Databases Reference
In-Depth Information
Server Administrator Security
After Analysis Server establishes a user's identity (authenticates the user), it determines the
permissions to grant the user. All users of Analysis Services can be divided into three
logical categories: server administrators, database administrators, and regular users.
Server administrators
are responsible for managing the server; creating and deleting data-
bases; and designing, developing, and maintaining security policies. Server administrators
need access to all Analysis Services objects, and they can perform any operation in
Analysis Services.
Only server administrators can do the following:
.
Create databases
.
Change server properties
.
Query Dynamic Memory Views (DMVs)
.
Cancel users' sessions and connections
.
Register stored procedures
For granting a user administrative rights, Analysis Services architecture defines a single
dedicated serverwide role:
Administrators
. Any user who is a member of the
Administrators
role is considered an Analysis Services administrator. Listing 35.2 contains
the DDL to use to define membership in the
Administrators
role.
LISTING 35.2
DDL to Add Users to the
Administrators
Role
<Alter AllowCreate=”true” ObjectExpansion=”ObjectProperties”
➥
xmlns=”http://schemas.microsoft.com/analysisservices/2003/engine”>
<Object>
<RoleID>Administrators</RoleID>
</Object>
<ObjectDefinition>
<Role xmlns:xsd=http://www.w3.org/2001/XMLSchema
xmlns:xsi=”http://www.w3.org/2001/XMLSchema-instance”>
<ID>Administrators</ID>
<Name>Administrators</Name>
<Members>
<Member>
<Name>MyAccount</Name>
</Member>
</Members>
</Role>
</ObjectDefinition>
</Alter>
➥
Search WWH ::
Custom Search