Security Setup for Contractor ID
Hi All, qq--is there a way to disable SSO login for one account. we have one user created in OneStream as a contractor, and now we want to enable that user to login to OneStream application without SSO. Our OS app is configured with SSO sign, so we get a code whenever we login, but i wanted to overcome this to the Contractor id, is there any way that we can disable the SSO login. Any Suggestions pls. Thanks in Advance. Thanks Satish P
Ensure users see error logs for specific app
Hi everyone, I have one environment with two apps. The users of one app cannot access the data of the users of the other app, and viceversa. I created 3 groups, one to assign the system roles that both teams need (es: error log) to both teams, and the other two to assign all the application roles of each app to specific teams (team1 will have access to all application roles within app1, and the same for team2 and app2). now I would need to make sure the users of one app can only see the error logs generated by app1, and not the ones generated by app2 (and the same for the users of team2). is that possible? Thank you!Who should be the OneStream application administrator?
The skill set needed to administrate an OneStream application is very valuable. Luckly you should not need to look farther than the team you have that supports the application. Not only the key resource for your project but also identifying the right person to support your application after you have taken it live, but the administrator is also critical to the system. The most common questions people seem to ask are first, where should this person sit? No, not where should they physically sit, but should the person be in an IT role, or a Business Functional role? I think the question comes from the fact that at some point they have seen some scripting, and that means coding, and that usually means an IT person. The reality is that the level of scripting is that of writing a macro in Excel. This really is not programming. So, it is easier to teach a businessperson how to write these types of scripts, than it is to teach an IT person debits and credits. Frankly, there are accountants who don’t know debits and credits out there. The administrator needs to know enough to ask the next question. That person needs to understand ‘what is the end game’, so they can think of that works within the whole system. For example, let’s say a business user comes and asks for a roll forward to be added to the application. They are very specific about what they need and the accounts. A good administrator who understands the business process will think to ask about a validation to reconcile it to the trial balance. They will ask about the filings or management reports that are impacted. They will also know who in the accounting team might need to weigh in on who should have access, if it is something all sites need to do, and how it impacts the close. It turns out, adding accounts and updating a roll forward is a very small part of the request. The second question people ask all the time is, ‘how much time is this going to take?’ that is when I give my safe consulting answer, ‘It depends’ (that answer gets me out of so much trouble, I frankly don’t know what I would do without saying it) Still, it is the truth. It does depend. It depends on who the administrator is in your company. If the person understands the close process, and what users really need, they spend less time trying to understand how people are using the system. It depends on how much work you took on during the project. If you only loaded one year of data, they will be pretty busy loading data for months later. It depends on your company. Is the company culture one that requires buy in from users, and fills days with meetings of large groups of people who need to reach a consensus? Then it will be much longer. Most administrators have another job. They are not only the OneStream administrator. I get the chance to talk to auditors at different companies, and when I tell them what I do, we start talking about OneStream. Many have told me when they had a question about the consolidation; they found the only person who really knew how it was calculated was the OneStream administrator. Even if the administrator doesn’t know the way it “should be” done they know how is “currently being” done. So, think about the person who you are having do that work. They become not only critical to the application, but critical to your close and your businessTask Manager Auditor / View Only Access
I have a requirement to setup auditor (view only) access within the Task Manager solution. Unlike Account Reconciliations, there isn't a dedicated Role within the Global Options settings of the solution. My initial thought was to assign an Auditor role to the "Viewer Group", however this would require every single task to have the role assigned. Does anyone know of a better solution, or do we actually have to assign the viewer group on all 2,000+ tasks? E.g., regarding assigning the auditor role to the viewer group.
