This discussion is archived
7 Replies Latest reply: Jul 6, 2012 6:00 AM by AmithY RSS

Catalog Security OBIEE 11g

AnkitR Gupta Explorer
Currently Being Moderated
hi Experts,

we want to implemet some security for BI Consumer Role.
1. They should have access to Dashboard, ie they can see all reports and Filters on Dashboard and save custimization.
2. they should not have access to shared folder or any reports in saved folder.



if this is possible , then let mention the detailed steps to achieve it.

Regards
Ankit
  • 1. Re: Catalog Security OBIEE 11g
    SaichandVaranasi Guru
    Currently Being Moderated
    Hi ankit,
    . They should have access to Dashboard, ie they can see all reports and Filters on Dashboard and save customization.
    its better to create own folder/my folder to save their reports and give respective permissions because in your 2nd point they should not access the shared folder which means u need to remove the access for all the folders(if u do that no other dashboard appears to user).


    Refer below link 17 and 18th steps to set permissions.

    http://varanasisaichand.blogspot.in/2011/03/obiee-11g-security-creating-users-and.html#!http://varanasisaichand.blogspot.com/2011/03/obiee-11g-security-creating-users-and.html



    Thanks,
    Saichand.v
  • 2. Re: Catalog Security OBIEE 11g
    910308 Newbie
    Currently Being Moderated
    Hi AnkitR,

    we can achieve the

    1) BI consumer Role should have access to Dashboard, ie they can see all reports and Filters on Dashboard and save custimization : By setting the permission for biconsumer role as Custom and under it select only Read , travers & write so that group user can modify the the reports only

    2) But i ma confused with second requirement BI consumer Role should not have access to shared folder or any reports in saved folder. If we assign the permission for "save custimization" then how can we stop then to access of share folder

    Please, elaborate the security with one scenario..

    Rhishikesh

    Edited by: Rhishikesh on Feb 3, 2012 2:27 AM
  • 3. Re: Catalog Security OBIEE 11g
    user13333269 Newbie
    Currently Being Moderated
    Hi Experts

    Is there a way to hide the shared folders from users and only give them access to the dashboards to run the reports?

    Can this be acheived, I guess Ankit it looking for this requirement

    Edited by: user13333269 on Feb 3, 2012 2:25 AM
  • 4. Re: Catalog Security OBIEE 11g
    AnkitR Gupta Explorer
    Currently Being Moderated
    Is there a way to hide the shared folders from users and only give them access to the dashboards to run the reports?
  • 5. Re: Catalog Security OBIEE 11g
    obiee11g Newbie
    Currently Being Moderated
    I dont think it is possible. I think your question stems from the way 10g works.

    In 10g, a "dashboard only" user does not get to see the "Answers" link which forbids him to see the catalogs.
    In 11g, since the catalog link is provided right on top of the homepage, and various other places, a "dashboard only" users can see Shared folders etc.

    Fixing it in 11g will happen by fixing the webcatalog permissions.
  • 6. Re: Catalog Security OBIEE 11g
    Dhar Expert
    Currently Being Moderated
    Hi,

    Yes, there are some ways to let the users access 'Dashboards' but disable them to view shared folders(code).

    Approach 1:

    In 11.1.1.6.2, there is an option to complete take away the 'Catalog' link on the top. So, users do not get to browse the catalog itself.

    Approach 2:

    On the shared folders, set the 'BIConsumerRole' a traverse permission but on the dashboards folder give them an 'Open' permission. Travserse lets the user run the dashboards beneath, but do not let them browse the folders. However, there is one issue here which we observed is the approach 2 takes off the dashboards from the 'Dashboards' drop down menu on the top. But, however we can still make it work though with some links etc.

    Approach 3:

    Create all the dashboards in one shared folder, but the source reports in another folder. Set 'Open' permission for the dashboards folder, but traverse for the 'Reports' folders for 'BIConsumerRole'.

    Hope this helps or gives you a hint.

    Thank you,
    Dhar
  • 7. Re: Catalog Security OBIEE 11g
    AmithY Expert
    Currently Being Moderated
    Yes, Absolutely. Select shared folders, and click on properties, and select the Hidden check box. This will now allow only users that have the privilege to see hidden items see the shared folders and other will no longer see the shared folders but will be able to run the reports/dashboards if they have access to it, based on the permissions setup on the objects.

    Thanks,
    -Amith.

Legend

  • Correct Answers - 10 points
  • Helpful Answers - 5 points