04-30-2024 05:25 PM
Does anyone have information on how to get Data Cell Access (Slice) Security (henceforth DACS) to work when applying it to multiple UD dimensions? The app has the entity and scenario security set. Those are working fine. If I put only one UD in the DACS, that also works fine. The problem comes in when subsequent UD dimensions are added to the DACS. It seems OneStream ignores the DACS and goes back to entity and scenario security.
To add a bit more information, I have tried it multiple ways, with the multiple UDs in the same or different rows in the DACS setup. It doesn't matter.
Thank you.
Solved! Go to Solution.
05-01-2024 02:16 PM - edited 05-01-2024 02:18 PM
@rjgoss - I tested with the following testing and it is working with multiple UD's. It is simple test but it is working as expected. Refer the screenshot.
Note: You have to set the Behavior if the user in Group with filter and without filter.
Read and Write Output
DACS
05-01-2024 12:45 AM
@rjgoss - As far I know there are no restrictions for the UD's. I would recommend reviewing the OS Foundation Handbook that will provide some information. We need to consider the sequencing. When we define the DACS.
05-01-2024 10:18 AM
Yes, I did the sequencing like in that example. Also, none of the examples I've seen use multiple UD dimensions. They always have entity plus something else (I'm counting Intercompany along with entity in the screenshot included). I will add some screenshots of what I'm trying to do to this thread.
05-01-2024 04:33 AM
Can you add some screenshots - what works and hat doesn't work.
05-01-2024 10:37 AM
Logically, this should work.
But as you can see, all UD1 members (second column) are open for editing (this is a partial screenshot, but the others are open too). Only 65 should be open for editing.
And even weirder, if you use either of these, the line shown in the bottom screenshot is open for editing even though the Access Group in the bottom row of the DACS setup should NOT have access to any UD2 members, of which one is selected in the QuickView POV.
05-01-2024 02:16 PM - edited 05-01-2024 02:18 PM
@rjgoss - I tested with the following testing and it is working with multiple UD's. It is simple test but it is working as expected. Refer the screenshot.
Note: You have to set the Behavior if the user in Group with filter and without filter.
Read and Write Output
DACS
05-01-2024 02:38 PM
Does it work if you remove the Entity and Account filters in your screenshot and put the UD2 dimension on the columns? That is more similar to what I am needing to do.
Thanks.
05-01-2024 03:08 PM
05-03-2024 04:53 PM
Thanks for the assistance. It's definitely not as straight forward as one would think. To add a bit more for anyone reading this, when adding back the security, you need to use all the dimensions in each row of the DACS.
This doesn't work:
Remove UD1 from everyone.
Remove UD2 from everyone.
Remove UD3 from everyone.
Add back all UD2 to a group that the user is in.
Add back specific parts of UD1 and UD3 to a group the user is in.
This works:
Remove UD1 from everyone.
Remove UD2 from everyone.
Remove UD3 from everyone.
Add back specific parts of UD1 and UD3 plus all UD2 to a group the user is in.
05-03-2024 06:09 PM
Great! Thanks for the update.