This document summarizes how to manage access permissions in Hyperion Planning. It describes the different types of planning elements that can be assigned permissions, including scenarios, versions, accounts, entities, and custom dimensions. It also outlines the different access permission levels of Read, Write, and None. Administrators can enable security on dimensions and then assign access permissions to individual members for users and groups.

1. Security of Hyperion Planning
Access Permissions in Hyperion Planning
 Shared Services roles that set access permissions for managing projects, applications,
dimensions, users, and groups
Planning Elements That Can Be Assigned Access
We can assign access permissions to:
 Scenario members
 Version members
 Account members
 Entity members
 User-defined custom dimension members
 Data forms
 Task lists
 Business rules
For example, users must have these Shared Services roles to perform the specified tasks:
 Project Manager: Creates and manages projects in Shared Services.
 Provisioning Manager: Provisions users and groups to applications.
 Dimension Editor: Required for Performance Management Architect and Classic
applications. For Performance Management Architect, allows access to application
administration options for Planning. For Classic, allows access to the Classic Application
Administration options for Planning (in combination with the Planning Application Creator
role).
 Planning Application Creator: Required for Performance Management Architect and
Classic applications. For Performance Management Architect, allows users to create Planning
applications and Performance Management Architect Generic applications. For Classic,
allows access to the Classic Application Administration options for Planning (in combination
with the Dimension Editor role).
 User-defined dimensions: Assign access permissions to members by selecting the
dimension property Apply Security. If you omit setting Apply Security, all users can access
the dimension's members. By default, the Account, Entity, Scenario, and Version
dimensions are enabled for access permissions.
 Users and groups, which can vary among applications. Assign access to Planning
application elements by using Assign Access.
Note: After updating access permissions, refresh the application to update Essbase
security filters.

2. Types of Access Permissions:
Access permissions for the specified user or group to the dimension member, data form, or
task list include:
 Read—Allows view access
 Write—Allows view and modify access
 None—Prohibits access; the default access is None
We can specify access permission for individual users and each group. When you assign a
user to a group, that user acquires the group's access permissions. If an individual's access
permissions conflict with those of a group the user belongs to, user access permissions take
precedence.
To enable access permissions for dimensions:
 Select Administration > Dimensions.
 For Dimension, select the dimension to change.
 Click Edit.
 In Dimension Properties, select Apply Security to allow access permissions to be set on its
members. If you do not select this option, there is no security on the dimension, and users
can access its members without restriction.
 Click Save.
Click Refresh to revert to the previous values.
To assign access to members:
 Select Administration > Dimensions.
 For Dimension, select the dimension to assign access to its members.
 Select the member for which to assign access.
 Click Assign Access.
 Add, change, or remove access.
To assign access permissions to members:
 Select Administration > Dimensions.
 For Dimension, select the dimension for whose member you want to add access.
 Click Assign Access.
 Click Add Access
 Optional: To migrate a user or group's changed identity or their position in the user
directory from User Management Console to Planning, click Migrate Identities
 Optional: To remove deprovisioned or deleted users or groups from the Planning database
to conserve space, click Remove Non-provisioned Users/Groups
 For Users and Groups on Add Access, select the users and groups to access the selected
member.
 For the selected member, select the access type.
 Optional: Select a relationship.

3. For example, select Children to assign access to the children of the selected member.
 Click Add.
 Click Close.
To modify access permissions for members:
 Select Administration > Dimensions.
 For Dimension, select the dimension for whose member you want to edit access.
 Click Assign Access.
 Optional: To migrate a user or group's changed identity or their position in the user
directory from User Management Console to Planning, click Migrate Identities.
 Optional: To remove deprovisioned or deleted users or groups from the Planning database
to conserve space, click Remove Non-provisioned Users/Groups.
 Click Edit Access.
 For the selected member on Edit Access, select the access type for the displayed users or
groups.
 Optional: Select a relationship.
For example, select Children to assign access to children of the selected member.
 Click Set.
 Click Close.
To remove access permissions for members:
 Select Administration > Dimensions.
 For Dimension, select the dimension for whose member you want to remove access.
 Click Assign Access.
 Select the users and groups for whom to remove access to the selected member.
 Click Remove Access.
 Click OK.
 Click Close.
Regards:-
AAjjaayy ssiinngghh cchhoouuhhaann