Understanding Secondary Security Setup
Secondary security setup is optional. You can create a secondary security group to grant users access to dimension members, and you can associate the secondary security group with the activity scenarios. You use a dimension other than your planning center dimension to establish secondary security.
There are two different kinds of secondary security definitions used by Planning and Budgeting, and only one type of secondary security definition can be used at a time by each line item activity in a planning model:
EPM Warehouse security definitions.
Note: The EPM Warehouse security only refreshes the system version. If you copy the system version to another version, then you must manually update that version for any changes made to the system version.
When the EPM Warehouse security definitions are copied to the Planning and Budgeting database the following rules apply:
If a previously copied permission for a dimension value and Planning and Budgeting user have been modified to read-only, this will not be overwritten by the warehouse security.
The default user access for definitions copied from the warehouse is read-write.
The system deletes a definition if it was previously copied from a warehouse security group and it does not currently exist in the warehouse.
The system adds new definitions for those that do not exist in the Planning and Budgeting definitions.
For all the copied warehouse security definitions, only the read and read-write permissions in the Planning and Budgeting database can be modified from the Planning and Budgeting application. You can neither add nor delete dimension values.
Planning and Budgeting secondary security group definitions.