ESSBASE ADMIN PROCEDURES
Prior to rebuilding the Security File A. Log into MaxL and record db/app settings by running the following commands: 1. Get a list of all users: spool on to 'userlist.txt'; display user all; 2. Get a list of user access: spool on to 'useraccess.txt'; display privilege user all; 3. Get a list of all groups: spool on to 'grouplist.txt'; display group all; 4. Get a list of group access: spool on to 'groupaccess.txt'; display privilege group all; 5. Make note of all application/database settings (storage, caches, compression, etc.). The compression level will need to be reset. For each database, use ESSCMD: OUTPUT 1 c:\issues\GETDBSTATS.txt GETDBSTATS appname dbname (do above command for each database) OUTPUT 3 OUTPUT 1 c:\issues\GETDBINFO.txt GETDBINFO appname dbname (do above command for each database) OUTPUT 3 B. Export the security file to a text file. Essbase needs to be started in the foreground to do this. The dumped file is located in the $ARBORPATH/bin. In the Agent window, type: dump security_dump_date.txt
Page 1
6/25/2009
�ESSBASE ADMIN PROCEDURES
Rebuilding the Security File: 1. Go to the \AnalyticServices\bin directory and rename the Essbase.sec file Essbase.sec.orig 2. Start Essbase in the foreground on the Essbase server. The Essbase Service should not be running since the security file is corrupt. Go to START/RUN/CMD and then type in Essbase. Once this service starts, type in the COMPANY NAME, the ID and the PW. It will ask you if the details are correct and you should enter 1 for YES or 2 for NO. It is very important to make sure that the ID and Password are correct for future use in the administration of Essbase. Please ensure that this is the same Essbase ID and password used for the Planning data source in the Planning Applications. If you use a different ID and password then you will need to update the data source information via the Hyperion Planning desktop. 3. Log into AAS - you will not see any applications listed under the essbase server because those pointers were contained in the old security file. The applications and all their data and files still reside on the server but you need to reconnect the pointers. Right click on APPLICATIONS and choose CREATE APPLICATION. Next, choose the first type of application that you will be pointing to (either an Aggregate Storage App or a Block Storage App). Verify that the server is correct and then enter the Application name of the first app that you want to create/reconnect to (the name has to be exactly as it currently exists on the server). Once the Application is created, you will see it in the list with all of its rules, calcs, etc. Do this for each application that should be appearing in AAS. If you do not see the database listed under applications, right-click on the application and select Refresh Database List. 4. Once you have finished creating all of your applications, right click on each database and choose EDIT/PROPERTIES. Using the database and application settings recorded via MaxL and ESSCMD, make any necessary changes to the relevant tabs. Remember that the compression always reverts back to NO COMPRESSION on all databases so this will need to be changed as well as your general settings and caches if changes were made. 5. Planning filters do not need to be recreated via Essbase Analytic Administration Services. If you need to create any Essbase security filters (non-Planning), do that now so that they will appear and can be assigned later. 6. Stop the Essbase service and then restart it in the foreground to make sure that it is not corrupt again. Then, execute the command dump security_dump_date.txt. This will export the current security file to the AnalyticServices\bin. Then execute QUIT and EXIT from the Command window where the Essbase Service is running (this will stop the service). DO NOT EXTERNALIZE ESSBASE SECURITY YET. Shared Services needs to be cleaned up first. Shared Services: 7. Export the users from Shared Services with the bulk provisioning utility CSSImportExport, ensure that when you export the provisioning info to use the option of export.internal.identities=true in the importexport.properties file. Otherwise, the provisioning information will become invalid after importing it back into HSS. 8. Delete the Analytic Services Project from Shared Services. This moves the project to the "Unassigned Projects". You will need to remove from there also. To delete the Project, right click on ANALYTIC SERVICES: XXXXX and choose DELETE.
AAS Console: 9. After confirming all above steps have been taken, externalize Users. In AAS, go to Essbase Server>Security -> right-click and select Externalize Users. This step recreates the Analytic Services Project in Shared Services.
Page 2
6/25/2009
�ESSBASE ADMIN PROCEDURES
Shared Services: 10. Using the CSSImportExport utility, provision user/groups for access to Essbase by re-importing the exported file from step 7. Hyperion Planning Applications: 11. Log into each Hyperion Planning application via the Hyperion Planning web and execute Refresh Users and Groups from Administration->Dimensions and select a secured Dimension. 12. Execute a database refresh of Security filters
Page 3
6/25/2009
