Good morning, a consultation on the subject permissions. I have several
made cubes and I need that according to the user it can see certain data of
a dimension of the cubes and to their time that can see single some cubes.
It faces by the side of the "Databases Rolls", and the "Cube Rolls", but I
see that these single they work with users NT or 2000, my users access via
IIS, somebody knows as I must handle the security in these cases? Thank you
very much

You may need to build application-level security logic into your IIS
app, unless you can use Kerberos to pass UserID:

http://www.microsoft.com/technet/pro...ntain/anservog.
mspx
...
SSPI=KERBEROS specifies that the Kerberos network authentication
protocol be used. Kerberos enables interoperability with other security
architectures. More importantly to Analysis Services, it supports a more
flexible authentication infrastructure. Kerberos is based on "tickets,"
which greatly reduces the need for repeated authentication on each
network resource. The principal advantage of Kerberos for Analysis
Services is that its ticket-based approach supports multi-hop
architectures: an end user's credentials being passed from the client
machine to a Web server, then forwarded to the Analysis server (a
three-machine configuration).
...
For even more control, you might be able to use application-level
security. For example, suppose you are implementing a 3-tier Web-based
application. Because all data access goes through the middle-tier
application, you have an opportunity to add more extensive business
rules than Analysis Services supports directly. You can choose to allow
only certain kinds of operations within a certain number of days of the
monthly closing date. Or, you can choose to allow only a certain type of
data access if the end user also has credentials in some other security
systems, such as a form-based authentication database, a Lightweight
Directory Access Protocol (LDAP) server, or some other kind of
third-party tool.

Normally this kind of application-level security is available only if
you are writing the application yourself. However, some third-party OLAP
tools also provide their own security system. For example, Panorama's
Software's Novaview (see their web site at
http://www.panoramasoftware.com) has an entire subsystem that adds
additional controls for users that are using its thin-client, Web
application server. This kind of support varies from product to product.
...

- Deepak

Deepak Puri
Microsoft MVP - SQL Server

*** Sent via Developersdex http://www.developersdex.com ***