http://www.sqlmag.com/authors/author/author/5535096/rsscomment/5535096en-USFri, 25 May 2012 11:11:45 GMTFri, 25 May 2012 11:11:45 GMThttp://www.sqlmag.com/article/sql-server-analysis-services/protect-udm-with-dimension-data-security-part-2#commentsAnchorThu, 24 Mar 2011 16:26:26 GMT
Here are this and some other articles on Analysis Services Dimension Security:
http://ssas-wiki.com/w/Articles#Dimension_Security]]>Sam KaneThu, 24 Mar 2011 16:26:26 GMThttp://www.sqlmag.com/article/sql-server-analysis-services/protect-udm-with-dimension-data-security-part-2#commentsAnchorhttp://www.sqlmag.com/article/sql-server-analysis-services/protect-udm-with-dimension-data-security#commentsAnchorThu, 24 Mar 2011 16:26:01 GMT
Here are this and some other articles on Analysis Services Dimension Security:

http://ssas-wiki.com/w/Articles#Dimension_Security

]]>Sam KaneThu, 24 Mar 2011 16:26:01 GMThttp://www.sqlmag.com/article/sql-server-analysis-services/protect-udm-with-dimension-data-security#commentsAnchorhttp://www.sqlmag.com/article/sql-server-analysis-services/protect-udm-with-dimension-data-security-part-2#commentsAnchorFri, 16 Oct 2009 00:06:47 GMT
Hello All, I got the resolution for my problem. I was trying to implement custom security on database dimension instead of cube dimension. So, when I tried the same thing on cube dimensions, it worked perfectly. Thanks for this great article.]]>SonalFri, 16 Oct 2009 00:06:47 GMThttp://www.sqlmag.com/article/sql-server-analysis-services/protect-udm-with-dimension-data-security-part-2#commentsAnchorhttp://www.sqlmag.com/article/sql-server-analysis-services/protect-udm-with-dimension-data-security-part-2#commentsAnchorThu, 15 Oct 2009 09:09:27 GMT
I am encountering the following error after following your suggested approach: Check MDX script syntax failed because of the following error: ---------------------------------- An error occurred in the MDX script for the dimension attribute permission’s allowed member set: The dimension ’[Dim Employee]’ was not found in the cube when the string, [Dim Employee].[LoginID].[CORP\Name], was parsed. Can you please help me with this?]]>SonalThu, 15 Oct 2009 09:09:27 GMThttp://www.sqlmag.com/article/sql-server-analysis-services/protect-udm-with-dimension-data-security-part-2#commentsAnchorhttp://www.sqlmag.com/article/sql-server-analysis-services/protect-udm-with-dimension-data-security-part-2#commentsAnchorTue, 01 Sep 2009 09:36:57 GMT
Hi, I have tried to implement factless table security method. When I check if the role works in SQL server management studio it works fine, but if I access the cube with excel of some other client then it does not work. Regards, B]]>thorarinnTue, 01 Sep 2009 09:36:57 GMThttp://www.sqlmag.com/article/sql-server-analysis-services/protect-udm-with-dimension-data-security-part-2#commentsAnchorhttp://www.sqlmag.com/article/sql-server-analysis-services/protect-udm-with-dimension-data-security-part-2#commentsAnchorMon, 07 Jul 2008 09:10:17 GMT
ledoux, I belive this is the standard p-c behavior. Otherwise, you won’t be able to get to the children if the parents are disallowed. Try securing another attribute in the p-c dimension instead of the Parent attribute to see if you can get the desired behaviour. Does it work with user-defined hierarchies? Yes, it would because the cube space is defined by attribute hierarchies. So, if I secure the Product attribute, users will be able to see only the secured products when slicing by Category->Subcategory->Product. HTH]]>tlachev@hotmail.com Mon, 07 Jul 2008 09:10:17 GMThttp://www.sqlmag.com/article/sql-server-analysis-services/protect-udm-with-dimension-data-security-part-2#commentsAnchorhttp://www.sqlmag.com/article/sql-server-analysis-services/protect-udm-with-dimension-data-security-part-2#commentsAnchorWed, 02 Jul 2008 11:28:43 GMT
We tested the factless table option described in this _very_ interesting article. The only thing we changed was using a parent-child dimension in the EXISTS clause. Basically we are using a p-c dimension describing our organization to allow one user to see only what refers to his hierarchical position (e.g. one department manager would be allowed to browse every level below his position) Problem is : when applied to a p-c dimension, EXISTS returns not only the levels explicitly mentions, but also every level _above_ And thus every user is allowed to see every hierarchical position on the org tree. Is there any way to implement this factless table security model with p-c dims ? By the way, does the model also works on non p-c hierarchies with more than one level ? Thanks for any clue. Eric]]>ledoux Wed, 02 Jul 2008 11:28:43 GMThttp://www.sqlmag.com/article/sql-server-analysis-services/protect-udm-with-dimension-data-security-part-2#commentsAnchorhttp://www.sqlmag.com/article/sql-server-analysis-services/protect-udm-with-dimension-data-security-part-2#commentsAnchorMon, 02 Jun 2008 06:29:21 GMT
Hello, I try to implement your solution on my side, but when I add the condition for a Dimension in role, I have the following error message when I check the Formula (sorry for the translation, but it’s in french) : Error in the MDX script. The Function [Extensibility].[GetSecurityFilter] does not exist. (Extensibility.GetSecurityFilter(Username), I keep the same name for the tests) or The Dimension [D_User] is not find in the cube when the string [D_User].[Nom_Utilisateur].[Username] has been analyse. (for the formula : Exists([D Organisation].[Code Interne].MEMBERS, STRTOSET("[D_User].[Nom_Utilisateur].["+Username+"]"), "Fact User Org")) I don’t understand why this error ? Is it come from the SQLS Version I have ? Can anybody help me? Thanks in advance]]>RaphaelMon, 02 Jun 2008 06:29:21 GMThttp://www.sqlmag.com/article/sql-server-analysis-services/protect-udm-with-dimension-data-security-part-2#commentsAnchorhttp://www.sqlmag.com/article/sql-server-analysis-services/protect-udm-with-dimension-data-security-part-2#commentsAnchorWed, 09 Apr 2008 11:05:22 GMT
It looks like a simple typo. Try Exists instead of Exist.]]>carleb21 Wed, 09 Apr 2008 11:05:22 GMThttp://www.sqlmag.com/article/sql-server-analysis-services/protect-udm-with-dimension-data-security-part-2#commentsAnchorhttp://www.sqlmag.com/article/sql-server-analysis-services/protect-udm-with-dimension-data-security-part-2#commentsAnchorWed, 02 Apr 2008 07:19:21 GMT
Hi, i’ve tried to use the factless fact table as a security method. I made a factless fact table that holds the keys for 2 dimensions, Invoice Office and User. This factless tables filters the Users that are authorized to view data according to the offices that they are allowd to see. Figure 4 show the MDX expression that is used to accomplish this filter strategy. When i insert my MDX expression (almost the same as the one in the example) the syntax is correct but i get an error using the OLAP cube telling me that the EXIST function does not exist while trying to use the security role. This is expression i am using: Exist([Invoice Office].[Invoice Office Name].MEMBERS, StrToMember("[User].[User_Name]. & [’ + Username + ’]"), ’SDM Fact User Office Sec’) I am new to MDX and just can’t figure out what i am doing wrong. Can anybody help me?]]>KevinWed, 02 Apr 2008 07:19:21 GMThttp://www.sqlmag.com/article/sql-server-analysis-services/protect-udm-with-dimension-data-security-part-2#commentsAnchor