Using XIr3. Put user in group, group has access to folder, universe, universe connection, and webi. No matter what I try, I cannot get the user to see the public folder when they log in.
Check to see if the user is in any other group that has been explicitly denied access to the folder.
If that doesn’t work, then go to the User Security dialog of the folder. View the rights for the group. Click the 'Browse" button at the top left and select your user. The screen will then display the rights that your user has on the folder, and should indicate where the problem is.
None of this has worked. It’s a very simple, clean setup. 1 group, 1 folder with some sub-folders. I am assigning the group view on demand rights to the entire folder. All members of the group are in this group and none other (except for everyone group). I cannot figure out why the group cannot see the folder. When I check the rights, everything is granted- in webi, general, and all parts that apply. Why can’t they see the folder? I even tried going into a subfolder and assigning the same rights on that, but it didn’t work. I have no idea what to do.
I started the rights with the top level folder. In the last release, all I had to do was give rights to the top level folder and the group would have access to all subfolders.
So I granted VOD to the top level folder (and it states that this group has those rights granted), but they still can’t see it. I tried also granting rights to a subfolder, but no luck.
I have to be missing something or incredibly stupid. I did this hundreds of times in previous releases with no problem. They can create a new webi document and have correct access to the universe so I obviously set up rights to connection and universe correctly. It’s just the public folder that they’re missing.
Create User
Put user in Group (user is only in this group)
Give group VOD access to Folder (1 public folder with 5 subfolders)
Give group webi rights to login, view, refresh, drill, etc
I don’t want the everyone group to have VOD to that folder. I haven’t gone in and explicitly denied it, but haven’t explicitly granted it, either. In the previous release, we did deny the everyone group access to this folder.
Grant View access, but set the “Apply To” to just “Object” and not “Sub Objects”. This will allow users to see “Public Folders”, but nothing beneath it (unless, of course, they have appropriate rights there too).
Note that the “Top Level Folder” here is accessed via the Manage->Top Level Security->All Folders menu item.
The folder I am trying to grant access to is one of 5 in the root folder. I don’t want the group to have access to the other 4.
The only way I’ve found to make this work is to give the group access to the top level security- all folders. But then they can see the other 4 and I have to go into each folder and explicitly deny rights for the ones I don’t want them to see.
Then you’ve granted both “Object” and “Subobjects”; this must be just “Objects”. This has to be done in Advanced Rights, sorry if I didn’t make that clear. It should look like the following:
That screenshot is exactly what my everyone group looks like on the root folder for objects and subobjects. I’ve tried denying and granting everyone and the target group and nothing works except granting everyone and target group all folder access and then denying view objects at each subfolder.
You don’t have a standard access level (View, VoD, etc.) applied in addition to the advanced rights, do you? They would both combine to give the result you are seeing.
For one of the folders that your group should not see, pull up its User Security dialog. I’m assuming you’ll see your test group in there some with some form of access level. Click on the access level name (View, Advanced, etc.). This should produce a list of all inherited rights that the user has. Click on the “Source” of any of the rights to see where it’s coming from.