# Administration
## Data Access
## New & Improved
### Data Access Management and Permission Sync
Data Access Management now supports SAP Analytics Cloud (SAC), enabling the cataloging of permissions, mapping of users and groups, handling of access requests, approvals, and audit tracking. The system also syncs story-level permissions across multiple SAC connectors within the same instance to ensure consistent permission management.
### Audit Logging for Object Status Changes
The system logs status changes between active and inactive, including when a parent object’s deactivation automatically sets its child objects to inactive. All changes are recorded in the audit log for accurate tracking.
### Data Access Reports
In the Administration > Data Access section, Data Access Reports have been introduced to display a consolidated access report for the selected user and service account. The report shows all associated groups, roles, and source objects such as databases, schemas, tables, columns, projects, reports, folders, stories, and warehouses within the selected instance, along with the relevant connector and permissions fetched during the crawl.
### Connection Validation for Data Access Module
In the Administration > Connectors section, when the Data Access license add-on is enabled and connection details are saved, users are now prompted with a message to validate the connection. After successful validation, the connection is automatically displayed in the Data Access module.
### Advanced Jobs
| Name | Description |
| ------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| RDAM Deleted Instance Migration | This job migrates deleted RDAM instances and their associated records to ensure consistency after a version upgrade. |
| Load Axiomatics Policies | This job will take a folder or file (in JSON format) as input that contains Axiomatics Policies and load them into OvalEdge. This job also reconciles the discrepancies in policies between OvalEdge and Axiomatics. |
| Crawl Snowflake Users and Roles | This job crawls users, roles, and warehouses for a Snowflake connection. |
| Compare Axiomatics Policies | This job compares Axiomatics policies created or updated via API Access Requests from OvalEdge with the existing policies in the Axiomatics application. It identifies and logs any discrepancies in the job logs. An email with an attachment listing the mismatched policies is sent. This process helps in understanding and reconciling any discrepancies. |
## Users & Roles
## New & Improved
### Enhanced Role Management
In Role Management, admins can now create, edit, and delete roles with greater control. They can assign or remove individuals from specific roles, update license types, and modify role descriptions. Admins can set default roles for newly cataloged objects and apply these defaults to existing ones. They can also designate a default admin role with full privileges for all new cataloged objects.
### Simplified Column Masking
In Column-Level Security, masking policies can now be applied directly to individual columns without enabling column security at the table level. To enforce masking, select the Mask Column checkbox on the desired column.
### Improved User ID Behavior
In the Users List module, the User ID field is no longer clickable to access a user’s desk. This functionality has been relocated to the Users & Roles module to comply with OvalEdge's security standards. Within the Users tab, users with the roles oe.user.role.admin or ovaledge.role.admin can click any User ID to open the corresponding user's desk. Author license users can view the full user list, but can only click their own User ID to access My Desk.
### New 'Additional Information' Field
In the Users & Roles module, a new optional field called Additional Information has been added to enhance user categorization. This field allows organizations to group users based on contextual data. It is available during new user creation and can be edited in-line for existing users. Only users with the oe.user.role.admin can add or edit this field.
### User Role Transfer Capability
In the Users & Roles module, administrators can now transfer a user's responsibilities and roles to another user without deleting or deactivating the original account. This option is accessible through the 9-dot menu in the Users tab. The existing Delete/Deactivate option has been renamed to Delete/Deactivate/Transfer. Only users with the oe.user.role.admin role can perform this action. All transfers are recorded in the audit trail to maintain traceability and support compliance.
### Download Option for Roles Tab
In the Users & Roles module, a Download button has been added to the Roles tab. This allows authorized users to export the list of roles in a simple and detailed format.
### Assign Multiple Roles to View Job Logs
In the System Settings module, the ovaledge.jobs.view\.role setting now supports assigning multiple roles to view all job logs. Previously, only one role could be configured. Users not assigned to this setting can view only the logs of the jobs they initiated.
### Advanced Jobs
| Name | Description |
| -------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| Assign Role to Users | This job takes a role as input and assigns that role to all the users in OvalEdge. |
| OvalEdge User Licenses AD Verification | This job generates a comparison report that includes users in AD groups and users with OvalEdge licenses.
Attributes:
Attribute 1: Compare Azure AD Groups with Author License (comma separated).
Attribute 2: Compare Azure AD Groups with Viewer License (comma separated).
Attribute 3: Notify Users (comma separated) - Enter the users to notify.
Attribute 4: Notify Team (comma separated) \[The users in the Team will be notified] - Enter the team names.
Attribute 5: Notify Roles (comma separated) \[The users of given Roles will be notified] - Enter the roles.
|
## Security
## New & Improved
### Bulk Role Access Configuration
In the Application Security module, administrators can now assign or revoke access to multiple modules or submodules for multiple roles in a single action. The new Update Authorized Roles and Remove Authorized Roles options in the 9-dot menu simplify role-based access control.
### Advanced Jobs
| Name | Description |
| ----------------------------------------------------------------- | --------------------------------------------------------------------------------------------------- |
| Advance job for modifying the column lengths of userid (Security) | This job allows data to be inserted into the userid column with a maximum length of 255 characters. |
## Advanced Jobs
## New & Improved
### "Last Run By" Column Added
A new "Last Run By" column has been added, allowing users to see who last executed the advanced job.
## Custom Fields
## New & Improved
### **Audit History and Layout Enhancements for Custom Field Sections**
Audit history now tracks changes to Sections and System Fields, including visibility updates, name changes, creation, and deletion.
### **Layout management improvements include:**
* New "Section Type" column to distinguish system and custom sections
* Drag-and-drop to rearrange sections
* Hide/Unhide using checkbox controls
* Section names now support up to 100 characters
### Advanced Jobs
| Name | Description |
| -------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| Migrate TCF Text TO Rich Text | This job migrates existing text to rich text format for text custom fields. |
| Cascade Customfields for Buckets | This job cascades custom fields from buckets to their downstream folders and files. Two attributes need to be specified for this job:
attribute1: The S3 Connection ID
attribute2: The bucket name if only a single bucket is to be processed.
|
### Customization via System Settings
| Name | Description |
|---|
| enable.time.customfield | Configure to show/hide the time components (hour, minute, second) from the Date Custom Fields across all relevant modules: Data Catalog, Business Glossary, Tags, Data Quality, and ROPA. Parameters: - The default value is True.
- If set to True, the time component will be displayed.
- If set to False, the time component will not be displayed.
|
## System Settings
## New & Improved
### Organized System Settings by Module Name
System settings are grouped under newly added sections based on modules, including:
* All
* Bridge
* Login & Home
* Browser Extension
* Business Glossary
* Jobs
* Governance App
* Data Catalog
* Data Access Management
* Metadata Governance
* Crawling & Profiling
* File Manager
An "All" tab has also been introduced to view all settings in a single location, simplifying navigation.
## Audit Trails
## New & Improved
### Object Access Auditing
The Object Access now provides a detailed audit trail of actions performed on specific objects. It displays the object type (such as Dashboard, Table, or Connector), object name, the assigned role or user, and the permissions before and after the change. The log includes the name of the user who made the update and the exact date and time of the action.
**Project Audit Trails & Versioning:** Audit Trails now capture all changes made to Projects, including updates to project names, actions (additions or deletions), modified by, and modification date. Versioning support has also been added, enabling tracking and management of changes across different versions of a project.
### Advanced Jobs
| Name | Description |
| -------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| Process KAFKA ACLs Dump File For Audit | This job loads the specified .xlsx file and processes ACL information into the audit table. It is designed exclusively for the Kafka connector. Ensure the Crawler ID/Name and file name (only .xlsx files are supported) are provided. |
***
Copyright © 2025, OvalEdge LLC, Peachtree Corners, GA, USA.