Hi, I have set all security settings on an entity to "Nobody" and yet when I see a dashboard using a non-admin user I still see data. The same when using a spreadsheet. This does not make sense to me. What am I missing?

Also, check your application security roles and the "ViewAllData" role. If this has "Everyone" this group trumps/overrides/supersedes any individual entity security you are trying to apply.

All entity security settings set to "Nobody", yet non-admin user stills sees data for entity

T_Kress
Valued Contributor
7 days ago
Also, check your application security roles and the "ViewAllData" role. If this has "Everyone" this group trumps/overrides/supersedes any individual entity security you are trying to apply.
- LFaisco
  New Contributor II
  6 days ago
  This solved it! ViewAllData was set to a group which was not Administrators but included the user I was testing with. After changing this to a more suitable (restricted) group which does not include the test user, it's working as I wanted.
rhankey
Contributor
7 days ago
What is the source of the data that is surfaced to the Dashboard or Spreadsheet? Cube Views, Quick Views, GetCell() that get data from the Cube should be honoring the MetaData security. However, if the data is being surfaced via a let's say a Data Adapter reading from some relational data source, then the data adapter has to replicate the desired security.
- LFaisco
  New Contributor II
  6 days ago
  The source for both is the actual cube.
LFaisco
New Contributor II
7 days ago
In the dashboard it's from a simple Cube View; in the spreadsheet it's a quickview querying the cube directly, nothing fancy. As you say, I was hoping metadata security alone would suffice for this, but it seems it's not working as expected.
- rhankey
  Contributor
  7 days ago
  Are you absolutely positive the user is not directly or indirectly a member of the Administrators group? Administrators trump all OS security. Take a look at or provide a screen shot of Cell Status for a Cube View value for the Entity in question.
  - LFaisco
    New Contributor II
    6 days ago
    I can confirm that the user is not directly or indirectly a member of the Administrators group.
NicoleBruno
Valued Contributor
7 days ago
I think you'll need to share more in order to try to troubleshoot. Here are a couple points I'd confirm:

Can you share the bigger screenshot above showing the entity (looking for the entity name) and also the cell POV from the dashboard/CV? I'd start there - make sure you'll comparing apples to apples and pulling the exact same entity.

Double check that the user you're logged into in order to pull the dashboard doesn't have Administrators in their security (or nested somehow in security).
DBLCheck
New Contributor II
7 days ago
If the user is an Administrator they can see everything within OneStream.

Forum Discussion

All entity security settings set to "Nobody", yet non-admin user stills sees data for entity

Related Content

Excel QuickViews giving pages even for small data set for non-admins

Security

Security report

SIC: Error for non Admin users

Data Cell Access Security (Slice Security) Not Working With Multiple UD Dimensions