Roles are used to control end users' access to cube data or data mining models while they are connected to the Analysis server with client applications. Each role definition includes a list of Microsoft® Windows NT® 4.0 or Microsoft Windows® 2000 user accounts and groups and specifies the types and scope of access they are allowed.
Microsoft SQL Server™ 2000 Analysis Services includes three types of roles:
- Database roles
Defined at the Analysis Services database level, a database role can be assigned to multiple cubes in the database, thereby granting the role's users access to these cubes. Such an assignment creates a cube role with the same name as the database role. A database role provides defaults for cube roles of the same name. For more information, see Database Roles.
- Cube roles
Created at the cube level when a database role is assigned to a cube, a cube role applies to only that cube. Defaults in a cube role are derived from the database role of the same name, but some of these defaults can be overridden in the cube role. A cube role contains additional options such as cell security that are not contained in a database role. For more information, see Cube Roles.
You can exercise great flexibility in granting both read and read/write access to portions of cubes. You can specify which dimension members and cube cells a role can view and update. For more information, see Dimension Security and Cell Security.
- Mining model roles
Similar to cube roles, mining model roles are created at the mining model level when a database role is assigned to a mining model; a mining model role applies to only that model. Defaults in a mining model role are derived from the database role of the same name, but role membership can be overridden in the mining model role. For more information, see Mining Model Roles.