IBM Support

Reporting in Cognos Business Intelligence with Cognos TM1 element-level security

Troubleshooting


Problem

You apply element-level security on a dimension, giving users access only to the children and not to the top level node.

Symptom

When a TM1 cube is used as a data source, the folder appears empty in Report Studio or Analysis Studio.

Cause

When the top level node is hidden due to security, the BI OLAP engine presents this hierarchy as having multiple roots (the highest elements which remain visible). To handle multiroot hierarchies, the members folder is populated by asking for all the elements at level 0. Because no elements are visible, an empty member tree is shown. (For level-based hierarchies, the root level's member folder is also empty, but subsequent levels are not.)
Multiple security settings in the same TM1®/LDAP group are not supported, that is, TM1 does not support user-based security. If two users from the same group are assigned different security rules, the group security connection reuse will result in unexpected results based on conflicting security settings.

Environment

The following describes more TM1-specific behavior you may see when reporting in IBM Cognos Business Intelligence with TM1 element-level security settings:

Rollup values remain unchanged

In TM1®, the value of a non-leaf member does not change if some or all of its descendants are inaccessible.

Inaccessible non-root members

If a member is not accessible, but its parent is accessible, then all of the descendants will effectively become inaccessible.

Members with no accessible children

If a member is accessible, but none of its children are accessible, then the hierarchy is in effect unbalanced, and all documented cautions about reporting against unbalanced hierarchies apply.

Inaccessible root members – parent-child hierarchies

In a parent-child hierarchy, if a root member is inaccessible, the highest level accessible descendants effectively become root members, with level ordinal 0, and the level ordinals of their descendants are adjusted accordingly. This may result in the hierarchy becoming unbalanced.

Inaccessible root members – level-based hierarchies

In a level-based hierarchy, if a root member is inaccessible, the entire hierarchy becomes inaccessible in the insertion tree.

Resolving The Problem

If you are using BI version 10.2.1.1 IF3 or higher and TM1 version 10.2.0.1 or higher, then you can resolve the issues as per technote 1660287.

To resolve the security issues in earlier versions, move the users out of the group and create a new group with the modified security.

Related Information

technote 1660287

[{"Product":{"code":"SSEP7J","label":"Cognos Business Intelligence"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Component":"--","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF010","label":"HP-UX"},{"code":"PF016","label":"Linux"},{"code":"PF027","label":"Solaris"},{"code":"PF033","label":"Windows"}],"Version":"10.2;10.1.1","Edition":"","Line of Business":{"code":"LOB10","label":"Data and AI"}}]

Document Information

Modified date:
15 June 2018

UID

swg21616537

Page Feedback