Does anyone have any recommendations on tieing the Microsoft AS security model in with an independent security model. We are at the beginning process to discuss this with a very large international partner and are looking for recommendations form anyone who has done this before.
Thanks in advance
I'm not sure I understand the question...
What do you mean by "an independent security model"? Are you specifically referencing a model (i.e. concepts with no particular technology in mind) or a specific implementation of a given technology to match your security requirements?
Either way, it is very hard to recommend how AS might tie into an unknown model and/or technology. Essentially Analysis Services makes use of Windows integrated authentication (i.e. no username/password pairs) applied to AS roles where AS roles are given permissions to view cubes, dimensions, members or even cells though that latter level can be quite slow to query as you can imagine.
Basically a client that is in the CRM industry wants to integrate their security model into AS somehow so seeing if anyone has managed to do this. The client is a fairly well known software copany. Often software companies want to tie users into their security model so as to keep them dependent. The only possible way, but I would need to investigate is a possible assembly to do this but would still need to map somehow into Windows.
Analysis Services uses Microsoft Windows Authentication to authenticate user access. And so the security is strongly compared to windows security.
You can find many articles and white papers in the internet about this specific topic.
The only possible way, but I would need to investigate is a possible assembly to do this but would still need to map somehow into Windows.
Do you mean you want to use the accounts/roles of your client to access SSAS? If so, yes you may need to map the account into Windows account. One possible workaround is configuring HTTP access, and then choose basic authentication.You can create an application to map the account with several windows accounts and then pass the windows account to the SSAS via IIS. More information, you can refer to:
Hope this helps,Raymond
Raymond Li - MSFT