9 Replies Latest reply on Sep 20, 2018 12:53 PM by Thomas Dodds

    OBIEE Security - Anyway to allow end users to self manage?

    chillychin

      So our OBIEE user population is generally small - my group would get an access request maybe a few times a month usually.

       

      Currently we use LDAP to authenticate, and then through enterprise manager we assign users to a security group, which then gets mapped to a security role. All good so far

       

      We have a new group of users that are aiming to use OBIEE for their reporting needs. The twist though, is that they also want to self govern their own users.

       

      As I mentioned, traditionally an admin would log into EM to set up the appropriate security. But in EM, we of course have a lot of other functionality, such as starting and stopping the services - And we of course dont want to give this ability out willy nilly.

       

      I know theres a few places that we can control security, such as in the RPD, enterprise manager, weblogic console or the presentation services (analytics) itself.

       

      But we definitely dont want to give a non technical person access to the RPD, EM or the WLC, unless we can restrict sections of these items which I have not seen before. Now with the presentation services, we 'may' be able to allow people the ability to manage folders they own to allow access. But I can see this becoming a real mess real fast. And an end user would still need to be authenticated first, before even getting to be authorized for areas of the presentation services.

       

      Perhaps Im rambling, but just curious has anyone implemented OBIEE where it allows end users to self govern access?

       

      If so, how did you go about doing it?

       

      Thanks in advance