Focal Point
Beginer's question on MRE

This topic can be found at:
https://forums.informationbuilders.com/eve/forums/a/tpc/f/7971057331/m/5621087331

May 20, 2004, 05:36 PM
<pranas>
Beginer's question on MRE
Hello gurus,


Is it possible to restrict MRE user group to see only dedicated synonims?

How?

That kind of auhentication possible? Is LDAP authentication mandatory?

Some examples?

Thanks,
Pranas
May 20, 2004, 07:16 PM
webfocuspgm
You might want to give a little more information in your post - Like what version are you using and when you say restrict is that to do adhoc or just run a standard report.

We are currently using 4.3.6 and I control access to the Master Files for adhoc purposes by setting up reporting objects inside domains. A user must be a member of a domain to access the reporting object to run an adhoc.

I know that you can also restrict access to master file descriptions by hardcoding id information in the master itself. Seems maintenance intensive to me but if that's what is needed.
May 22, 2004, 07:55 AM
<pranas>
Hello webfocuspgm,

>Like what version are you using
5.2.5
>when you say restrict is that to do adhoc or just run a standard report.
Users must be capable to perform adhocks only from subset of available synonim.
There should be couple of user groups/domains with different subsets of fields.

>We are currently using 4.3.6 and I control access to the Master Files for adhoc purposes by setting up reporting objects inside domains.
>A user must be a member of a domain to access the reporting object to run an adhoc.

Thanks. I'll try that. Seems promising.

>I know that you can also restrict access to master file descriptions by hardcoding id information in the master itself.
>Seems maintenance intensive to me but if that's what is needed.

It seems very maintenance intensive Frowner

Thanks for advice,
Pranas
June 04, 2004, 09:52 PM
Denver RSE
Pranas,

You can restrict users to Domains and Groups from within the MRE User Administration.

You will probably want to create Reporting Objects within said domains - that way only users with access to the domain can use the Reporting Object to create their own Ad-Hoc reports.

Additionally:

Cool Users can have differnt types of access inside a domain (i.e. HTML user (run only), ANALYTICAL user (ad-hoc), Schedule, Advanced, etc.

Cool There are also Groups within User Administration, so a user can have access to one or many Domains, and also be part of one or many Groups, thus allowing even more flexibility.

Cool Metadata Security. While this might appear to add a LOT of maintenance, this is typically not the case. Let's say you have two users running an HR Salary Report. One user is new, the other is "senior". You don't want the "new" employee to see salaries over a certain amount. The "senior" employee can see everyone's salaries.

You can write just one report to satisfy both needs by using DBA security in the metadata by creating an exception rule for the new employee (i.e. where user "new" SALARY LE XXXXX).