Exporting Access Permissions
The ExportSecurity
utility exports Oracle Hyperion Planning access permissions to the SecFile.txt
file, enabling you to export and import access permissions across applications (see Importing Access Permissions). For the specified user or group (or for all users and groups if you use only the mandatory parameters), the ExportSecurity
utility exports access permissions to these artifacts: members, forms, form folders, task lists, business rules, and business rule folders. ExportSecurity
appends an artifact type flag that specifies whether the exported artifact security is for a form, composite form, form folder, task list, business rule, or business rule folder.
Notes:
-
If you specify only mandatory (not optional) parameters, all access permissions to all artifacts for all users and groups are exported. You can limit the export by specifying a member parameter (but only one member-based parameter).
-
You can specify the optional parameters in any order.
-
You can use only
/S_USER
or/S_GROUP
, not both. -
Use the
/S=
searchCriteria parameter to specify users and groups with the same name. -
Running the utility creates a file named
SecFile.txt
, which contains the exported access permissions.
To export access permissions from Planning to a text file:
Also note:
-
If a member, user, or group name contains a character used as the delimiter, the name is enclosed in double quotation marks. For example, if a space is the delimiter, the name
South America
is enclosed in double quotation marks:"South America"
. -
Because commas are used to separate parameters, if a parameter contains commas (for example,
Kravets, Diana
), precede it with a backslash. Also use backslash to escape the backslash from the command prompt. In this example, use two backslashes:/A=Kravets\\,Diana
-
The
ExportSecurity
utility does not support exporting access permissions to task lists for administrators, so you must manually add such records to theSecFile.txt
file before you can import them.
Understanding the export file:
Item | Description |
---|---|
user or group |
The name of a user or group defined in Oracle Hyperion Shared Services Console. |
memName |
A member in the application. |
access permissions |
READ, READWRITE, or NONE. If there are duplicate lines for a user name/member name combination, the line with READWRITE access takes precedence. For Oracle Hyperion Calculation Manager business rules and folders only: Access permissions are specified as either NONE or LAUNCH. |
Oracle Essbase access flags |
Security implementation for these functions is identical to Essbase. |
artifact type |
After each line, the utility appends the artifact type:
Note: If you manually create the |
For example, an exported file might contain these lines:
User1,DataForm2,READ,MEMBER,SL_COMPOSITE
User2,Folder3,READWRITE,MEMBER,SL_FORMFOLDER
User3,DataForm4,READWRITE,MEMBER,SL_FORM
"North America",Account101,READWRITE,MEMBER,SL_CALCFOLDER