OTBI direct database access disabled Oracle Fusion 19A
With the most recent available upgrade of Oracle Fusion Applications Cloud 19A, the direct database access with OTBI has been disabled by default by Oracle. The feature will be disabled within a grace period of 12-month:
This is also looged a Bug, since many customers relied on the feature:
Community discussion: R13.19A OTBI Direct Database Query Privilege Change
Fusion Application: Upgrade 19A What’s new (see chapter: OTBI DIRECT DATABASE QUERY PRIVILEGE IS DISABLED BY DEFAULT FOR
AUTHENTICATED USERS )
The reasons for this are security concerns from Oracle side and the currently only remaining alternative, is to use BI Publisher in cases of direct database access (as confirmed in the community discussion by Oracle, this method will not be restricted).
Additionally, for OAC, the direct database access feature as also been removed from the default permissions of the logged in User (Authenticated User). But, using the Manage Privileges Pages, the permission can still be assigned for Users who require the feature:
How to create a direct database access is also described in a previous post.
Fusion Application Cloud users can access the Reporting and Analytics (OTBI) module via the Fusion Sitemap listed under “Tools”:
This opens the embedded Analytics Catalog which contains all items for each domain such as Human Capital Management:
To grant access to Reporting and Analytics, the Cloud Admin User or another User having received the “IT Security Manager” Role can provide access to OTBI:
In this example a new Employee called “OTBIUser” should receive access to OTBI. The User should receive the following Roles by the Cloud Administrator:
To grant the User “OTBIUser” access requires to follow the TechNote (Oracle Fusion BI: How to Add the BI Administrator Role to a user in Release 12. (Doc ID 2238277.1) from Fusion Application Cloud R12 and onwards as the standard BI Roles (such as BI Author or BI Consumer) can’t be assigned to Users directly any more. Instead, it is required to create a custom Role based on the standard (OOTB) Role and assign those custom role to the User to act e.g. as BI Administrator.
After the User has received the role, an Administrator must run the “Retrieve Latest LDAP Changes” ESS Job to reflect these changes. This process may actually take up to 8 hrs. for the changes to take effect.