Hi, It's easy to implement it creating three diferent database roles.

Best regards,

Roberto.

"Soo Kah Kiong" <sookk (AT) tm (DOT) net.my> wrote

Hi there,

I know that you can make use of the roles .. however ... like I mentioned
before when I have setup the roles and set the users from active directory,
they users can still see the full set of cubes.


"Roberto Souza" <robertossantos (AT) hotmail (DOT) com> wrote

Please check the following:

1. Membership of the OLAP Administrators NT Group
2. Membership of the Administrators NT Group
3. Permissions on the HKLM\Software\Microsoft\OLAP Server\SECURITY key (or
simply upgrade to SP3)

--
==================================================
Mosha Pasumansky - www.mosha.com/msolap
Development Lead in the Analysis Server team
All you need is love (John Lennon)
Disclaimer : This posting is provided "AS IS" with no warranties, and
confers no rights.
==================================================
"Soo Kah Kiong" <sookk (AT) tm (DOT) net.my> wrote

Hi there,


Analysis Server has a database known as TTPC
TTPC
- Cubes
+ Transactions GET
+ Transactions TTPC

GET and TTPC are two seperate departments in the company who wishes to
view their analysis cube. However, the restriction is TTPC can view both
TTPC and GET cube. However, GET is only allowed to view GET cube.

Here's what I did:

1. Create all users in the Active Directory. (All users are not OLAP
Administrator group)

2. Go to the TTPC Database Roles. Added two lines ... one for GET and
the other TTPC. Set the GET to view only Transactions GET cube. Added
SOOKK username to the Membership at the Database Roles. Enforce on
CLIENT.

3. Using a CLIENT machine on Windows XP Professional logging in as
SOOKK. I open the Analysis Manager and yet I still can view both TTPC
and GET cubes.

That's the situation.


*** Sent via Developersdex http://www.developersdex.com ***
Don't just participate in USENET...get rewarded for it!

OK, can you answer all 3 of my previous questions in this context:

1. Is user SOOKK member of OLAP Administrators group ?
2. Is user SOOKK member of Administrators group ?
3. What are permissions on the HKLM\Software\Microsoft\OLAP Server\SECURITY
registry key ?

--
==================================================
Mosha Pasumansky - www.mosha.com/msolap
Development Lead in the Analysis Server team
All you need is love (John Lennon)
Disclaimer : This posting is provided "AS IS" with no warranties, and
confers no rights.
==================================================
"Soo Kah Kiong" <sookk (AT) tm (DOT) net.my> wrote

Good day,

To answer your questions:

1. Is user SOOKK member of OLAP Administrators group ?

Nope

2. Is user SOOKK member of Administrators group ?

Nope

3. What are permissions on the HKLM\Software\Microsoft\OLAP
Server\SECURITY
registry key ?

I can't find the SECURITY in the registry ... unless you're refering to
the one in CURRENTVERSION .... if that's the one .. then there is
nothing set under SECURITY .. just the (Default) REG_SZ (value not set)



Thank you.

*** Sent via Developersdex http://www.developersdex.com ***
Don't just participate in USENET...get rewarded for it!

Yes, sorry, I meant the one under CurrentVersion. You need to open it with
regedt32.exe on W2K or with regedit.exe on WinXP, and then look at the
_permissions_ on that key, not at the content. Only OLAP Administrators &
Administrators should be there. Pay special attention to "Inherit from
parent" checkbox. It _has_ to be unchecked. If it is checked - uncheck
yourself, restart everything ans retry.

--
==================================================
Mosha Pasumansky - www.mosha.com/msolap
Development Lead in the Analysis Server team
All you need is love (John Lennon)
Disclaimer : This posting is provided "AS IS" with no warranties, and
confers no rights.
==================================================