1. User Security Administration Guide
  2. Managing Provisioning
  3. About Provisioning
  4. Overview of Provisioning Steps
  5. Provisioning EPM System Users

Provisioning EPM System Users

You must provision users with application roles to allow them to access Oracle Enterprise Performance Management System applications. Functional Administrators and Provisioning Managers perform the following steps to provision users and groups:

  1. From the Oracle Hyperion Shared Services Console, identify and select the users (or the groups to which they belong) who need access to the EPM System. See Searching for Users, Groups, Roles, and Delegated Lists.

  2. Assign roles that allow users to access EPM System components. For example, all Oracle Essbase users should have the Server Access role for the Essbase Cluster (by default, EssbaseCluster-1). See Provisioning Users and Groups.

    EPM System roles are described in EPM System Roles.

  3. Assign application-specific roles that grant access to the functions of EPM System applications. For instance, Essbase application Esb_App1 provides the Calc role, which can be assigned to users who must work with Calc scripts of Esb_App1.

    These roles are assigned on a per-application basis. For example, roles from Essbase application Esb_App1 allows users to access functionalities in Esb_App1 only.

  4. Using a product administration screen, assign access to the artifacts managed by the EPM System application.

    You can launch the administration screen of some applications from Shared Services Console using these steps:

    Artifact-level access control allows administrators to fine-tune access to application objects. Because these access privileges are by design more granular than application roles, you can use them to restrict the access rights that were granted using roles.

    1. In the View pane of Shared Services Console, expand Application Groups.

    2. Expand the application group node that contains the application.

    3. Right-click the application to provision.

    4. Select Assign Access Control. A product administration screen, which is not a part of Shared Services Console, opens.

    5. Provision users.

    Artifact-level access control is explained in the Administration Guide of the EPM System product.