2 Replies Latest reply: Feb 26, 2013 7:32 AM by Maraprik RSS

    OBIEE 11 1 1 5 security issue.

      We have 3 users

      12345 has access to one country say India
      67890 has access to one country say china
      98765 has access to two countries. say india and china

      These were created in the console.

      I have created a row wise initialization bolck.


      I created two groups IN_USER, CN_USER for each country. i assigned the users to respective groups in the console. Created roles in the EM and mapped them to these groups with the same name. I then synched it to the RPD and then added the data filter based on country dimension saying country code = VALUEOF(NQ_SESSION.COUNTRY).

      Now when I login as a user with 1 country access say india, there is a no facts at requested level error. Now I go ahead and provide BIAUTHOR to the user and then login. I can see the reports working but bringing back data for all countries. I remove author and say BICONSUMER, in answers the report brings back only one country from country dimension but in the dashboard i get the same error as before.

      What is this behaviour. The same setup in works like a charm.

      This when queried in a column or a filter explicityly brings results. for example if I add it to a report as filter (VALUEOF(NQ_SESSION.COUNTRY), it works fine. It works fine when I add it to a dashboard prompt. It works when I add it to the logical source as where clause except that weblogic user gets an error all the time(IS THERE A WAY TO CORRECT THIS?).

      I am not able to understand this. Please help me with a solution.
        • 1. Re: OBIEE 11 1 1 5 security issue.
          try adding the BIAuthor role to the IN_USER role and other in EM and then give the BIAuthors membership to IN_USER group in console and then synch the Roles at RPD and restart the BI Services and verify the rpeorts.

          Also see what roles and groups your are part by checking the My Account -> Catalog Groups and Cata log Roles Page.

          Please mark this post as helpful
          • 2. Re: OBIEE 11 1 1 5 security issue.
            I have done all this. I just want to understand this behaviour. Why do we need to include the BI Author while having BI Consumer working for the users.