Skip to Content

Reports access management

You can use one of the following options to grant access to reporting users for viewing or managing reports in TrueSight Smart Reporting - Platform:

  • Access based on the user-role mappings defined in the user_roles.csv file

    This is the default option and the method used by TrueSight Server Automation - Data Warehouse versions prior to 21.02. In this option, access to reports is granted by checking the user_roles.csv file for the logged-in user and role mapping. One of the following roles is assigned to the user while cross launching to TrueSight Smart Reporting - Platform:

    • If the user and role mapping is defined in the file, the same role is assigned to the user.
    • If no role is mapped with the user, the default role (defined in the YF_DEFAULT_ROLE property) is assigned to the user.
  • Access based on the roles and reporting authorizations defined in TrueSight Server Automation

    In this option, you create users in TrueSight Server Automation and assign them the roles with reporting authorizations. The following table provides the reporting authorizations in TrueSight Server Automation and their mappings with the corresponding TrueSight Smart Reporting - Platform roles.

    TrueSight Server Automation authorizations

    TrueSight Smart Reporting - Platform roles

    Reports.Administration

    allow_smart_reports_administration

    Reports.Studio

    allow_smart_reports_management

    Reports.QueryStudio

    allow_smart_reports_access

    Reports.Viewer

    allow_smart_reports_view

    Reports.Access

    allow_smart_reports_access

    Reports.Manage

    allow_smart_reports_management

    These mappings are used by TrueSight Server Automation - Data Warehouse for cross launching the logged-in reporting users to TrueSight Smart Reporting - Platform.

    Warning

    Important

    • The Reports.Access and Reports.Manage authorizations are available only when you install TrueSight Server Automation - Data Warehouse 21.02 or later. If you upgrade to TrueSight Server Automation - Data Warehouse 21.02 or later, these authorizations are not available. You can use the existing Reports.Studio and Reports.QueryStudio authorizations after upgrading to TrueSight Server Automation - Data Warehouse 21.02 or later.
    • When a reporting user, who does not have the rights to view or manage reports, logs in to the TrueSight Server Automation - Data Warehouse, cross launch to TrueSight Smart Reporting - Platform fails.

TrueSight Server Automation - Data Warehouse determines the option to be used based on the value specified for the YF_DEFAULT_ROLE property in the generic_configuration.properties file. This file is available at the following path on the host where TrueSight Server Automation - Data Warehouse is installed:

  • (Windows) <tssadw_installation_directory>\shared\ConfigurationManagement\generic_configuration.properties
  • (Linux) <tssadw_installation_directory>/shared/ConfigurationManagement/generic_configuration.properties

If a value is specified for the YF_DEFAULT_ROLE property (for example, YF_DEFAULT_ROLE=allow_smart_reports_management), access is granted according to the user and role mappings defined in the user_roles.csv file. If the YF_DEFAULT_ROLE property is empty (for example, YF_DEFAULT_ROLE=), access is granted based on the roles and authorizations defined in TrueSight Server Automation.

Recommendation for granting access

We recommend that you start managing the reports access by granting reporting authorizations to roles in TrueSight Server Automation. The use of user_roles.csv file for managing the access is deprecated. The following scenario explains how to make this change:

Using reporting authorizations in TrueSight Server Automation

Paul is a TrueSight Server Automation administrator. He also uses the reporting capabilities of TrueSight Smart Reporting for Server Automation to analyze the health of servers and plans the appropriate actions accordingly. Paul has upgraded both TrueSight Server Automation and TrueSight Server Automation - Data Warehouse to 21.02. He now wants to use the reporting authorizations in TrueSight Server Automation to enable reporting users to access reports in TrueSight Smart Reporting - Platform. He already has the following users and mappings defined in the user_roles.csv file:

  • user1\1;smart_view_manage
  • user2\2;smart_report_view

Paul performs the following steps to start managing the reports access from TrueSight Server Automation:

  1. Log in to the TrueSight Server Automation console.

  2. Create a new role and grant Reports.Manage authorization to the role. For details, see Creating roles.

  3. Assign the following roles.
    • user1 - The new role created in step 2
    • user2 - Any report viewer authorization
  4. Log in to the host where TrueSight Server Automation - Data Warehouse is installed, and do the following:
    1. Navigate to the following path:
      • (Windows) <tssadw_installation_directory>\shared\ConfigurationManagement\generic_configuration.properties
      • (Linux) <tssadw_installation_directory>/shared/ConfigurationManagement/generic_configuration.properties
    2. Open generic_configuration.properties.
    3. Delete the value assigned for the YF_DEFAULT_ROLE property to make it blank.
    4. Save the changes.
  5. Run the ETL for the RBAC domain so that the reporting users (user1 and user2) are brought into the TrueSight Server Automation - Data Warehouse database.
  6. Do the following:
    1. Log in to TrueSight Server Automation - Data Warehouse console as one of the reporting users (user1 or user2).
    2. (For multiple sites) On the Site selection page, select the site.

    3. On the Roles selection page, select the role with the reporting authorization.

      InformationIf you select a role with multiple reporting authorizations, the least restrictive authorization is mapped with the role.

    4. Verify that the user is successfully cross launched to TrueSight Smart Reporting - Platform for accessing reports.

Upgrade notes

We recommend upgrading both TrueSight Server Automation and TrueSight Server Automation - Data Warehouse to 21.3. If you upgrade one of these products only, do note the following changes:

If you upgrade only TrueSight Server Automation

  • Access to reports based on the authorizations defined in TrueSight Server Automation will not work. The existing user_roles.csv based authorizations will continue to work.
  • New reporting authorizations that are added to TrueSight Server Automation will not be available if you are upgrading from a version earlier than 21.02.

If you upgrade only TrueSight Server Automation - Data Warehouse

  • If the YF_ROLES_DEFAULT property has some assigned value, the existing user_roles.csv option will continue to work. You can start managing the reports access using the roles and authorizations defined in TrueSight Server Automation.
  • New reporting authorizations added to TrueSight Server Automation 21.3 will not be available if you are upgrading from a version earlier than 21.02.

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*

TrueSight Smart Reporting for Server Automation 25.4