PDP question

ARosser · 2025-02-13T20:40:50+00:00

There was an error rendering this rich post.

Sorry for the vague title. My brain just couldn't think of anything else.

I have a commission report and I just can't seem to come up with a path to get the PDP setup correctly.

I have 3 distinct levels of access:

Role level: Salesperson can see only their personal rows. Supervisor can see the rows of everyone that reports to them. Same for Division Manager and Regional Manager. I have this setup using managed attributes. All users are in a Commission AD Group that gives them access to the report.

Corporate/Admin level: Commission Admin AD Group assigned to the All Rows policy.

Office Manager level. This is the one I can't figure out. I need office managers to be able to see all records for their Division. I have an AD group for Office Managers and different AD groups for all of the Divisions. I have given the Office Mangers access to the report, but if I use the Division AD Groups for the PDP won't that give everyone in the above mentioned Commission AD Group (salesperson, supervisors, etc) access to those rows?

How can I limit the Role level users to very specific row level access while giving Office Managers a higher level of row level access. Note that the Division AD Groups are used company wide therefore I can't change who is in them.

Quick Links

Accepted answers

All comments

DomoDork

@ARosser - I had something similar to this and the best way I've found to do this was to get my AD group data into a dataset. Then I could use MagicETL to parse out people into my own domo groups and output that to a dataset. I used the Governance Toolkit to generate domo groups based on my dataset. You can read about that here.

https://domo-support.domo.com/s/article/4415839663639?language=en_US

Once I had the groups automated in Domo, I made a MagicETL to write PDP policies based on those domo groups. Again, you do this with the governance toolkit via the PDP Automation feature.

https://domo-support.domo.com/s/article/4415800746391?language=en_US

Once I had all of that, PDP would automatically refresh when groups were updated via my MagicETL processes. I had to have this because our AD groups really don't align to data security needs so I had to work around it.

I hope this gives you some clues to proceed further :)

ARosser

I don't see it in the documentation for Group Management so I'll ask here. Can you create/manage Dynamic Groups? Essentially I would like to create a group where the user is in both the Office Manager AD group as well as the Division AD group.

other categories

Product Ideas
Have a Domo product enhancement idea? Submit or upvote on ideas in the Ideas Exchange.
Ideas Exchange
Suggest & vote on new features you would like to see implemented in the Domo Product.
Data Connections
Ask questions about Connectors, Workbench, Cloud Amplifier and get best practices from Domo peers
Connectors
Connectors, Custom Connectors, Writeback
Workbench
Ask questions about Workbench, a secure, client-side solution for uploading your on-premise data to Domo.
Cloud Integrations
Ask questions about Cloud Integrations and Federated Data connection to your data warehouse or lake.
Data & ETL
Ask questions about Magic ETL, SQL DataFlows, DataFusion, Dataset Views and get best practices from Domo peers
Magic ETL
Ask Magic ETL questions and get answers from Domo peers
SQL DataFlows
Ask SQL DataFlow questions and get answers from Domo peers
Datasets
Ask DataFusion and Dataset Views questions and get answers from Domo peers
Visualize & Apps
Ask questions about Beast Mode, Cards, Charting, Dashboards, Stories, Variables and get best practices from Domo peers
Dashboards
Ask Cards, Dashboards, and Stories questions and get answers from Domo peers
App Studio
Ask questions about building apps in App Studio.
Pro-code Components
Ask questions about pro-code components and Domo Bricks and get answers from Domo peers.
Charting & Analyzer
Ask questions about charting and Analyzer and get answers from Domo peers.
Calculations & Variables (Beast Mode)
Ask questions about using calculated fields and Variables (Beast Modes) in Analyzer.
AI & Data science
Ask questions about DomoAI and get answers from Domo peers.
Domo AI & AI Chat
Ask questions about AI Chat and AI assistants.
Managing AI
Ask questions about managing AI with AI Playground, AI projects, AI models, and more.
Jupyter Workspaces
Ask questions about Jupyter Workspaces, Notebooks, and file share.
Automate
Ask questions about App Framework, Workflows, Domo Bricks, Domo Developer, API and get best practices from Domo peers
Workflows
Ask questions about Task Center, building automations with Domo Workflows, and executing JavaScript or Python code with Code Engine.
Alerts
Ask questions about managing alerts in Domo and get answers from Domo peers.
Distribute
Ask questions about Domo Everywhere, Scheduled Reports, Mobile and get best practices from Domo peers
Domo Everywhere
Ask questions about embedded analytics with Domo Everywhere.
Reporting
Ask questions about Scheduled Reports, Report Builder, and Slideshow Publications.
Manage
Ask questions about Governance Administration, Approvals, Teams, Alerts, and Buzz and get best practices from Domo peers
Governance & Security
Ask questions about People, Groups, Roles, Sandbox, Activity log, Buzz, Teams, Approvals and PDP and get best practices from Domo peers
Navigation & Productivity
Ask questions about navigation, Projects & Tasks, Goals, and Buzz chat.
APIs
Ask APIs and Developer.domo.com questions and get answers from Domo peers
Add-ins & Plugins
Ask questions about plugins, Microsoft add-ins, and other third-party software integrations.
Domo Community Gallery
Watch how our Customers are using Domo to solve their complex problems.
Product Releases
Domo support and product teams are here to live-answer questions about the most recent product releases. Please post questions in this Forum board for all users to benefit (rather than submitting a support ticket).
Domo University
Questions or discussions related to Domo University, trainings and certifications
Community Forums
Getting Started
Welcome to Domo's Community Forums! You'll find everything you need to get started in this category.
Community Announcements
Get the latest from Domo's Community Team.
Social Groups
Archive
Old or outdated content that could still be found helpful.

Find more posts tagged with

PDP