Planning Analytics

 View Only
  • 1.  consolidation type in spreading

    Posted Mon November 09, 2020 08:55 AM
    Good day,
    I'm trying to prevent users from spreading data by typing directly in a consolidated cell in PAX.
    I've set the capability assignment: consolidation type in spreading = Deny, but it's not working? The user can still spread on a consolidator.

    Any idea if this setting should work in PAX or will it only work in TM1 Web?

    I know there is a PAX setting to prevent this, but I'm trying to control this centrally instead of updating the PAX setting on each client machine, and then also risking them changing it back.

    Regards,
    WJ

    ------------------------------
    WJ
    ------------------------------

    #PlanningAnalyticswithWatson


  • 2.  RE: consolidation type in spreading

    Posted Mon November 09, 2020 05:20 PM
    WJ,

    I have not personally tested the Capabilities settings in PAx, but a few considerations:

    1. Are the users you are trying to Deny permissions for Admin users?
    2. Do your users belong to more than one security group?  If so, is the Capability set to Deny for all Groups they are in?
    I believe Capabilities work based on the least restrictive access between the union of all the user's security groups.  The easiest way to configure this for every user (other than Admins) is to set permissions for ALL groups to DENY.

    Since the Capabilities exist on the Planning Analytics (TM1) server, we would expect them to apply in all user interfaces including PAx, TM1Web and PAW.

    ------------------------------
    James Hanifin
    Implementation Manager & Cross Solutions Architect
    QueBIT Consulting
    ------------------------------



  • 3.  RE: consolidation type in spreading

    Posted Tue November 10, 2020 02:43 AM
    Hi James,

    I'm not trying to deny Admin users and the user has only one security group.

    I managed to figure it out: I didn't know which "Permission" to update i.e. READ, WRITE, EXECUTE, SET POLICY, TRAVERSE. I assumed the "SET POLICY" permission should be set to Deny for ALL the groups but that did not work. When I set the EXECUTE permission to Deny, it works. Very happy.

    Thanks for the help.
    WJ

    ------------------------------
    WJ
    ------------------------------