EPM System enforces application- and artifact-level provisioning to ensure application and data security. Access to each EPM System application is restricted by provisioning users and groups with application roles. Typically, a Shared Services administrator uses the Shared Services Console to provision users and groups to EPM System applications.
Some EPM System applications can create their own artifacts; for example, reports and calculation scripts that belong only to the application. In most cases, access to application artifacts can be controlled by provisioning application users and groups. For example, you create Oracle Essbase filters and calculation scripts using Oracle Essbase Administration Services Console or MaxL. Typically, a Shared Services administrator or the EPM System application administrator uses Shared Services Console to initiate the artifact provision process.
Shared Services Administrators can provision groups and users with roles from all applications. Application Administrators can provision groups with roles from the application for which they are administrators.
Before starting this procedure, ensure that the required servers and applications are running.
To assign application-specific access permissions:
Launch Shared Services Console. See Launching Shared Services Console.
In the View pane, expand the application group that contains the application for which you want to assign access permissions.
Right-click the application and select Assign Permissions. This option is available only for applications for which access permissions can be set.
The Assign Preferences tab for the selected application is displayed.
Note:
If the application is not running, an error message is displayed when you select the application. Restart the product server and refresh the View pane by clicking View, and then Refresh to access the application.
Assign access permissions. See EPM System Roles for a list of product roles.