Skip to Content

Why is the LCMCLI ignoring my use of the "-includeSecurity=true' parameter?

I'm using the LCM Command Line Interface (LCMCLI) to promote content (e.g., AOLAP reports, Webi reports, etc.) between CMS environments.

The objects' User Security includes the BI Platform's built-in groups as well as mapped Active Directory groups. The same mapped Active Directory groups are already present on both environments.

I'm including the "-includeSecurity=true' flag in the LCMCLI syntax; when I execute the command, however, the object's user security from the source environment is not being applied to the object in the destination environment. Instead, the resulting object is simply inheriting the user security of the destination folder.

For each group, the console log displays "Status -> Resolution Status=Dropped, Dependency Status=All the required dependencies are included., Commit Status=Commit is not required., Promotion Status=No errors detected". The final part of the log displays "EXIT_SUCCESS". Yet the User Security is not being applied to the object.

Is this a known issue?

Add a comment
10|10000 characters needed characters exceeded

Related questions

2 Answers

  • Posted on Dec 10, 2015 at 07:36 AM

    Hello Chris,

    did you found a solution for your Problem?

    I'm currently working on a similar issue. We have SAP BW user groups which are already imported on both the destination and the source system.

    When I promote a folder which has these groups as principals in the user security settings, the user groups are dropped and the security settings get lost on the destination.

    This seems not to be an issue regarding user rights because this also happens when we promote the objects with the administrator account.



    Add a comment
    10|10000 characters needed characters exceeded

  • author's profile photo Former Member
    Former Member
    Posted on Dec 10, 2015 at 03:49 PM

    Hi Chris,

    You mentioned that Windows Ad groups are already mapped to the destination and now you are promoting the folder with security.

    The right way to promote Third party groups is to configure and enable plugin in destination without mapping/updating the groups.

    You have to promote the users along with folders.

    Refer KBA-

    In your case the CUID's of the groups will be different and that is the reason it is not applying the security to the folder.



    Add a comment
    10|10000 characters needed characters exceeded

    • Hi Rajshree,

      thanks for your answer - it helped. What i did to fix the problem is

      - deleted the imported SAP roles from the role Import

      - deleted imported SAP users which belong to the role

      - promoted the roles from source BO to Destination BO



Before answering

You should only submit an answer when you are proposing a solution to the poster's problem. If you want the poster to clarify the question or provide more information, please leave a comment instead, requesting additional details. When answering, please include specifics, such as step-by-step instructions, context for the solution, and links to useful resources. Also, please make sure that you answer complies with our Rules of Engagement.
You must be Logged in to submit an answer.

Up to 10 attachments (including images) can be used with a maximum of 1.0 MB each and 10.5 MB total.