Essbase User Security Woes? 'Please Go Away' with This MAXL Fix

Every now-and-then, you come across an issue with Essbase and security, where even after removing and deprovisioning a user, the user in question cannot be reprovisoned and successfully access Essbase.

This usually happens when, for some reason, the user fails to get removed from the Essbase.sec file, and as a result, the user is only partially removed from the overall EPM security landscape.

The fix for this one is relatively easy and involved a simple MAXL command. 

1.     Log into the EAS console as an Essbase administrator user

2.     Right-click on the "Security" node at the bottom of the list of applications > Export security file. Enter a file name for the exported file.’

3.     Locate the exported security file under:

a.     \Oracle\Middleware\user_projects\epmsystem1\EssbaseServer\essbaseserver1\bin

4.     Search through the security file in a text editor for the affected "user".

5.     If the user is present, return to the EAS console to remove it as follows:

a.     File > New > Scripts tab > MaxL Script > OK. An empty script editing window opens.

b.     Paste the following command into this window:

•    drop user "user@Native Directory" from security_file;

c.     Select the MaxL (drop down menu in toolbar) > Execute

6.     The statement should now run successfully and remove user "user". You can close the script without saving it.

7.      At this point you should be able to recreate the "user" user from scratch and they should no longer have issues connecting to Essbase.

There you have it, a quick and easy way to remove a problematic user via MAXL.

As always the team here at iArch is here to help, so please let us know if we can be of assistance with your future EPM or Cloud Services needs.