cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Data Cell Access Security (Slice Security) Not Working With Multiple UD Dimensions

Go to solution
rjgoss
New Contributor III

2 weeks ago

Does anyone have information on how to get Data Cell Access (Slice) Security (henceforth DACS) to work when applying it to multiple UD dimensions?  The app has the entity and scenario security set.  Those are working fine.  If I put only one UD in the DACS, that also works fine.  The problem comes in when subsequent UD dimensions are added to the DACS.  It seems OneStream ignores the DACS and goes back to entity and scenario security.

To add a bit more information, I have tried it multiple ways, with the multiple UDs in the same or different rows in the DACS setup.  It doesn't matter.

Thank you.

Ryan J. Goss
Archetype Consulting
Labels:
0 Kudos
1 ACCEPTED SOLUTION

Go to solution
Krishna
Valued Contributor
In response to rjgoss

2 weeks ago - last edited 2 weeks ago

@rjgoss  - I tested with the following testing and it is working with multiple UD's. It is simple test but it is working as expected. Refer the screenshot.

Note: You have to set the Behavior if the user in Group with filter and without filter.

Read and Write Output

Krishna_0-1714587281506.png

DACS 

Krishna_1-1714587369459.png

 

 

Thanks
Krishna

View solution in original post

9 REPLIES 9

Go to solution
Krishna
Valued Contributor

2 weeks ago

@rjgoss  - As far I know there are no restrictions for the UD's. I would recommend reviewing the OS Foundation Handbook that will provide some information. We need to consider the sequencing. When we define the DACS. 

Krishna_0-1714538701276.png

 

 

 

Thanks
Krishna
0 Kudos

Go to solution
rjgoss
New Contributor III
In response to Krishna

2 weeks ago

Yes, I did the sequencing like in that example.  Also, none of the examples I've seen use multiple UD dimensions.  They always have entity plus something else (I'm counting Intercompany along with entity in the screenshot included).  I will add some screenshots of what I'm trying to do to this thread.

Ryan J. Goss
Archetype Consulting
0 Kudos

Go to solution
MarcusH
Contributor III

2 weeks ago

Can you add some screenshots - what works and hat doesn't work.

0 Kudos

Go to solution
rjgoss
New Contributor III
In response to MarcusH

2 weeks ago

Logically, this should work.

rjgoss_0-1714573155105.png

But as you can see, all UD1 members (second column) are open for editing (this is a partial screenshot, but the others are open too).  Only 65 should be open for editing.

rjgoss_1-1714573295280.png

And even weirder, if you use either of these, the line shown in the bottom screenshot is open for editing even though the Access Group in the bottom row of the DACS setup should NOT have access to any UD2 members, of which one is selected in the QuickView POV.

rjgoss_2-1714574106578.pngrjgoss_3-1714574121747.pngrjgoss_4-1714574149754.png

 

 

Ryan J. Goss
Archetype Consulting
0 Kudos

Go to solution
Krishna
Valued Contributor
In response to rjgoss

2 weeks ago - last edited 2 weeks ago

@rjgoss  - I tested with the following testing and it is working with multiple UD's. It is simple test but it is working as expected. Refer the screenshot.

Note: You have to set the Behavior if the user in Group with filter and without filter.

Read and Write Output

Krishna_0-1714587281506.png

DACS 

Krishna_1-1714587369459.png

 

 

Thanks
Krishna

Go to solution
rjgoss
New Contributor III
In response to Krishna

2 weeks ago

Does it work if you remove the Entity and Account filters in your screenshot and put the UD2 dimension on the columns?  That is more similar to what I am needing to do.

Thanks.

Ryan J. Goss
Archetype Consulting
0 Kudos

Go to solution
Krishna
Valued Contributor
In response to rjgoss

2 weeks ago

@rjgoss  - It is the Same behavior

Krishna_0-1714590488670.png

 

 

Thanks
Krishna
0 Kudos

Go to solution
rjgoss
New Contributor III
In response to Krishna

2 weeks ago

Thanks for the assistance.  It's definitely not as straight forward as one would think.  To add a bit more for anyone reading this, when adding back the security, you need to use all the dimensions in each row of the DACS.

This doesn't work:
Remove UD1 from everyone.
Remove UD2 from everyone.
Remove UD3 from everyone.
Add back all UD2 to a group that the user is in.
Add back specific parts of UD1 and UD3 to a group the user is in.

This works:
Remove UD1 from everyone.
Remove UD2 from everyone.
Remove UD3 from everyone.
Add back specific parts of UD1 and UD3 plus all UD2 to a group the user is in.

Ryan J. Goss
Archetype Consulting

Go to solution
Krishna
Valued Contributor
In response to rjgoss

2 weeks ago

Great! Thanks for the update.

Thanks
Krishna
0 Kudos
Please sign in! rjgoss
Community Resources
Training and Documentation
Additional Resources