Forum Discussion

bmoening's avatar
bmoening
New Contributor
2 years ago

Invalid Intersections on all lines of a data load

Hello,

I am trying to limit the access of certain entities so they they can only see there own entites, i have it set up on the entities, cube, and the workflow profile so they have their own groups for each of their own set of data. The only issue is when they load their text files it is fine but when they run the transformation rules every line shows up as an invalid intersection and the error message is "No Security Access" for each line. I saw an article that recommended going to data access on the cube but i tested them empty and i tested them with what i thought the escalation rules should look like with no luck. So i wanted to see if anyone had any other ideas on possible solutions or where i might be wrong.

Thank you

Cube Security
  • Omkareshwar's avatar
    Omkareshwar
    Contributor II
    2 years ago

    Hi bmoening, 

    When it comes to OneStream, you've got a bunch of security check points to keep in mind. It's important to stay in sync at every step, starting with Cube, then Entity, Scenario, Account, and Workflow. Take a moment to double-check your security groups and make sure everything is set up properly. OneStream won't let anything slide if there's a security hiccup along the way. To get to the bottom of it, you can dive into all the different security options available in OneStream.

    So, let's kick off with Users and groups, then move on to Cube Security, Entity Security, Scenario Security, and Workflow.

    Thanks,

    Omkareshwar

  • NickHymes's avatar
    NickHymes
    New Contributor III
    2 years ago

    Interesting, i wonder if you have the security access set to “view” only? Then they wont have access to actually upload data through their dedicated workflows…

    • bmoening's avatar
      bmoening
      New Contributor
      2 years ago

      That is actually a good call out because i didn't check it down to the user level before posting but sadly that was not it, It does let them load it just fails at the transformation step. Thank you though

      • NickHymes's avatar
        NickHymes
        New Contributor III
        2 years ago

        If you have already set up security groups for entities, cubes, and workflow profiles in OneStream to restrict access to specific data, but you are still encountering "No Security Access" errors when running transformation rules, there are a few potential issues to consider:

        1. Data Access settings on the Cube:
        - Ensure that the cube's Data Access settings are configured correctly to align with the security groups you have defined. Check if the security group associated with the user running the transformation rules has appropriate access permissions for the relevant dimensions and members in the cube. You can review and modify these settings in the Cube Editor within OneStream.

        2. Dimensional Security:
        - Check if you have implemented proper dimensional security in OneStream. Dimensional security allows you to control access to specific members within dimensions. Ensure that the dimensional security settings align with the security groups assigned to users, so they have access to the necessary dimension members required for the transformation rules.

        3. Data Access Settings in the Workflow:
        - Verify that the workflow profile associated with the transformation rules has the correct data access settings. In the workflow profile, ensure that the security group assigned to the user running the transformation rules has appropriate access privileges for the required entities and dimensions.

        4. Escalation Rules:
        - Confirm that the escalation rules in OneStream are configured correctly. Escalation rules help determine the effective security access rights for users based on their group assignments. Double-check if the escalation rules are properly configured to assign the expected security groups to users.

        5. Analyze Transformation Rule Execution:
        - Enable the OneStream debug mode for transformation rules and examine the generated log files. The log files may provide more detailed information about the specific security access issues encountered during rule execution.

        Hope this helps.

        Thanks,

        Nick Hymes

        Archetype Consulting

  • ChrisLoran's avatar
    ChrisLoran
    Valued Contributor
    2 years ago

    Are we sure that each Workflow Profile has their own entity assignment? And the source files that are being imported are limited to only those entities?

    • Omkareshwar's avatar
      Omkareshwar
      Contributor II
      2 years ago

       

      It seems that the issue mentioned is related to a security access error. If the error were due to entity assignment, a different error message would have been received. It would indeed be intriguing to delve into the debugging process to resolve this matter.

      Thanks,

      Omkareshwar

      Acrhetype Consulting