Data access permission

NAM Server ► Settings ► Security ► Data access permission

Use the Data access permission screen to enable data access control for NAM Server users. Then you can configure data access for users and user groups.

Enabling global data access control for NAM Server users

To enable the global control of data access:

  1. On the NAM Server, select Settings ► Security ► Data access permission.

  2. Select the Control data access check box to enable this functionality.

  3. From the Filtering dimension list, select the dimension on which to control data access.
    Applies to NAM 2018
    This setting says that you want to restrict report data access based on one of the following dimensions:

    • Application
    • Software service

    When this is set to Application, for example, you can then create reports whose output is filtered to show only certain applications. See the next step for an example.

    Important:
    Applies to NAM 2018

    If your Filtering dimension list also displays

    • Transaction
    • Tier
    • Reporting group

    be aware that these are deprecated options.

    We plan to phase them out soon, and to continue this functionality only for Application and Software service. If you currently use any of the deprecated options for data access control as described in this topic, you should update your configuration to control data access based only on Application or Software service.

    Important: We verify the permission at the report level. A single section without the data access filter hides the whole report from users under data access control.

  4. From the Filter display list, choose where the information about the data access restriction is displayed.
    You set this option the same way as you do for dimensions configured on the Data tab in DMI. For more information, see Setting a dimension filter.

  5. Decide whether to grant access to all dimension values for other dimensions.
    If you set the Show dimension filter for other dimensions option to Yes, when users define a DMI report, they will have access to all values of other dimensions. For example, users will have access to all monitored transactions, not only to the transactions that belong to the assigned applications. The Filter icon icon is available for all dimensions that have values in the dictionary.
    If you select No, when users define a DMI report, they will not have access to the dimension filter for other dimensions. This means that on the Data tab, the Filter icon icon is available for the filtering dimension only (for example, Application).

  6. Click Save to apply your changes.
    Note: Settings saved on this screen apply to all NAM Server instances working together in a farm. For more information, see Synchronization Options.

    On this screen, you set a filtering dimension that is the basis for data access limits for NAM Server users. If you change that setting, you will lose the previous definition and must redefine the data access for specific users or user groups.
    Now you can configure data access on the user level or user group level.

Controlling data access per user group

Applies to NAM 2018

  1. From the NAM Server menu, choose Settings ► Security ► User groups.
    The User groups screen is displayed.
  2. Click Data access for the user group whose data access you want to configure.
    The Data access for group screen for that group is displayed.
  3. Specify whether to restrict data access for this group.
    • Unlimited - If you want members of the selected group to have unlimited data access.
    • Controlled - If you want to filter data access by the Filtering dimension selected on the Data access permission screen (see above).
  4. If you selected Controlled, use the >> and << buttons to specify exactly which reports between the two lists.
    For example, if you selected Application as the Filtering dimension, you can now select exactly which applications you are talking about.
    If the members of this group should have access to SAP data, you need to move SAP to the Assigned list. Alternative action: double-click in either list to move that value to the other list.
  5. Click OK to save your changes.

Creating and viewing reports with controlled data access

Applies to NAM 2018

If the Data Access Permission functionality is enabled and NAM Server users have limited access to the report data, they may not see all DMI reports available from the Reports menu.

Users with limited data access can view only those reports that use the filtering dimension set during data access permission configuration. Note that every section of the report must use the filtering dimension for the user under data access control to see the report. For example, if the filtering dimension is Application, these users cannot view the reports for other dimensions selectable in the Filtering dimension list.

Depending on how you set Filter display on the Data access permission screen, the data access restriction is noted in the report header or section header, or is not displayed at all.