Hi
I thought I had this dynamic security worked out but I guess not.
this is on AS 2000.
I have a Fact table - one of the columns is a companyid, this is joined to the company dimension.
For security I have another table "empcompany" which lists all the users (ntusername) and the company codes they can access. I created a member property against the company code and used MDX similar to this:
filter([Companycode].[Companycode].members,([Companycode].CurrentMember.Properties("ntusername") = username))
The problem is that when I join the "empcompany" table to either the fact or to the company dimension instead of getting 1000 rows I get 80000+ rows and my numbers are wrong. Most of the users have access to more than 1 company.
Any one have any ideas?
Thanks
Steve
Hi Steve,
My suggestion would be to try the "Security Fact Table" approach with the "empcompany" table, as discussed in slides 18-32 of this webcast deck (you're using the "Member Property" approach above). In the 2nd approach, you don't need to join "empcompany" to the fact table - rather, it becomes the fact table for a "Permissions" cube, which is combined in a virtual cube:
http://support.microsoft.com/kb/828343/
>>
Support WebCast: Dynamic Dimension Security in Microsoft SQL Server 2000 Analysis Services
...
Dynamic Security
The Three Basic Approaches
Member property approach
Permission data (e.g. UserName) is stored at the desired dimension level
Security fact table approach
A permissions cube is combined with original source cube using a virtual cube
Filter members at the leaf level
Filter members at the non-leaf level
User-defined function callout
Call a user-defined function to reference an outside source (e.g. external RDBMS)
No comments:
Post a Comment