Security Roles In OBIEE11g

Hi All,

By Default OBIEE11g provided the 3 default roles.

1. BI Consumer.
2. BI Author.
3. BI Administrator.

 Let's see the deference's.

1.BI Consumer: The base-level role that grants the user access to existing analyses, dashboards and agents, allows them to run or schedule existing BI Publisher reports, but not create any new ones. The Consumer can only view and run existing dashboards, analysis and reports provided to them. These objects will be published in a shared area with proper security rights. Consumers typically are the broadest user base across the institution.

2. BI Author: A role that is also recursively granted the Bi Consumer role that also allows users to create new analyses, dashboards and other BI objects. The Author can create and edit dashboards, analyses and reports. Authors will include a narrower user base than Consumers.

3. BI Administrator: Recursively granted the BIAuthor (and therefore BIConsumer) roles that allows the user to administer all parts of the system, including modifying catalog permissions and privilege. The Administrator can edit and create new repositories and catalogs. They also have full control over all aspects of the OBIEE tool suite. 

OBIEE Security Groups

These roles correspond to a set of LDAP groups within the embedded Weblogic Server LDAP Server that have almost the same names (plural rather than singular) as these application roles:

1. BIConsumers
2. BIAuthors
3. BIAdministrators

It’s these LDAP groups that you assign users to, not application roles, with Fusion Middleware then mapping these LDAP groups into their corresponding application roles. Later on, we’ll look at how and why you might want to create another LDAP group and corresponding application role like these, which we’ll call BIAnalyst; for now though, let’s look at how you create a new user and grant them one of the existing roles.