BI permissions and custom folder privileges should not be affected during upgr — Oracle Analytics

Oracle Transactional Business Intelligence Idea Lab

Welcome to the Oracle Analytics Community: Please complete your User Profile and upload your Profile Picture

BI permissions and custom folder privileges should not be affected during upgr

173
Views
15
Comments

Organization Name

Keurig Green Mountain, Inc

Description

Currently, upgrades wipes off any custom permissions or folder level privileges in BI, forcing us to apply them back every time after an upgrade. Is there a way to keep them intact? 

 

Already have an ER going through the following SR:  SR 3-22463462591 : How to preserve BI permissions and other custom settings through upgrades?

Use Case and Business Need

Based on business needs,  we have modified some settings in BI. These are getting wiped off during upgrades. It is time consuming to reapply the BI settings everytime after an upgrade. 

Original Idea Number: d1fa138b71

2
2 votes

Submitted · Last Updated

«1

Comments

  • Adam Liu
    Adam Liu Rank 4 - Community Specialist

    Voted. It's important to preserver custom settings after Upgrade or CWB.

  • Anand DN-Oracle
    Anand DN-Oracle Rank 2 - Community Beginner

    Any changes made to shipped reports/folders including permissions are not expected to be preserved after an upgrade. These are not supposed to be changed at customer site.

    E.g., /shared/Service/Embedded Content/Customer Service Manager.

    Content under 'Custom' folder, e.g., /Shared Folders/Custom/Customer Relationship Management, is expected to be intact after an upgrade. This includes permissions. If you see that permissions granted prior to upgrade have been wiped out, then probably it is a bug. Please file one.

    Thanks

    Anand

  • Anand DN-Oracle
    Anand DN-Oracle Rank 2 - Community Beginner

    Update: Providing clarity as there are two asks related to post upgrade behavior:

    (i) Preservation of Custom Permissions granted to reports and

    (ii) Preservation of Custom Privileges

    As mentioned previously, (i) is current capability. If you face issues, file a bug

    (ii) is not yet delivered. For this reason, updating status.

    Also this needs to move to 'OBIEE for Applications' forum as it is a BI platform related capability, not report content.

  • Tom Strudley
    Tom Strudley Rank 4 - Community Specialist

    Definitely like the idea of this to reduce overhead on each upgrade

  • Laura Meine
    Laura Meine Rank 2 - Community Beginner

    This is very important.  We have many clients who don't want the majority of their OTBI users to be able to modify content that was created by our consultants, but they also want to provide the author capability.

    We found that there is no way to remove the ability to edit reports from the BI Author/BI Platform Author.  We had an SR where we were told the seeded BI Platform Author role has built in functionality around being able to edit analytics.  The only way around this for us was to create a custom author role and then assign the custom role to 403 privileges in the BI Catalog security.  Then we created a special folder under Shared Folders/Custom that has full control for the custom role.  This allows our OTBI authors to create content and share it in this custom folder, but they can't edit analytics in the other Shared Folders/Custom folders.

     

    With 403 privileges being wiped out every quarter, this takes about an hour to add everything back and it has to be done in all environments.  I logged another SR & was told there was an enhancement request for this.  I wanted to get that bug number attached to this idea as well.  Enh 28616486 - PRESERVE CUSTOM BI PRIVILEGES

    Looking forward to a solution being released.

  • Matt Van Asten
    Matt Van Asten Rank 4 - Community Specialist

    Here is a similar Idea Lab, but at the Administration > Manage Privilege level of OBIEE: https://cloudcustomerconnect.oracle.com/posts/2d0c3ed91f

  • Tony Puentes
    Tony Puentes Rank 1 - Community Starter

    This poses a security risk every upgrade, please fix this already! :)

  • Laura Meine
    Laura Meine Rank 2 - Community Beginner

    We have since found that updating the BI Author to only have Open privileges on the folders does actually prevent them from making changes to existing objects.  However, when this gets wiped out after an update, it puts the catalog objects at risk if clients don't remember to go put it all back.

    Our clients are very frustrated with this.

    Please fix it soon!
    Laura

  • User_POIIW
    User_POIIW Rank 2 - Community Beginner

    Permissions should be retained after patching or at least an import/export option given since these settings do not get set for cloning. We have 15 environments we have to continually change after patching.

  • User_NGYZL
    User_NGYZL Rank 1 - Community Starter

    After each upgrade, we have to assign Save Content with HTML Markup privilege to BI Author role so the users can save their OTBI reports in My Folder folder while they need to work on the reports. Preserving custom security settings would let us not to worry about re-applying this setting manually after each upgrade.