Roles Best Practices

The recommended best practices for Roles and Data access are:

  • Delete the default Full Access
  • Create specific roles, e.g. Sales Denmark, Sales Germany and add relevant users and groups of users to these groups.
  • In each role set the Databases permission to Allow and set the Default Child Permission to None. This will ensure that users may access Connections, but by default will not gain access to any new
  • In each role set each Connection permission to Allow or None and set the Default Child Permission to None. This will ensure that users may/may not access Cubes, but by default will not gain access to any new
  • In each role set the Cubes permission to Allow or None and set the Default Child Permission to Inherit. This will ensure that users may/may not access Dimensions and Measures in that cube and by default will inherit the cube’s permission when trying to access any new Dimensions and Measures.
  • Avoid as far as possible use of the Deny in all roles setting!
Was this article helpful?
0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.