I was wondering if you could help with the below.

We have a number of cubes that require quite granular level of
security. i.e. some people can only see measures that relate to their
branch, others can see data that relates to Areas and below; others to
Regions and below; and others that can see Country and below. In a
classic Country - Region - Area - Branch kind of organisation
(hierarchical dimension).

There could be hundreds of users and the cube based role level security
would be too cumbersome a solution I think.

I have thought of creating a security dimension that holds the userid
of each person accessing the cube and as a member property an
organisation unit key. My hope would be then that I can use this org
unit key to let the user access all descendants of that org unit.
Alternatively, I guess I could hold a list of the users valid branches
at a level under the userid.

I was then thinking that I could somehow use this property or the set
of branches to construct calculated measures that would return null (or
zero) if the measures belong to a branch that is not included in his
set of branches and return the original measure value if it belongs to
the branches that are in the valid set of branches. I would then make
non visible the original measure(s) and only have available the
calculated ones.

This would be a stretch for my mdx skills but I may be able to nut it
out but any help would be welcome. Also I am likely to be using a
reporting tool that can provide the userid to the mdx query but it
would be neat if there was an mdx function to return the current user
id and then the security would work regardless of the cube browsing
technology.

Then ... for me, comes the tricky bit :-) - not that the above isn't.

How would I ensure that those calculated measures are aggregated at the
higher dimension levels?

I hope this is clear. Sorry it's such a long email. VERY happy to hear
of other approaches.

Regards, Richard

if you have a hotmail account i can email dynamic security slides from dave
wickert (ms)

perhaps that

"Richard Flewitt" <Richard.Flewitt (AT) asb (DOT) co.nz> wrote

....would help...
"michael v" <test (AT) test (DOT) com> wrote

can you send it to me as well, please?
Thank you

"michael v" wrote:

Mosha has a whole list of security related resources for AS at
http://www.mosha.com/msolap/security.htm

I am pretty sure that the slides that were referred to in this post are
available under the "Dimension Security" heading.

--
Regards
Darren Gosbell [MCSD]
Blog: http://www.geekswithblogs.net/darrengosbell

In article <19B6E0FC-7976-4FFD-AB98-5B6CC2F8711C (AT) microsoft (DOT) com>,
leo (AT) discussions (DOT) microsoft.com says...