cancel
Showing results for 
Search instead for 
Did you mean: 
Rebecca
Occasional Member - Level 3

Setting security on the Public Folders in Intelligence

Has anyone found a way to set security on the folders or individual reports in the Public Folders section of Intelligence?

 

We have users who are keen to design their own reports but if we give them edit access to Intelligence then they have access to edit all the public reports.

16 REPLIES 16
AmberLee
Routine Member - Level 3

Do they need access to companywide data or just for the people on their teams? If they just need the information pertinent to their departments they can have 'complete' access to all the reports with the BI reporting which they should already have access to but even though they can see all of the reports listed, when they run the report it will only show data from their employees. 

If they need to run reports with companywide data then it would make sense to give them author access. 


ค๓๒єг ɭєє - ᴄᴏɴᴄᴜʀ ᴄᴏɴɴᴏɪssᴇᴜʀ
(っ◔◡◔)っ  ☆ Fort Worth, Texas ☆
Rebecca
Occasional Member - Level 3

Hi Amber,

 

The issue is that if you give someone author access then they are able to edit any report within the public folders.  

 

We have reports that we run to extract Concur data into other Finance systems so we can't give users author access in case these reports are accidentally edited.  We need a way to lock them down so that only Administrators can edit them.  

 

Rebecca

AmberLee
Routine Member - Level 3

I understand completely. You appreciate their enthusiasm but don't touch my stuff situation... 

If you click on the scheduled report you wish to lock down and click the 'Set Properties' icon it will take you to the setup page. From there click the Enable Accessibility Support then down below where it says 'PDF Options' and then Set, click the Set... 

That will take you to the below page where you can make it password protected and some other little security options. 

 report security.PNG

 

 


ค๓๒єг ɭєє - ᴄᴏɴᴄᴜʀ ᴄᴏɴɴᴏɪssᴇᴜʀ
(っ◔◡◔)っ  ☆ Fort Worth, Texas ☆
SandraA
Routine Member - Level 2

I don't see the places Amber mentions.

Years ago I found a way to protect the reports or folders for the same reasons you mentioned.   It was not easy to do and we didn't set it up.  That option seems to no longer be accessible.

The advice we've gotten is to create a fake employee that will act as Report admin.   Move all the reports to the My Folders area of the fake admin employee and use that access to run and manage your reports.

Leave  reports safe for all  users to access in the public area.

I had it on my To Dr List however now that Intelligence is being discontined I'm not planning to spend the time setting this up.

Sandra Ahola
T-Mobile
Senior Analyst Travel, Card & Expense
US
https://www.linkedin.com/in/sandra-ahola-4704553/
AmberLee
Routine Member - Level 3

@SandraA@Rebecca The general/shared profile is another option that can be used for multiple workarounds, not just this one, but be careful because there are also a lot of audit risks involved. I would try every other option first before going this route because of that.

When I get stuck on a reporting issue my go-to solution (besides asking this community) is to open a case with my service team. If you've already done that with no luck then we're going to have to figure it out ourselves. Again, that's the great thing about this group.

Rebecca, were you able to see the password protection page I posted earlier? If you're all unable to find it I'll go back and try to write out better instructions on how to get there.


ค๓๒єг ɭєє - ᴄᴏɴᴄᴜʀ ᴄᴏɴɴᴏɪssᴇᴜʀ
(っ◔◡◔)っ  ☆ Fort Worth, Texas ☆
Rebecca
Occasional Member - Level 3

Hi Amber,

Thanks for the steps.

I haven't had any luck accessing the password protection page.  Either:

1) in the Properties tab there is no Enable Accessibility Support option

2) There is no Properties tab at all

3) Where there is the Enable Accessibilty Support option the 'Set' boxes are greyed out and can't be ticked.

My issue is not really that the users can run the report and see the data but that its possible for anyone to edit them.

Lets hope whichever reporting tool replaces Intelligence has security options!

 

Rebecca

 

Rebecca
Occasional Member - Level 3

Hi Sandra,

 

I had trouble finding them too.

I like the workaround that you suggest.  I'll have a look at setting that up.

 

Rebecca

MarshaC
SAP Concur Employee
SAP Concur Employee

@Rebecca,

Unfortunately there is not a way to limit access to specific folders or reports. Security is established by the group Cognos users are assigned in the reporting hierarchy. Once a user is granted access to Cognos they can access all reports but the data they see is restricted based on the group they are assigned to. If you give a BI Manager access to Cognos their view of data is restricted to only their data and their direct and indirect reports.  

Marsha


Marsha Calfee
Director, Product Management
Data Platform & Analytics
AmberLee
Routine Member - Level 3

What's the password protection meant to be used for?

ค๓๒єг ɭєє - ᴄᴏɴᴄᴜʀ ᴄᴏɴɴᴏɪssᴇᴜʀ
(っ◔◡◔)っ  ☆ Fort Worth, Texas ☆
GrantC
SAP Concur Employee
SAP Concur Employee

Hi Rebecca,

I'm not sure this will help in your exact situation and I'm a little late to the game here, but I've read through all the comments and am going to be the token "actually" guy: Actually, while it is true that you cannot limit access by user, you can limit access by role (Consumer, Business Author, or Professional Author) but only on the folders and reports YOU own, so the Standard Reports folders are out of play here.

Here is how you do it:

1 - Click Set Properties on the folder or report you want to control access to.
2 - Click the Permissions tab.

Much like items on your network, the access inherits down from the folders above it. Just like the items on your network you can override this inheritance.

3 - Click the "Override the access permissions acquired from the parent entry" checkbox.

On the left side of the screen you will see a listing of you roles starting with your entity ID. The 3 we care about are entityID_consumer, entityID_author, and entityID_professional. they equate to Consumers, Business Authors, and Professional Authors respectively.

4 - Click the role you want to change permissions for.

On the right you will see the access rights you can Grant or Deny. Don't want Consumers to run a report? Deny Execute. Don't want Business Authors modify a report? Deny Write. Don't Consumers to even know a report or folder exists? Deny everything. Change your mind about the whole thing? Uncheck the "Override the access permissions acquired from the parent entry" box.

Grant

Grant Chase - Sr. Product Learning Specialist - SAP Learning
TrishW
Occasional Member - Level 3

Hi Grant

Does that include the reports concur creat for you?

thanks

 

Trish

GrantC
SAP Concur Employee
SAP Concur Employee

My guess would be that if Concur created the folder they would be the owner of the folder, not you, and you would not be able to set permissions. You might try making a copy of the folder though. You would be the owner of the copy and I would think could set permissions.

Grant Chase - Sr. Product Learning Specialist - SAP Learning
AmberLee
Routine Member - Level 3

@Rebecca It’s a long shot but what browser are you using? That may be why those boxes are grayed out.

ค๓๒єг ɭєє - ᴄᴏɴᴄᴜʀ ᴄᴏɴɴᴏɪssᴇᴜʀ
(っ◔◡◔)っ  ☆ Fort Worth, Texas ☆
Rebecca
Occasional Member - Level 3

@AmberLee  I use internet explorer.  GrantC has spotted the problem., you can only add permissions to reports that you actully own.

nickyvarian
Occasional Member - Level 1

Does that include the reports concur creat for you?

@nickyvarian I am not sure if SAP Concur locks down the reports they create, but I think they possibly would do it for the Team Content area. If they do not lock them down by default, I'm sure you could easily request they be locked for editing in the Team Content area. 


Thank you,
Kevin Dorsey
SAP Concur Community Manager
Did this response answer your question? Be sure to select “Accept as Solution” so your fellow community members can be helped by it as well.