Primary employee/position hierarchy based security is widely used in many CRM subject areas, such as Sales, Marketing and Partner Management. For Siebel data source, CRM BI shares the same concept of Position and Position Hierarchy as they are defined in Siebel application.
Primary Employee/Position Hierarchy Based Security control starts with user's login and the login's level in the position hierarchy. User's login is then compared with the login defined at that particular level in position hierarchy as data filter in queries. By this way, user is granted with data visibility to the transactions as direct owner and the transactions owned by his/her subordinates.
In CRM Siebel Forecasting Analytics, in addition to the position hierarchy, more data visibility is granted to the login user via 'Indirect Sales Hierarchy', which is originally defined in Siebel Forecasting application and brought over to DW by ETL.
Configuring Resource Hierarchy Based Security
There are two session variables used in 'Primary Employee/Position Hierarchy Based Security' for Siebel.
USER is the Oracle BI Enterprise Edition system session variable, which is populated automatically when an user logs onto BI.
HIER_LEVEL contains level defined in position hierarchy that the login user belongs to. This variable is initialized via the session Init Block 'User Hierarchy Level'.
BI Duty Roles Options
All the primary employee and position based security roles should be defined as member of the internal role 'Primary Employee/Position Hierarchy-based Security'. In the default configuration, 'Primary Employee/Position Hierarchy-based Security' has the following members.
Partner Sales Rep Analytics User
Partner Service Rep Analytics User
Pricing Manager
Primary Owner-Based Security
Sales Manager Analytics
Sales Representative Analytics
Usage Accelerator - Sales Manager
These duty roles also control which subject areas and dashboard content the user can get access to.
To define new groups and mappings for users and BI roles, see How to Define New Groups and Mappings for Users and BI Roles.