If you are unable to create a new account, please email support@bspsoftware.com

 

News:

MetaManager - Administrative Tools for IBM Cognos
Pricing starting at $2,100
Download Now    Learn More

Main Menu

Report security

Started by missspeedy23, 20 Jan 2016 04:04:44 AM

Previous topic - Next topic

missspeedy23

I have set a new user group up on BI for 2 users that only need access to run 3 reports. I have created shortcuts to these reports in their own folder under public folders and given execute/traverse permission on the package and the parent folder of the reports which cascades down the these 3 reports. The problem I have is that in addition to seeing their own folder they can also see all packages (even though they only have execute and traverse on one) and all reports in the folder and the folder above this. I have even tried giving them denied read access to the folders I don't want them to see and they can still see things they shouldn't. I've checked that "everyone" doesn't exist in the permissions and it doesn't.

Any ideas?

MFGF

Quote from: missspeedy23 on 20 Jan 2016 04:04:44 AM
I have set a new user group up on BI for 2 users that only need access to run 3 reports. I have created shortcuts to these reports in their own folder under public folders and given execute/traverse permission on the package and the parent folder of the reports which cascades down the these 3 reports. The problem I have is that in addition to seeing their own folder they can also see all packages (even though they only have execute and traverse on one) and all reports in the folder and the folder above this. I have even tried giving them denied read access to the folders I don't want them to see and they can still see things they shouldn't. I've checked that "everyone" doesn't exist in the permissions and it doesn't.

Any ideas?

Hi,

Are the users members of any other groups or roles that grant them privileges? A user will be default get the sum of all privileges granted to the groups/roles they belong to.

The other thing to check is that the Everyone group is not a member of the System Administrators role - if so, everyone will have privileges to see and do everything, regardless of what security you define.

Cheers!

MF.
Meep!