Forum Discussion

kmd's avatar
kmd
Contributor II
2 days ago

Looking for a security report

Hi all,

Does anyone know if the standard OS security audit or application dashboard reports present a way to determine all of the objects within a OneStream application where a particular Security group is used?
For example - let's say I have a grp called "E_WF_specialUsers" and I want to better understand where this group is used within my application (i.e. is it attached to the display group of certain user dimensions, or account members, or workflows, cube views, etc.).

I can't seem to find anything that does this within OS but want to make sure I'm not missing something here.

Thanks in advance,

K.

Metadata
Security

1 Reply

  • T_Kress's avatar
    T_Kress
    Valued Contributor
    2 days ago

    No, no such report currently exists.  There are two Partner Solution Exchange tools that show that information, I believe.  These would be paid subscription tools:

     

     

     

     

     

     

     

     

    But none that are OS developed yet.  I developed a data adaptor that queries this info but the SQL data adaptors has to go across both the Framework database and the Application database.  This is because security groups are stored in the Application database with their unique IDs, not security group names.  So to pull back the group name you have to join tables from Framework and App databases.  And Azure does not let you SQL across databases in the Cloud (Azure limitation not OS) so this tool only works on my local laptop, unfortunately.

    But I understand your ask.  You are trying to find all the objects within an application where a security group has been assigned.  Effectively a trace of a security group.  The only way I know of right now is to extract app zip file and search, which is very manual and not easily repeatable.

    This is achievable in OS via a BR where you open a database connection to each database separately and then perform SQL joins in the BR, as opposed to directly in the data adaptor.

    Maybe a good idea for Idea Stream!