Hello!

I need to make an SQL 2000 SP4 Analysis Server (Standard Edition) visible to
the outside over Internet.

The server will be placed in a de-militarized zone, so all firewall-related
issues can be ignored for the moment, I am only worrying how the access to
the server is done, or better: how different users can be distinguished from
each other.

Currently, the server is "inside" and only accessed by one person in the
network, so I went the easy way and added the GUEST account of the system to
the OLAP administrators group - my one and only user has all access and all
options to work on his cubes and all data in them.


If the server is places "outside", I need people from different machines
worldwide to connect to it through internet, and see only "their" portion of
data, so each cube must be visible only partly.
(This is two problems, I think. One is to allow access, two is to set up
cubes in a way that different accounts only see specific data. I think I
could deal myself with two, if in problem one I can solve how to let some in
but tell them apart)

I understand that all security in OLAP is run through windows accounts. The
people connection from outside are NOT members of the domain of the company
that owns the server, so I wonder how I can allow them access to it. In IIS
for example, you can set web pages to use Windows Authentication - if your
account is already a valid one, you get page. If not, you are prompted for
the credentials of an account on the server that is allowed. Such a pop-up
seems not to be coming up with Analysis Server.

I can imagine alernatives, like make them either "dial in" to an account on
the server through a vpn or similar technology, and make the query over an
account on the machine... Or I know that the ENTERPRISE EDITION does allow
access through HTTP, is that what I am looking for?


To summarize in different words (please excuse me if my English is not good
enough to make the point): How does a user that is in not way related to the
company infrastructure owning the server access it?


Thanks for pointers and/or comments, I really need them!
Ralf

Hi,

Which client are you using for access to the olap cubes on internet ?

Excel, Panorama NovaView, ReportPortal ?

With Excel you need http access so Enterprise is the only solution.

With the server based solutions Panorama NovaView and ReportPortal it
is needed.

You can use NT authorisation on the server based on basic authorisation
and/or use of portal user authorisation

On our website you see some clients using both Panorama NovaView and
ReportPortal as solution for OLAP for Internet: www.gmsbv.nl

For any question of free trial, please mail us.

Marco
www,gmsbv.nl


Ralf Hermanns schreef:

Ralf.
SSAS 2005 has a new feature that allows Anonymous connections which may be
configured through the SQL 2005 Surface Area Configurator. We're considering
using this feature for the same circumstances you are: an internet based
application consuming data from analysis services where integrated
authentication is not possible as the users are outside the organization.

Hope this helps.

"Ralf Hermanns" wrote:

"Rainman" schrieb im Newsbeitrag...
A little bit, but not completly.

I tried out the trial version of SSAS 2000 Enterprise, and after some
playing around with IIS config and such I could access it from outside using
Excel and HTTP. I set my IIS to do Windows Authentication, so user has to
enter credentials. IIS then impersonates this user to the cube role security
configuration, so I could even configure the access rights there. VERY GOOD,
exactly as I need!

But: the Standard editions of SS2000 and 2005 are already available in our
package from microsoft, so if I can built on these features and avoid going
"Enterprise" it will save quite some money...

SSAS 2005 now offers Anonymous connections. Wouldn't I get that with AS2000
too if I set my IIS to NOT authenticate (anonymous access)? I did not test
what happens if I did that, but it is not really my problem: What I need to
know is if HTTP is available with 2005 Enterprise only or already in
Standard?

HTTP is available in Standard Edition for 2005.

Thanks,
Akshai
--
Try out the MSDN Forums for Analysis Services at:
http://forums.microsoft.com/MSDN/Sho...ID=83&SiteID=1

This posting is provided "AS IS" with no warranties, and confers no rights
Please do not send email directly to this alias. This alias is for newsgroup
purposes only.

"Ralf Hermanns" <Ralf.Hermanns (AT) gmx (DOT) de> wrote