Local User Access when SSO turned on or need to set WF for local user when you can't access user.
in our initial design we have a local Admin user - OS_Admin that runs all our DM and Scheduler jobs. This was a local Admin user that pwd never changed (IT requires all AD users to change pwd's and we have too many embedded scripts with pwd for this to work). When we migrated to V8 and the new SSO security structure was applied, we found that keeping the option for manual user sign-in created more issues for our SSO users than we could justify so we have stopped being able to sign in as this user. Issue: We have logic that is pointing to the Global and this user's settings that drive most of our activity. In the short-term I have changed the User based settings to point to my user but I need to get away from that. Need: I need to be able to sign-in as the local user to set the POV for WF (Scenario, Time, WF) OR is there a way I can change that from my Admin user. Don't care either way, just need the result to be that the OS_Admin user's POV is updated.21Views0likes3CommentsCube | Data Access | Data Cell Access Security/Slice Security by U1#Geography
Data Management Access Security Please share your expertise to set up a Cube's Data Cell Access Security / Slice Security to limit data read access as outlined below: Dimension: U1# - Geography Total_Geography = Child 1 + Child 2 = Total / Top North_America = Child 1 / NA International = Child 2 / Int'l Slice Security: Access Level - Read Data by Geography - in a CV and a QV Total_Geo_Data = Read Total data | Read NA data and Read Intl data NA_Data = Read NA data | no data access = International and Total Intl_Data = Read Int'l data | no data access = North America and Total TY for your practical advice - SMEs.Solved136Views0likes2CommentsSetting "Logon Activity Threshold" on cloud environment
Hello, we need to turn on the "Logon Activity Threshold" on our OneStream cloud instance. I have looked at the documentation and I believe the information there regarding this is for on-prem installations (it involves editing configuration files). I do see this on the cloud application: Is this where you set this on cloud? If so, is this enough to prevent the users from accessing the instance if they don't log on in the required interval? (I ask this because of this post: Automated process to disable users based on Inactivity Threshold / Remaining Allowed Inactivity | OneStream Community) Thanks in advance.Solved39Views0likes1CommentLocal Server Installation - Login Error
Hi All, Finished the installation of the databases and webserver on the machine, following the installation guide it reached a point where it told me to test the application and login for the first time using preset credentials. I tried inserting the standard credentials but I would get the error message "Unable to log on user 'Administrator'. The password was reset and needs to be changed." and it does not allow me to change the password (see screenshot below). This is a fresh installation and the standard credentials were never used before, did some error occur during the installation or is there something I have to do to make it work correctly? Any help would be greatly appreciated, Alberto30Views0likes0CommentsAdmin Security Role?
Hi, wondering if anyone has created something like an "Administrator-lite" role that gives the user an ability to do 90% of actions in the tool, but stay away from things like fx, mapping changes, and data loads. I really just want these users to create cube views and reports only without giving them keys to everything else. Would this be solved by adding a new group, or any other recommendations on how to solve? Thank you!41Views0likes1CommentOneStream Administrator Native User
Hi, Does OneStream require the OneStream provided 'Administrator' security user? Can you tell me why it's required and how it is used? Administrator is a Native account, and our audit department wants our users to be SSO. What would be the impact of changing the Administrator user account from Native to SSO? Thanks!Solved99Views0likes6CommentsManaging Application Secrets
Hi all, While getting into OS, I'm trying to figure out how to leverage on its framework... And I have a question related to secrets management. Let's say that - at application (workspace?) level - I need to access to a remote service that requires an OAuth token (or user/pass tuple, or whatever I need to keep away from user's eyes - and fingers). The above mentioned secrets should be (visually?) managed by an administrator. Does OS offer something out-of-the-box to accomplish this task ? And, in case, can we leverage on some API to retrieve secret data ? Thanks for Your answers. FabioGSolved102Views0likes4CommentsAll entity security settings set to "Nobody", yet non-admin user stills sees data for entity
Hi, I have set all security settings on an entity to "Nobody" and yet when I see a dashboard using a non-admin user I still see data. The same when using a spreadsheet. This does not make sense to me. What am I missing?Solved95Views0likes9CommentsCube Data Access Security Troubleshoot
If a user is part of a security group with the below "Data Cell Access Security" filters, does that mean they would only have access to "Ent_3200"? For some reason this user is still able to see all base entities however they are still restricted from TOP? Why would the "E#TOP" filter be correctly restricted, but E#top.base not be restricted?64Views0likes2Comments