Hi all,
This could be a stupid question, but I dont seem to find how to secure the rules from the end users who have access to Perspectives and have write access to the cube.
I do not even want them to see that this cube has a rule file.
THANKS a million
micheline
Secure the RULES
-
- Posts: 136
- Joined: Tue Aug 10, 2010 5:40 pm
- OLAP Product: Planning Analytics
- Version: 2.0
- Excel Version: EXCEL 2013
Secure the RULES
Thanks
Micheline
Micheline
-
- MVP
- Posts: 2832
- Joined: Tue Feb 16, 2010 2:39 pm
- OLAP Product: TM1, Palo
- Version: Beginning of time thru 10.2
- Excel Version: 2003-2007-2010-2013
- Location: Atlanta, GA
- Contact:
Re: Secure the RULES
You can't. Anyone that has at least READ to a cube can see the rules. They can't change the rules unless they have ADMIN.mnasra wrote:Hi all,
This could be a stupid question, but I dont seem to find how to secure the rules from the end users who have access to Perspectives and have write access to the cube.
I do not even want them to see that this cube has a rule file.
THANKS a million
micheline
- stephen waters
- MVP
- Posts: 324
- Joined: Mon Jun 30, 2008 12:59 pm
- OLAP Product: TM1
- Version: 10_2_2
- Excel Version: Excel 2010
Re: Secure the RULES
When you say "Perspectives" do you mean Excel add-in or server explorer? Using Capability Assignments you can restrict users from accessing Server Explorer so they wont be able to see rules but can still use Excel add-in.mnasra wrote:Hi all,
This could be a stupid question, but I dont seem to find how to secure the rules from the end users who have access to Perspectives and have write access to the cube.
I do not even want them to see that this cube has a rule file. micheline
-
- MVP
- Posts: 733
- Joined: Wed May 14, 2008 11:06 pm
Re: Secure the RULES
Another alternative is to have a second cube where the results of the rule-driven cube and sent in via TI. Users who shouldn't be able to view the rule file can have access to this second cube and not the first - thus being able to access the data via Server Explorer but not be able to see the rules (if you set the security up right). Obviously there's quite a lot of development and maintenance overhead with this way not to mention that results will no longer be 'real-time'. YMMV.
Robin Mackenzie
-
- MVP
- Posts: 3113
- Joined: Mon Dec 29, 2008 6:26 pm
- OLAP Product: TM1, Jedox
- Version: PAL 2.0.9.18
- Excel Version: Microsoft 365
- Location: Brussels, Belgium
- Contact:
Re: Secure the RULES
Not to mention rules at C level of the dimensionsrmackenzie wrote:Another alternative is to have a second cube where the results of the rule-driven cube and sent in via TI. Users who shouldn't be able to view the rule file can have access to this second cube and not the first - thus being able to access the data via Server Explorer but not be able to see the rules (if you set the security up right). Obviously there's quite a lot of development and maintenance overhead with this way not to mention that results will no longer be 'real-time'. YMMV.
Best regards,
Wim Gielis
IBM Champion 2024
Excel Most Valuable Professional, 2011-2014
https://www.wimgielis.com ==> 121 TM1 articles and a lot of custom code
Newest blog article: Deleting elements quickly
Wim Gielis
IBM Champion 2024
Excel Most Valuable Professional, 2011-2014
https://www.wimgielis.com ==> 121 TM1 articles and a lot of custom code
Newest blog article: Deleting elements quickly
-
- MVP
- Posts: 733
- Joined: Wed May 14, 2008 11:06 pm
Re: Secure the RULES
Sure - good point. This alternative is only really going to be an option if your rules are at n: level only. Otherwise, you'd be faced with building summary dimensions in the 'reporting' cube and suddenly the option is looking quite impractical.Wim Gielis wrote:Not to mention rules at C level of the dimensionsrmackenzie wrote:Another alternative is to have a second cube where the results of the rule-driven cube and sent in via TI. Users who shouldn't be able to view the rule file can have access to this second cube and not the first - thus being able to access the data via Server Explorer but not be able to see the rules (if you set the security up right). Obviously there's quite a lot of development and maintenance overhead with this way not to mention that results will no longer be 'real-time'. YMMV.
Robin Mackenzie