Removing access/Deleting user from Hyperion Planning application
RoyDJul 5 2011 — edited Jul 5 2011Hi,
When I remove a user from all groups that he is in, I expect the user to not be able to log into Hyperion Workspace.
However, currently, when I remove a user from his group,refresh security in Administration->Manage Database, the user is still able to log into Workspace. He is able to view,click and enter into the application(s) that he had access to prior to deprovisioning. Its only when he tries to view forms that the error 'security or filtering does not allow the user to see the forms' is displayed.
Even the list of reports is visible to the user. Only when he tried to run then by clicking on them does the error 'login credentials are invalid' appear.
Is this the normal process? Should usres that are removed from all roles/features still be able to log into Workspace and connect to the applications they had access to?
Our security structure is as follows.
Groups are present in Active directory(AD) which are placed within groups(having all access permissions) in the Native directory. Users are pushed into the Active Directory groups and thus get the permissions by default based on the Native directory groups that their AD groups are in.
The security detele feature we require is : When a user is removed from the AD group, he should not have any access to Workspace.
Any help will be appreciated.
Thanks