Presentation is loading. Please wait.

Presentation is loading. Please wait.

Oracle HFM Implementation Boot Camp

Published byAmie Dorsey Modified over 8 years ago

Similar presentations

Presentation on theme: "Oracle HFM Implementation Boot Camp"— Presentation transcript:

1 Oracle HFM 11.1.2.2 Implementation Boot Camp
Presented by Saravanan Singaravadivelan Developed by Saravanan Singaravadivelan Senior Consultant Qubix International Ltd

2 V. Security

3 Shared Services Security
Shared Services is a separate module that supports the Hyperion EPM suite. Provides user management, user provisioning, and external authentication definition. Provisioning refers to the process of assigning roles and access permissions to users for HFM applications. Products that implement Shared Services functionality require access to a Shared Services server running Shared Services client and server software, and to a database dedicated to Shared Services. Provides Lifecycle Management and Audit Reports

4 Areas of Security Users and Groups Roles Classes
Can be created in the native Shared Services user directory Externally authenticated users are registered with Shared Services but are still stored in their original authentication directory. Roles When provisioning users, specific roles are granted by the administrator Users are typically divided into groups based upon the role that reflects both the product licensing and the controls/procedures that apply to the users Classes Assigned to metadata items and web components Users/Groups can be granted various access level to classes

5 Shared Services – User Provisioning
Role based Centrally managed security Distributed security model Integrates with external systems When using Shared Service security, all provisioning is done through the Shared Services Management Console. Shared Services provides a centrally managed and distributed security model that will integrate with external authentication systems.

6 HFM Roles for Shared Services
Administrator Roles Application Administrator Default Provisioning Manager User Roles Advanced User Consolidate Create Journals Data Form Write Back from Excel Enable write back in Web Grid Load Excel Data Manage Templates Read Journals Reviewer 1 Save System Report on Server

7 Access Rights for HFM Classes
None No access – user does not see the item Metadata User sees the dimension member User cannot view/edit the data Promote User can see the data for the dimension member User can promote/reject in process control Read User cannot promote/reject in process control All User can modify the item and promote/reject the data These are the permission settings available in HFM starting with the most restrictive at the top (None) down to the Administrator level which allows unlimited access. Filter access can combine the roles between None and All allowing for much greater flexibility.

8 External Authentication
To use external authentication, you must have an authentication directory containing corporate user information. The following types of authentication repositories are supported: Lightweight Directory Access Protocol (LDAP): IBM Tivoli Directory Server 6.1 Sun ONE 5.2 SP4 Novell eDirectory 8.8 OpenLDAP Microsoft: Microsoft Active Directory 2000/2003 Microsoft NTLM The following is the list of authentication systems currently supported by Shared Services <read list>

9 External Authentication – cont’d
SAP Directory: Enterprise Portal 6 SP16 or 7.0 Netweaver BI (SAP BW) 3.5 or 7.0 SAP R/3 Enterprise 5.0 Identity management systems: Oracle Internet Directory and higher Oracle Virtual Directory and higher Oracle Access Manager and higher Oracle Application Server Single Sign-On Oracle Identity Manager and higher Netegrity SiteMinder 6 The following is the list of authentication systems currently supported by Shared Services <read list>

10 Foundation Services Shared Services Technical Architecture
Client Browser (JavaScript) Client (WebDav) Custom Application XML/HTTP WebDav Java/Web Server Struts Framework WebDav Servlet Security Abstraction Layer Metadata Abstraction Layer Security Client Content Management Service Shared Services has a 3 tier architecture, requiring a relational database repository and authentication system at the data level. If no external authentication system is available, Shared Services uses OpenLDAP for its authentication. The server has a number of low level services and sits within a Java application server. Tomcat ships with the installation. Client access is browser based to the Management Console. LDAP/WIN32 API JDBC Native External RDBMS OpenLDAP LDAP MSAD NTLM

11 Lifecycle Management Consistent, repeatable movement of apps, cubes, repositories or individual artifacts between development, test & production. User interface & command line capabilities. Auditing & application comparisons. dev test prod Supported through Shared Service Console 11 11

12 Exercise: Security

13 Main Steps: Lab 4 Create users/groups Provisioning users/groups
Creating and assigning classes Extract and load security Migrate application using LCM

Download ppt "Oracle HFM Implementation Boot Camp"

Similar presentations

Agenda 2 factor authentication Smart cards Virtual smart cards FIM CM

Agenda 2 factor authentication Smart cards Virtual smart cards FIM CM
Welcome to Middleware Joseph Amrithraj

Welcome to Middleware Joseph Amrithraj
95-843: Service Oriented Architecture Material taken from IBM CMU Ref. Architecture Document 1 Master of Information System Management Service Oriented.

95-843: Service Oriented Architecture Material taken from IBM CMU Ref. Architecture Document 1 Master of Information System Management Service Oriented.
FAST Radar System Engineering Overview. FAST Radar Overview –What’s Required? IIS 6.0  With Microsoft.NET Framework 1.1 and SMTP for email MS SQL Server.

FAST Radar System Engineering Overview. FAST Radar Overview –What’s Required? IIS 6.0  With Microsoft.NET Framework 1.1 and SMTP for MS SQL Server.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 5 Database Application Security Models.

Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 5 Database Application Security Models.
Understanding Active Directory

Understanding Active Directory
Building Enterprise Information Portal using Oracle Portal 3

Building Enterprise Information Portal using Oracle Portal 3
Chapter 5 Database Application Security Models

Chapter 5 Database Application Security Models
Creating a SharePoint App with Microsoft Access Services

Creating a SharePoint App with Microsoft Access Services
ORACLE APPLICATION SERVER BY PHANINDER SURAPANENI CIS 764.

ORACLE APPLICATION SERVER BY PHANINDER SURAPANENI CIS 764.
Understanding Active Directory

Understanding Active Directory
Copyright 2005 © Persistent Systems (http://www.persistentsys.com)http://www.persistentsys.com 1 Overview of Persistent’s Custom Connector Offering.

Copyright 2005 © Persistent Systems ( 1 Overview of Persistent’s Custom Connector Offering.
Understanding and Managing WebSphere V5

Understanding and Managing WebSphere V5
Understanding Active Directory

Understanding Active Directory
Talend 5.4 Architecture Adam Pemble Talend Professional Services.

Talend 5.4 Architecture Adam Pemble Talend Professional Services.
Matt Steele Senior Program Manager Microsoft Corporation SESSION CODE: SIA326.

Matt Steele Senior Program Manager Microsoft Corporation SESSION CODE: SIA326.
May 30 th – 31 st, 2006 Sheraton Ottawa. Microsoft Certificate Lifecycle Manager Saleem Kanji Technology Solutions Professional - Windows Server Microsoft.

May 30 th – 31 st, 2006 Sheraton Ottawa. Microsoft Certificate Lifecycle Manager Saleem Kanji Technology Solutions Professional - Windows Server Microsoft.
Edwin Sarmiento Microsoft MVP – Windows Server System Senior Systems Engineer/Database Administrator Fujitsu Asia Pte Ltd

Edwin Sarmiento Microsoft MVP – Windows Server System Senior Systems Engineer/Database Administrator Fujitsu Asia Pte Ltd
“This presentation is for informational purposes only and may not be incorporated into a contract or agreement.”

“This presentation is for informational purposes only and may not be incorporated into a contract or agreement.”
Copyright 2007, Information Builders. Slide 1 WebFOCUS Authentication Mark Nesson, Vashti Ragoonath Information Builders Summit 2008 User Conference June.

Copyright 2007, Information Builders. Slide 1 WebFOCUS Authentication Mark Nesson, Vashti Ragoonath Information Builders Summit 2008 User Conference June.

Similar presentations

Ads by Google