When it comes to getting some very common and crucial tasks done in IBM Cognos TM1, we found that there are many quite painful tasks to do. They are so painful, that the thought untangling Christmas tree lights for a living seems much more appealing! One such painful task we are going to focus on today is managing security in TM1.
Security in Cognos TM1 is Complex
How does the complexity of security in Cognos TM1 affect your ability to maintain it? Let me count the ways:
- Looking at security within TM1 itself is very awkward. No one likes a clunky UI!
- You can't look at multiple users and their security levels on multiple objects in one screen.
- You can't see what kind of impact a security change for one client will have on other TM1 clients.
- You have to manually work out a security change to understand the implications the change will have on others. Manual work=risk of human errors!
- You could set up a test environment, make your security changes, and then manually log into a number of user accounts to make sure nothing unwanted has occurred. This approach is also riddled with potential errors, and not to mention is very time consuming!
Is that professional Christmas tree untangling gig sounding like a good move right about now? Don't fret. We've got a great solution to ease the intricacies of TM1 security. The Security Sandbox in our Agni software.
Agni Security Sandbox Benefits
Before we dive into how the Security Sandbox works, I'd like to point out some of its benefits:
- Saves you so much time and is a much safer way to analyze and execute security changes.
- It also provides you with the ability to rollback your security modifications to your previous configuration.
Now let's take a look at using the Security Sandbox to analyze and make proposed security changes in Cognos TM1.
How to Use the Agni Security Sandbox
1. Select the Security Sandbox panel in Agni.
2. You will see your TM1 objects on the left and your clients on the right.
3. Let's say you want to change security access for a client. Select that person from the list of clients on the right and then you will see their current access appear on all of the objects listed on the left.
4. You can also look at security access from the perspective of a TM1 object. Here we have the "plan_BudgetPlan" cube selected and you can see what all of your clients access levels are for this cube in the "Current Access" column next to each client.
Looking at security through Agni eliminates you having to manually work out client/object access. Agni provides it for you right here in one comprehensive view!
Now let's look at the impact that a proposed security change will have on other clients.
5. At the bottom of the screen you will see the Security Editor. In this example we change the client's access rights on this cube from "Write" to "Admin."
6. You can see in the top right side of the screen which clients will be affected by this change. You see what their new access will be (in purple), if you change Bliss from "Write" access to "Admin" access.
Let's say we are happy with our proposed changes and are ready to make them live. You can create and run a process from within Agni to apply them.
7. Select Generate Process for Security Changes at the bottom right hand side of the screen.
8. A window will pop up, allowing you to preview your changes.
9. Next you will name your security change process. You also have the option to create a rollback process, for added safety, if you need to go back to your previous security setup.
9. Lastly, you can select Finish to run your process and apply the security changes in TM1.
This is just one example of how Agni improves how you look at security settings and how potential changes will affect the rest of your security setup. We'll get to some other ways to use the Security Sandbox in future blog posts.
If you would like to see the Security Sandbox in action, watch the video!