In CMC, do we have any standard process to setup the security? I understand it depends on the company and their Business use.
But want to know how its been standardized in different companies across BOB users? For example, I have setup earlier as Novice user and Power user, my current company has different setup. So want to know some good practice on this which also helps the admin to maintain on longer run.
okay… Let me be more clear on my question. I am interested in the groups. Do you all have Single or multiple group associated for each Universe?
For example, you have three Universe: Universe A, Universe B and Universe C. Groups like X and Y. Scenarion 1: Users in Group X wants to have access to A and B. Will you make Group X to be part of A and B? Scenario 2: will you create New Member Group Z and give it access to B?
Currently in my company they follow Scenario 1 and I am facing big problem in applying Security restrictions(Object level) at the Universe level. So I am interested in knowing how it is being setup in your org to give them a proof of concept.
I usually use folders to organize and secure my universes. In XI R2 you can create a folder using Designer. In 3.x you can use Designer or the CMC. I then create at least one group per folder and apply the security at the folder level. Custom Access Levels are definitely your friend in this case. Some people think this is too much work but I disagree. I think you can setup a very precise security model in this way. I also believe that if you put some thought into your group naming convention that it can be easy to figure out exactly what users can do what on the system (without using the View Security feature in the CMC).
I’d like to hear what others are doing as well though as I feel that I am constantly learning new and better ways of doing things.
Thats always a better way to do it. In my previous company we do it by categories where members are part of these categories (group). But in current company (where there are more than 1500 users), groups are alligned based on Universes. Single universe got more than 3 to four group associated with it. And I am planning to clean it up and bring it in a better way based on everyone’s reply.
And I am waiting to hear good practise and what others use and suggest. …
Regarding universes I always work with a one to one matrix. I mean for every single universe folder I create his twin group unv 1 folder and unv 1 group. The only group except administrators who have some rights on that folder is that specific group. That’s why I am talking about a one to one security matrix! There are rights only in the diagonal of the matrix!
Then it’s just a question of groups links. Every time you need to give the right to use a universe for a funtional group you simply need to add this group to the corresponding unv x group …
Easy to manage, to query, to troubleshoot, to maintain …
(BOB member since 2008-11-09)
in applying Security restrictions(Object level) at the Universe level. So I am interested in knowing how it is being setup in your org to give them a proof of concept.
…
(BOB member since 2008-11-09)