Restricting users from data
You can restrict certain users from seeing data that they do not have a need to know. To do this, you need to use the Analysis Services Analysis Manager or SQL Server Management Studio. You can create and populate a new group and use Restricted Dimensions to customize the Unit dimension so that the new group sees only the unit that it needs to see.
Typically security is set on the organization unit. Strategy Management fully supports security on the organization unit using the security features in Analysis Services' Analysis Manager. Strategy Management was designed for the contents of the unit dimension to be the primary source for restricting users form seeing data. There are limitations on using other dimensions such as Scenario and Plan Object for security.
For several dimensions, there are dimension members that cannot be restricted. For example, if you need to have a scenario that is restricted, you must not use Expected (ID = 0) for that scenario. You need to add another scenario member for that purpose. All users must have access to the following members:
- Accumulation Method: Current (ID = 1)
- Scenario: Expected (ID = 0)
- Period: Global Driver (ID=-2)
- Plan Object: Strategy Management Plan (ID=0)
Using the Plan Object dimension to restrict user access is limiting. Contact customer support for further information.
If you make any changes to dimension security, you must process the cube before the changes can be seen.