Manage Privileges" under OBIEE Administration > Security to secure access to different roles created for the organization. For example, we have create different Admin role types to manage different components of OBIEE. However, after an upgrade (i.e.v confirmed impact during 20B to 20C, 20C to 20D), the "Manage Privileges" custom settings are being reset to default. An upgrade does not keep the client's setting. We have to manually reset the "Manage Privileges" after each upgrades.
Examples:
Access "Access to Administration" is restricted to a client "XX BI Administrator Role" as 'Granted' instead of "BI Administrator Role" to further restrict access to Administration components across the HR and FIN Teams. The 'BI Administrator Role' is removed from the setting. However, after an upgrade, the "BI Administrator Role" is reset as 'Granted' and the "XX BI Administrator Role" is no longer part of the setup in "Manage Privileges"
Time to reset after each upgrade per POD: 1-5 hours
Expected behavior: The client's setting should not be reset after each upgrade for OBIEE "Manage Privileges."
Use Case and Business Need
The use case is for an upgrade not to erase client specific settings in OBIEE under Administration. We are confirming that other components like SFTP setup are not being impacted. The Administration > Security > Manage Privileges controls key settings for client to secure their OBIEE application and should not be impacted by an upgrade.
More details
The manage privileges of OBIEE should be 'update safe.' A client should not have to reset each of their FA pod after an upgrade.
Original Idea Number: 2d0c3ed91f
Comments
-
Great idea and definitely required.
0 -
It will be useful to all clients. Most all clients customize their reporting security, and having to manually re do it after an upgrade allows for potential mistakes in the re-do, and causes hours of rework.
0 -
Much needed feature/capability! Learned of this gap the hard way on Enterprise Project that is in progress where we made changes to Manage Privileges in multiple environments and they were reset to default after Oracle Financials Cloud 20D upgrade.
0 -
It would be great if Oracle can maintain BI Security privileges setting after an upgrade, reduces the effort involved in post upgrade validation and regression testing related to BI security. More and more clients are asking for this feature.
0 -
Much needed.
0 -
Thanks for liking this post, we will update it once we receive the latest information from Oracle
0 -
There is a similar idea under review for the custom folder permissions that are reverted after updates. I believe these are both equally important and should be modified in the same release.
https://cloudcustomerconnect.oracle.com/posts/d1fa138b71
PLEASE fix this soon. This is a conversation I have with every newly live Cloud client. This poses an unnecessary security risk when our custom BI catalog security is wiped out.
Thanks!
Laura
0 -
Manage Privileges Should Upgrade Safe.
0 -
Good idea.
0 -
This is so important - to still not have configuration secured through patch upgrades causes real problems....and the number of patches that get applied when you are a large ERP/payroll customer with CWBs all the time makes this an onerous activity.
Is there an update from Oracle as to when this is going to happen?
0