Cube | Data Access | Data Cell Access Security/Slice Security by U1#Geography
Data Management Access Security Please share your expertise to set up a Cube's Data Cell Access Security / Slice Security to limit data read access as outlined below: Dimension: U1# - Geography Total_Geography = Child 1 + Child 2 = Total / Top North_America = Child 1 / NA International = Child 2 / Int'l Slice Security: Access Level - Read Data by Geography - in a CV and a QV Total_Geo_Data = Read Total data | Read NA data and Read Intl data NA_Data = Read NA data | no data access = International and Total Intl_Data = Read Int'l data | no data access = North America and Total TY for your practical advice - SMEs.
Data Cell Access Security (Slice Security) has stopped working after we upgraded to OS v8.5
Hi, After we recently upgraded to V8.5 , it seems the slice security has stopped working. Can anyone suggest what would have gone wrong? Cube Data Access Security for Entity is True The parameters are set as User is in group and Data cell in the Filter -> Apply access and stop (Read Only) User is in group and Data cell is not in the Filter -> Apply access and continue (No access) User is NOT in group and Data cell is not in the Filter -> Apply access and continue (No access) In the Account filter , am passing 1 account say Sales but when am checking the access , user is able to access all the accounts. There is no other security available in this particular base cube other than this
Restricting Data Loads Outside Workflow Time Period – Excel Quick View / XFset
Hey Team, I’ve observed that users are currently able to load data via Excel/Spreadsheet tools (Quick View / XFset) beyond the defined Workflow Time Period range for any scenario. This behavior persists even after setting the following Application General Properties to False: Allow Loads Before Workflow View Year Allow Loads After Workflow View Year Despite these settings, the restriction does not seem to be enforced, and users can still submit data outside the intended time range. Could you please advise if there are additional configurations or security settings required to fully restrict data loads outside the Workflow Time Period—especially when using Excel-based tools? Any guidance or best practices would be greatly appreciated. Best regards, Yogesh Kumar Goyal
Looking for a security report
Hi all, Does anyone know if the standard OS security audit or application dashboard reports present a way to determine all of the objects within a OneStream application where a particular Security group is used? For example - let's say I have a grp called "E_WF_specialUsers" and I want to better understand where this group is used within my application (i.e. is it attached to the display group of certain user dimensions, or account members, or workflows, cube views, etc.). I can't seem to find anything that does this within OS but want to make sure I'm not missing something here. Thanks in advance, K.
Spreadsheet tool in v8.5 - does it work?
Trying to confirm if the spreadsheet tool in v8.5 is working for anyone in the following manner... Created dashboard with the spreadsheet tool. The page renders fine... However, when doing something as simple as Save As, the following message is generated. Excel file is defined in the configuration. One client mentioned this, so I tested this on another client with the same results. Heard this is fixed in v9.0. Is this correct or am I missing something? Thanks for any input! Ed PuenteSecurity: Question - Control access to a Scenario
Hi all, I'm hoping someone can see what I'm doing wrong here. First a question: Is Scenario access cube specific? Let's say I have 4 cubes. Currently all 4 cubes give a user access to all Scenarios. If I restrict access to a specific scenario for that user in one cube, does that restriction apply across all cubes? I would assume No - am I wrong? I've been trying to set up restricted scenario access to a group of users in a certain cube. I don't want to touch overall security for the Scenario because there are multiple regions that need access. I've tried to set this up via Slice security (Data Access directly on the Cube) by using a Where clause in the Scenario definition for every group identified in the Data Access (i.e. Planning.Base.Where(Name DoesNotContain X). This doesn't appear to be working. The User themself, has access to multiple cubes and there is no restriction to that scenario in those other cubes. So is it all or nothing? Like do I have to go into the slice security for EVERY cube and restrict access to that scenario in order for this to work? Can't think of another way to resolve this but to modify the Scenario access for every Data Access group in every cube will be a lot of work. Hopefully my question makes sense and thanks in advance for any guidance here.
Hybrid Scenario – Pre-Aggregated Member Setup for Entity Summarization (V8.4)
Hi Team, I’m working on a Hybrid Scenario setup where the goal is to copy data from a source scenario to a management (MGT) scenario. This allows the MGT team to work with the data independently, using their own workflow with high-level access. So far, the base data copy works well. However, I want to summarize entity data in the target scenario so that users only see Entity parent nodes, while maintaining visibility of all other 17 dimension members (Account, UD1-UD8, etc.). To achieve this, I tried creating a dummy parent member (Entity X) in a new Entity dimension that mimics the top-level parent from the legal entity hierarchy (Entity Y). My intention was to use this structure in the Pre-Aggregated Members field in the Hybrid Scenario configuration, effectively copying: Entity X = Entity Y Unfortunately, this method worked successfully in Version 7.4, but does not appear to function as expected in Version 8.4. Maybe in version 9.0 +, we can successfully configure pre-aggregated entity mappings for Hybrid Scenarios? Can we customize this to version 8.0 and above? Would appreciate any advice or examples from the community if you’ve made this work in your applications. Thanks in advance! Chris
