If I have an Internet application that connects to Analysis Server all
users are seen as the same person, how do I handle 300+ users, who
each have different security rights for viewing measures? I cannot
setup that many roles in Analysis Server, what is another option? I
have seen solutions that use member properties, but it is limited by a
255 character situation.

Any suggestions or where to start looking? I have checked
www.sqlmag.com and read some articles, but I cannot find a good
answer.

"Scott" <scott (AT) jucovics (DOT) com> wrote

The answer to your question greatly depends on the architecture of your
Internet application. If you use HTTP connectivity - it is one thing. If you
use middle tier architecture with ASP/ADOMD - then there are other
approaches. I have couple of slides but no real details here:

Implementing Security in Analysis Services 2000 - presentation by Richard
Tkachuk and Mosha Pasumansky
http://www.mosha.com/msolap/articles...s %202000.ppt

You can set up 300 roles, and I've seen applications which have more then
500 roles, although if you do it - you don't want to administer them from
Analysis Manager. Also, some users complained that with so many roles DSO
starts working very slow as well - usually this is related to repository
being not migrated to SQL Server or with suboptimal domain/Active Directory
infrastructure.

If you are PASS member (www.sqlpass.org) - you will be able to get access to
the excellent presentation by Dave Wickert from last week in 2003 PASS
conference, which covers at least 3 other alternative approaches.

--
==================================================
Mosha Pasumansky - http://www.mosha.com/msolap
Development Lead in the Analysis Server team
All you need is love (John Lennon)
Disclaimer : This posting is provided "AS IS" with no warranties, and
confers no rights.
==================================================