Professional Documents
Culture Documents
Goal: Review and Record The Hierarchy of Security Roles Owned by A Particular Fusion Applications BI User
Goal: Review and Record The Hierarchy of Security Roles Owned by A Particular Fusion Applications BI User
Goal: Review and Record The Hierarchy of Security Roles Owned by A Particular Fusion Applications BI User
Security Roles can be reviewed using OIM and APM, although they are not configured using thgse
utilities. To document the role hierarchy, screenshots are used, up to FA 11.1.8.
At various levels these roles may have been customized, so what is needed is an analysis of
which roles the problem user is using. Caution: not to pick the seeded roles, if you user is
assigned custom roles
When you take screenshots, if the list is too long for the screen.....typically you may need to scroll
down, and then take a second screenshot
- User (*Note that for HCM the User is never associated directly with a Job Role but with a Data Role)
- Duty
(Application) Roles (may be seeded or custom)
Duty Roles
For HCM BI to work, each Duty role must be represented in each of the hcm and the obi stripe (the
same Duty Role resides in BOTH stripes. In the hcm stripe this Duty Role will have a child xxxx
Reporting Data Duty. In the obi stripe this same Duty Role will have a child Bixxxxx duty role
(usually BIAuthor).
Duty Rolesfor HCM will appear like this in APM:
Hcm
- Duty Role
- Duty Role...etc
obi
- Duty Role
- Duty Role..etc
Suggested Steps
1. Before you review the roles, understand which job role and duty roles are needed for accessing the
Subject Area. The OTBI User Guide
(http://docs.oracle.com/cd/E36909_01/fusionapps.1111/e38447/frameset.htm?toc.htm)
lists the seeded roles, but your company might have a custom version such as
2. Using OIM, ask your Security Administrator to review and screenshot the security Data Roles
assigned to the problematic User. These will be custom roles which map to your company's data filters -
they are unique to your company
3. Review and Screenshot the Job (External ) Role(s) which are children of the Data Roles
4. Request your security Administrator to connect to APM
Search for "External Roles" for the Job (External) Role(s) from step 3. eg YourCo Compensation
Manager, review and take a screenshot
Double click the Job Role (make sure you have picked the right the one owned by the Data Role
owned by the problem user, it may be the seeded role or it may be a custom job role)
5. On the External Role Hierarchy tab
Review and Screenshot that the Job Role inherits
AND
7. Review and Screenshot that it contains the Duty Role as listed in the User Guide eg Compensation
Transactional Analysis duty (HCM) . Note in the "hcm" sub-hierarchy , "(HCM)" is appended at the
end of the Duty role name.
8. Review and Screenshot that the " xxx Transactional Analysis Duty (HCM)" contains one or more
reporting data duty eg "xxx Reporting Data Duty"
Expand the "obi" sub-hierarchy
9. Review and Screenshot that it contains "xxx Transactional Analysis Duty" and it has a child which is
a BI Application role (typically "BIAuthor")