Sorry. Domain adminstrators are part of the Administrators role and, as with
most products, when you are a machine administrator you are able to see
everything.
The idea is that you just as easily add yourself to any role manually. There
is no workaround without limiting domain administration on your machine.
--
Dave Wickert [MSFT]
dwickert (AT) online (DOT) microsoft.com
Program Manager
BI SystemsTeam
SQL BI Product Unit (Analysis Services)
--
This posting is provided "AS IS" with no warranties, and confers no rights.

"cgi1" <cgi1 (AT) newsgroup (DOT) nospam> wrote

Dave is right that machine administrator can always add himself as part of
OLAP Administrators group. So there is no security solution against this.
However, if you trust the machine administrator, and simply want him not to
see accidently the data - you can exclude him from the OLAP Administrators
by applying the following KB article:

http://support.microsoft.com/default...b;en-us;834419

(note that you will need post SP3 hotfix in order to do that)

--
==================================================
Mosha Pasumansky - http://www.mosha.com/msolap
Yukon information at http://www.mosha.com/msolap/yukon.htm
Development Lead in the Analysis Server team
All you need is love (John Lennon)
Disclaimer : This posting is provided "AS IS" with no warranties, and
confers no rights.
==================================================

"Dave Wickert [MSFT]" <dwickert (AT) online (DOT) microsoft.com> wrote