cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Pseudo Admin Role

yalixie
New Contributor III

‎09-27-2023 02:41 PM

We created a customized application support security group (Pseudo Admin role) which excludes the accesses of cube view form input, JE create/post and user security provisioning.  This is required by internal control as segregation of duties.  We updated maintenance group setting with this Pseudo admin group in all applicable components. e.g. Workflow profiles, Transformation rule, dimensions, confirmation rules, Forms/JE template, Dashboards etc.  The limitations we confront are that the following components are accessible only to the default administrators.  Can we enable the discrete security settings to those components instead of default to admin only?  Thanks!

  1. System Diagnostic Dashboard
  2. CAT
  3. Extensibility business rules
  4. Database under System tab
Labels:
6 REPLIES 6

JackLacava
Community Manager
Community Manager

‎09-28-2023 04:53 AM

The System / Security page has a System Security Role screen. That contains the "System User Interface Roles" section, which should regulate who can see the pages you mention. If you don't see, for example, "DatabasePage" in that list, either you are in a Cloud environment with some limitations (in which case, talk to Support), or you are on a very old version.

0 Kudos

yalixie
New Contributor III

‎09-28-2023 12:24 PM

Thanks for comments! Jack

We did update "System User Interface Roles" with the Pseudo admin group, but still not allowing the users under this group to access the CAT and System Diagnostic.

Yali

0 Kudos

JackLacava
Community Manager
Community Manager
In response to yalixie

‎09-28-2023 12:34 PM - edited ‎09-28-2023 12:36 PM

Not sure what "CAT" is, but System Diagnostic is a Marketplace solution. Access to that will be governed by the Access Group set on the Maintenance Unit and the Dashboard Group (and the Workspace, in versions 7.3+ and if not in Default Workspace) that contain its Dashboards. Check on the Dashboards page, either in Application or System.

If that doesn't work, or works partially (e.g. the user sees the dashboard, but it doesn't load properly), it's possible the solution itself is doing some check in rules, which might be hardcoded to Administrators. In that case, get in touch with Support.

0 Kudos

yalixie
New Contributor III
In response to JackLacava

‎10-01-2023 10:43 PM

Thanks! Already connected with OS Support.  They will assess and get back. 

0 Kudos

DBLCheck
New Contributor II

‎09-28-2023 12:57 PM

"CAT" or Cloud Administration Tools and System Diagnostics are both Administrator tools. Only a person with Administrator rights can use these tools. 

0 Kudos

JosephChimbolo
New Contributor III

‎12-19-2023 11:08 AM - edited ‎12-19-2023 02:04 PM

@yalixie I see you have answers to most of your questions.   System Diagnostics and CAT require Administrator roles to function.   Due to the nature of Database, access is restricted to full Administrators.  I will look to clarify the System User Interface Role for Database Page.   Lastly, access for Non-Administrators to edit Extensibility Rules was reviewed by Product Management and determined to be functioning as designed, not a defect.  The reason for this restriction is due to the potential impact on the health and performance an application.

Joseph Chimbolo

OneStream Product Advocate

 

OneStream Product Advocate
0 Kudos
Please sign in! yalixie
Community Resources
Training and Documentation
Additional Resources