I have read and implemented the solutions described by mosha et al. regarding
the use of a single role and 'security' cube to (with MDX) create dynamic
security on the cube.

However, we use active directory groups and I would like to know if there is
a solution (without a complex ETL translating AD groups to user entries) to
allow just the groups to be held, rather than individual users.

AS 2000/SQL 2000 sp4

regards
ag

Not using the security cube, No.
However using the UDF, most definitely.
Look at:
http://www.mosha.com/msolap/samples/...20security.zip
It reviews three techniques for implementing dynamic security (member
properties, a security cube, and the UDF). You want the UDF approach.
--
Dave Wickert [MSFT]
dwickert (AT) online (DOT) microsoft.com
Program Manager
BI Systems Team
SQL BI Product Unit (Analysis Services)
--
This posting is provided "AS IS" with no warranties, and confers no rights.


"adolf garlic" <adolfgarlic (AT) discussions (DOT) microsoft.com> wrote