With Oracle’s Business Intelligence suite, administering users, or rather, preparing the various roles a set of users fit into is one of the most important steps you have to take when designing your system.
General speaking, certain users should have the ability in creating analyses, while others should be able to create the dashboards that serve those analyses. Subsequently, a set of users should only be able to view analyses and dashboards and not have any creation ability.
We can even go deeper and have users gain access to specific dashboard or specific analyses, but that is for another post altogether.
Right out of the box, OBIEE comes with a set of roles called, Application Roles, that aim to serve those main functions. There is the BIAdministrator that does what an administrator is supposed to… anything and everything under the sun. The BIAuthor is able to create dashboards and also create analyses. Finally, the BIConsumer is a role where the user can only view existing dashboards and analyses.
There is also an additional role that can be created called BIAnalyst. This role enables the user to create an analyses, but not the dashboards and also has viewing privileges like the BIConsumer.
To create a new user, you must first login to your BI Console. If you used the default values during setup, then this address would be http://localhost:7001/console. Once you’ve logged in, you’ll find Security Realms located in the Domain Structure panel. From there, you should see in the list the default myrealm option. Going into it should bring up the various options (tabs) available to you as shown below.
In this tab, you can begin creating the users of your system. You can also connect to existing directores such as Microsoft Active Directory or a database – this isn’t covered in this post of course.
Update a User’s Group and Application Role
Once you’ve got the new user created, you can start modifying the settings for each user. Within the settings, the Groups tab will enable you to assign the user to a group. What you have to remember is that groups, whether custom or default are tied to an Application Role. Once the user logs in, they can immediately begin to either view, create analyses and dashboards.
In my next post, I’ll try to go into this a little deeper and possibly discuss pulling users from external sources.