March 18, 2014 at 11:18 am
Hi Everyone,
I am posting this to get help on urgent basis on dimension member data restriction
We are using SQL server 2005 Analysis Services in our project
As part of new BO voyager report (uses cubes and dimensions) request we have developed the report
Now we are facing challenges in restricting data based on their region
Suppose there are three regions and each having their respective users and the users should be allowed to see only data related to their region in SAP BO voyager report
As part of dimension restriction I have done restriction in SSAS level creating a role , adding member or user to it and for that role defining the specific region access
In role suppose I have added mdx in dimension data section like <Region Codes>.<Region>.&<Asia> and enabled visual total check box and also added the user in membership which comes through Active directory
Now as per logic the member with the role access should have the view to Asia data in SAP BO but they are getting access to all data which is creating a security
Now is there any way to resolve it or there is something I am missing in this
Looking forward for our help asap
Thanks in advance
March 20, 2014 at 12:25 pm
1. Are any of your users present in more than one role? Unlike SQL Server RDBMS, denied privileges do not trump allowed privileges but are a UNION of all privileges.....like a bitwise OR.
2. When entering dimension level security, did you make sure you entered the MDX expression in the "Allowed Set"?
Viewing 2 posts - 1 through 1 (of 1 total)
You must be logged in to reply to this topic. Login to reply