Summary
In this chapter we have learned that:
The only form of authentication supported by Analysis Services is Windows authentication. If access need to be granted from outside the domain the Analysis Services server belongs to, then it is possible to configure HTTP access to Analysis Services via IIS.
Analysis Services security is based on roles. Only Windows users and groups can be members of roles.
If a user belongs to multiple roles, they will have all of the permissions granted to them by every role they are a member of; there is no concept of "deny wins over grant".
We can use cell security to secure individual cell values within the cube. Cell security can cause poor query performance and should only be used if there is no other option.
Dimension security lets us allow or deny access to members on a hierarchy. Using the Enable Visual Totals option then controls whether values at higher granularities are calculated based on all of the members on the hierarchy or just the members that the...
