.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Win Surprise Gifts!!!

Top 5 Contributors of the Month
Gaurav Pal
Post New Web Links

retrive Cube Role Security information

Posted By:      Posted Date: October 15, 2010    Points: 0   Category :Sql Server

how can I retrive cube role security information ( including members, dimension security, etc..) using AMO?

where can I find code examples?




View Complete Post

More Related Resource Links

Authorize It: Use Role-Based Security in Your Middle Tier .NET Apps with Authorization Manager


Authorization Manager in Windows Server 2003 represents a significant improvement in the administration of role-based security, making it more scalable, flexible, and easier to implement. Using Authorization Manager, you can define roles and the tasks those roles can perform. You can nest roles to inherit characteristics from other roles, and you can define application groups. In addition, Authorization Manager lets you use scripts to modify permissions dynamically, and it allows you to wrap your security logic in a security policy that can be stored in Active Directory. Authorization Manager also includes an easy-to-use API for running access checks. The author discusses all of these topics and demonstrates them with a working sample.

Keith Brown

MSDN Magazine November 2003

Security in IIS 6.0: Innovations in Internet Information Services Let You Tightly Guard Secure Data


Security improvements have been a top priority in the evolution of IIS. IIS 6.0, which will be part of Windows .NET Server, has improved security features and a new approach to server configuration. New security-related tools for IIS, including IIS LockDown, make securing your server against attack easier than ever. The author explains how and why you can shut down services with IIS LockDown. He discusses limiting port access with TCP/IP filtering, controlling how files are served with extension mapping, what's new for Secure Sockets Layer, the use of URLScan, and more.

Wayne Berry

MSDN Magazine September 2002

Security: Unify the Role-Based Security Models for Enterprise and Application Domains with .NET


Role-based security allows administrators to assign access permissions to users based on the roles they play rather than on their individual identities. These privileges can be used to control access to objects and methods, and are easier to identify and maintain than user-based security. The .NET Framework provides two role-based security models, which are exposed as two namespaces: System.Enterprise-Services and System.Security.Permissions. Presented here is a comparison of the two options and a discussion of when each is the right choice. The author also demonstrates the process involved in setting up access security and discusses role memberships.

Juval Lowy

MSDN Magazine May 2002

Getting filtered data from Role based SSAS security

Hi everyone,I've got a heap of reports that are based on various SSAS cubes. I have roles defined on these cubes that restrict data via certain dimensions. Question is, will these restrictions filter through to the report...ie, if I have a sales person restricted in the SSAS cube to only see sales against their territory (restricted in the Territory dimension), when they run the report will it filter the result based on their SSAS credentials and only show the data they have access to (even though the SSRS report has no direct filters or parameters applied)?Cheers for any help!!

asp:Menu submenu hover/expansion + HTTPS = Security Information Popup

Hello,I have a an asp:Menu with a datasource and the page is being accessed by https. If I hover over one of the menu items that has a subitem I get this popup.Here is my code,//asp <%@ Page Language="C#" AutoEventWireup="true" CodeFile="Test.aspx.cs" Inherits="UI_Common_Test" %> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head runat="server"> <title></title> </head> <body> <form id="form1" runat="server"> <div> <asp:Menu ID="Menu1" runat="server" DataSourceID="dsSiteMap" Orientation="Vertical" StaticDisplayLevels="2"> <DataBindings> <asp:MenuItemBinding DataMember="SiteMapNode" TextField="Title" /> </DataBindings> </asp:Menu> <asp:SiteMapDataSource ID="dsSiteMap" runat="server" SiteMapProvider="Public" /> </div> </form> </body> </html> //cs using System; using System.Collections.Generic; using System.Linq; using System.Web; using System.Web.UI;

needed information about the roles of access for a cube

we have a cube (regarding insurance), which is accessed by users by an excel sheet? now they want to restrict the grand total view by the users depending on the user id, i.e there are AccountExecutives each AccountExecutive must be allowed to view only commision related to them. How can it be achieved? and where can I get the information related to the roles and the permissions to access dimensions and restricting access to data depending on user id s? (kindly provide as much detail as you can, because I am new to ssas)

Setting Auto-Rules in Cube Security Roles configuration




Our client's requirements for some Charts are simply:

1. Users with no access to specific Business Units (A Dimension with Parent-Child Hierarchy, refereed as BU from now) shall see the total amount (Revenues for example) of All Top Parent BUs but should not be able to drill down on any of the children BUs of the Top Parent BUs they don't have access to.

2. Users with full access to specific BUs shall be able to see the whole value of All Top  Parent BUs and their children BUs as well.



1. User with No Access to  BU 'A' shall see the total Value for this BU A, but cannot drill down to A1,A2,Ax.. which are children of A.

2. User with Full Access to  BU 'A' shall see the total Value for this BU A, and can drill down to A1,A2,Ax..


For disabling access to specific BUs with the ability to see their total values, I did the following in the cube security roles configuration (Consider the latter Example #1):

1. In the Dimension Data Page, I chose the radio box Select all members, And checked the box beside the BU A, unchecked all

Sharepoint 2010 with role-based asp.net security


I have a Sharepoint 2010 (forms authentication) site on windows server 2008 with asp.net role-based security. At the highest level i have document libraries with folders within each as shown below.

> Doc Lib 1

>> Sub folder 1

>> Sub folder 2

> Doc Lib 2

>> Sub folder 1

>> Sub folder 2

Sub folder 1 and sub folder 2 are the same within each document library.

I want to be able to use asp.net roles to restrict users access to the document library. For example, user 1 should only be able to access sub folder 1 within doc lib 1. I'm not sure how i should go about configuring the roles.

I have created role1 for access to doclib1 and role2 for doclib2. In addition i also have roleA for access to subfolder1 and roleB for access to subfolder2. I have assigned the roles the libraries and folders. To user 1, i have assigned : role1 and role A. I expect that user1 should only see doclib1 and within it subfolder1. But that isn't the case.

How do i achieve my desired results?

Cross Dimension Role Security

Hello guys,





The Problem:

As you can see the DimSeller is related to the DimCustomer by a non key attribute called "CNPJ", my question is how can i define role security based on that dimension attribute.

For example:

Im a customer with the cnpj 1234, and when i want to see the seller cnpj i can only see the "rows" that the Customer.CNPJ in the DimSeller is equal to my cnpj. 

My future needs i will associate the cnpj with a claims autentication user so than i can use that on sharepoint. At this page I found something like i need, but there i should repeat the steps for each attribute of the dimension, and that would be very hard.

Anyone have some suggestion wich is the best approach for doing this?

Menu - Role security not working on second level of sitemap


I have role assignments on both the first and second level of my menus within my sitemap file.  The first level works fine, and I only see items assigned to my role.

But roles assignments seem to have no effect on the second level.  It seems like if you have access to the first level, you have access to everything on the second level.

Is this correct?

From my sitemap (either a SalesRep or an Administrator can see everything underneath):

    <siteMapNode title="Administration" roles="SalesRep,Administrator" description="Admin" >

      <siteMapNode title="CompanyMaintenance" roles="SalesRep" url="~/Admin/CompanyManagement.aspx" />

      <siteMapNode title="Initialize Roles" roles="Administrator" url="~/Admin/Roles.aspx"/>


From my config:

    <roleManager enabled="true" defaultProvider="SqlRoleProvider">

Cube Security

I am having issues with cube security. I am trying to apply security to some cube dimensions so that users can only see data relating to their locations only. But this is only working up to the location level. That is a user from location AA only sees AA but when this location attribute is expanded, the users sees all the dealers in all the locations. My intention is to allow users to see all the dealers in their locations only.
I have create active directory groups for each location. The locations are AA, AB, AC, AD and AE. Each location has many dealers.
Here is what has been done:
1. Created cube roles as AA, AB, AC, AD and AE
2. Created active directory groups: USERS-AA, USERS-AB, USERS-AC, USERS-AD and USERS-AE.
For each role(e.g AA role), I did the following:
3. Under Membership, I added active directory group USERS-AA
4. Under Dimension Data, I applied security to 2 diemensions as shown below ( Location and Dealer Group Attribute):
i. Dealer dimension
	* Attribute Hierarchy
		* Location (under advanced – Allowed member set, I added: {[Dealer].[Location].&[AA]}
		* Dealer Attribute
		* Dealer Grouping
ii. Dealer Group
	* attribute Hierarchy
		* Alphabetic group
		* Dealer Group Attribute ( Filter({[Dealer Group].[Dealer Group Attribute].MEMBERS},([Dealer Group].CurrentMember.Properties("LOC AA") = "1")) )
		* LOC AA ( with a 0 or 1 value

Refreshing cube out of role


Hi Experts,

I have created  two roles (users) for a cube in analysis services, while refreshing the cube it should deploy and process independantly from roles. may I know the steps for this

how to add role based security using (ul - li) for menus ?


Hi, All

   How can I implement role based security that would show the admin tab if the user was logged in as a admin by using (ul-li) like the below code as a simple example. I do not want to use the menu control is this possible ?


<li><a href="#">Services</a></li>
<li><a href="#">About us</a></li>
<li><a href="#">Admin</a></li>

Many Thanks


Custom access denied page for role based security


I have implemented role based security in my asp.net 2.0 vb.net application using windows authentication and the windowstokenroleprovider and limiting access to certain pages using the location tag to specific active directory groups.

The issue is that when a user tries to access a page they are not authorized to view it brings up a login prompt and when it does not pass it takes them to the default page that tells them they are not authorized to view the page. I am wondering if there is a way to throw up a custom page that tells them they are not athorized to view the page that I can incorporate into the site itself with the header and so forth? It would be great if this page could come up in lieu of the sign in box popping up as well.


Connection issue SSAS 2008 (role security)


Hello Experts,

After implement role security based on dimension security we get connection issues at the initial log on to our ssas cube.

Our environment is:
Windows Server 2008 SP2, x64
MS SQL Server 2008 Enterprise SP1
VM-Ware Maschine
Processor: AMD Opteron 8381 HE (QuadCode 2,5GHz)
Memory: 8 GB
Relation database: about 18 GB
Multidimensional database: about 8 GB / 39 Dimension / 68 measure groups (some were needed to implement m:n relations)

Security model: 4 fact tables get 4 additional column e.g. Security1 with values “yes” and “no”. A Role1 e.g. is able to see Security1 only “yes” facts. A Role2 e.g. is able to see Security2 only “yes”

Access report server database connection information from custom security extension



Is there any way from my custom security extension that I can get to and unencrypt the database connection information held within the RSReportServer.config file?



Use ActiveDs and ADSSECURITYLib to get directory security information



How can i use ActiveDS and/or ADSSECURITYLib to retrieve directory information such as:

Acess rights for groups

groups names


.. etc

I couldn't find help documentation on the internet about these 2 com libs.

Thank you in advance,

ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend