Security in BEx Level

Similar Messages

• IGS: Vulnerability "security hole in level 3"

  Hi!
  We are using SAP ERP 6.0 system with an ingetrated IGS 7.0
  We already changed IGS according to sap note 896400 to the version 7.00 (Patch 15)
  When we run scan on demand we get the following information: 
  A security hole in level 3 was found at server ServerX.
  Vulnerability-Level [highest]: 3
  Vulnerability-Level [highest counted]: 0
  Vulnerability Details
  Date: Sun 10 May 2009  1:26:13 MET
  Vuln: 300803
  Vulnerability: SAPXPG Remote OS Command Execution at sysnr 3
  ToDo: Set up a project to implement access restriction rules to RFC programs
  with the 'secinfo' and 'reginfo' (only available in SAP Netweaver) mechanism
  CertRef: M906071, SAP 30/08
  Tool Reference: proprietary CERT and IPINS scanner
  Comment:
  Counted in: 2009-07
  Monitor:
  Date: Sun 10 May 2009  1:26:17 MET
  Vuln#: 100806
  Vulnerability: External Server Registration is possible at sysnr 3
  ToDo: Secure remote registration of RFC programs (only possible in SAP Basis
  7.00 and later)
  CertRef: M906071
  Tool Reference: proprietary CERT and IPINS scanner
  Comment:
  Counted in: 2009-07
  Monitor:
  Date: Sun 10 May 2009  1:26:17 MET
  Vuln#: 101802
  Vulnerability: IGS HTTP Administration is enabled and this version has
  reported vulnerabilities at sysnr 3
  ToDo: Upgrade to a higher patch level, i.e., for BC-FES-IGS 6.40 Patch Level
  17 or higher and for  BC-FES-IGS 7.00 Patch Level 07 or higher
  CertRef: SAP 34/09
  Tool Reference: proprietary CERT and IPINS scanner
  Comment:
  Counted in: 2009-07
  Monitor:
  End of Vulnerability Details
  Question:
  What we have to do to avoid s security holein level 3?
  Thank you very much!
  regards

  Do you solved tye probllem below. ???  Can you help me.
  I have the same problem.
  What the format of secinfo, reginfo and what value to to profile gw/reg_no_conn_info ??
  Thanks,
  Vulnerability Details
  Date: Sun 10 May 2009 1:26:13 MET
  Vuln: 300803
  Vulnerability: SAPXPG Remote OS Command Execution at sysnr 3
  ToDo: Set up a project to implement access restriction rules to RFC programs
  with the 'secinfo' and 'reginfo' (only available in SAP Netweaver) mechanism
  CertRef: M906071, SAP 30/08
  Tool Reference: proprietary CERT and IPINS scanner
  Comment:
  Counted in: 2009-07
  Monitor:

• IGS: Vulnerability (security hole in level 3 was found)

  Hi!
  We are using SAP ERP 6.0 system with an ingetrated IGS 7.0
  We already changed IGS according to sap note 896400 to the version 7.00 (Patch 15)
  When we run scan on demand we get the following information: 
  A security hole in level 3 was found at server ServerX.
  Vulnerability-Level [highest]: 3
  Vulnerability-Level [highest counted]: 0
  Vulnerability Details
  Date: Sun 10 May 2009  1:26:13 MET
  Vuln: 300803
  Vulnerability: SAPXPG Remote OS Command Execution at sysnr 3
  ToDo: Set up a project to implement access restriction rules to RFC programs
  with the 'secinfo' and 'reginfo' (only available in SAP Netweaver) mechanism
  CertRef: M906071, SAP 30/08
  Tool Reference: proprietary CERT and IPINS scanner
  Comment:
  Counted in: 2009-07
  Monitor:
  Date: Sun 10 May 2009  1:26:17 MET
  Vuln#: 100806
  Vulnerability: External Server Registration is possible at sysnr 3
  ToDo: Secure remote registration of RFC programs (only possible in SAP Basis
  7.00 and later)
  CertRef: M906071
  Tool Reference: proprietary CERT and IPINS scanner
  Comment:
  Counted in: 2009-07
  Monitor:
  Date: Sun 10 May 2009  1:26:17 MET
  Vuln#: 101802
  Vulnerability: IGS HTTP Administration is enabled and this version has
  reported vulnerabilities at sysnr 3
  ToDo: Upgrade to a higher patch level, i.e., for BC-FES-IGS 6.40 Patch Level
  17 or higher and for  BC-FES-IGS 7.00 Patch Level 07 or higher
  CertRef: SAP 34/09
  Tool Reference: proprietary CERT and IPINS scanner
  Comment:
  Counted in: 2009-07
  Monitor:
  End of Vulnerability Details
  Question:
  What we have to do to avoid s security holein level 3?
  Thank you very much!
  regards

  Do you solved tye probllem below. ???  Can you help me.
  I have the same problem.
  What the format of secinfo, reginfo and what value to to profile gw/reg_no_conn_info ??
  Thanks,
  Vulnerability Details
  Date: Sun 10 May 2009 1:26:13 MET
  Vuln: 300803
  Vulnerability: SAPXPG Remote OS Command Execution at sysnr 3
  ToDo: Set up a project to implement access restriction rules to RFC programs
  with the 'secinfo' and 'reginfo' (only available in SAP Netweaver) mechanism
  CertRef: M906071, SAP 30/08
  Tool Reference: proprietary CERT and IPINS scanner
  Comment:
  Counted in: 2009-07
  Monitor:

• Reg: Turkish characters issue on BW 3.10 Bex level and RSRT

  Hi,
  We are facing the same problem with the turkish characters, Our system is BW 3.10 (3.30 Cont) and ECC 6.0. The turkish characters are displaying correctly at the table level, but not at the RSRT or the Bex level.
  The turkish characters are displaying correctly at the table, RSRT and Bex level if we load the same record from the Non-unicode Prod system to the Non-unicode BW Dev system, but if we load from the unicode QA system the same record is not displaying correctly.
  Has anybody got a solution for this issue
  thanks
  Kalyan

  Hi,
  Yes, we installed transport request, which came with Integration Kit in our BW System.
  We are also facing another issue,
  ISSUE 2:
  We have another publication with oracle DataSource , where we need to publish report(personalized) for 200 users.
  Even we configured dedicated  processing server for that publication and setting maximum no of connection to 250, it is throwing error like maximum no of concurrent connection reached.
  Previously it was working with just 50 connections.
  Now we are running this report by setting max no of connection to 500, and doing service restart after each publication.
  Otherwise next publication will throw same error again.
  Guide me on this also.
  Regards
  Baby

• Data-level security in user level

  Hi All,
  In our OBIEE we have created several application roles and assign them to the users. We set data-level security for each application role, and the filter does apply to all related users. But we want to do more specific data-level security for each user, which we did by clicking on user name in Manage Identity, and set permission with additional data filter. But this does not work.
  Let's say we have Application Role1 with access to region='Asia', but then we want to set User1 to access only subregion='North Asia' and User2 to access only subregion='South East Asia', where User1 and User2 belongs to Application Role1.
  Is this possible to work in OBIEE 11g?
  Thanks.

  Hi,
  Yes it is possible,
  Please refer the below link.
  http://satyaobieesolutions.blogspot.in/2012/06/obiee-11g-security-week-row-level.html -- stey by step is there.
  Hope this help's
  Thanks
  Satya

• How to assign possible agents at security role / CAG level?

  Hi Experts, How to assign possible agents at security role / CAG level?

  Yes, that's exactly what I'm talking about. In your task maintenance, goto additional data -> agent assignment -> Maintain
  Click on th task, click on the assign button. Choose object type 'Role', enter role.
  Cheers,
  Mike

• Can we only year value from "0FISCPER" (Fiscal Year/Period) at BEx level

  Hi all,
  I have two time characteristics "0FISCYEAR" (Fiscal Year) and "0FISCPER" (Fiscal Year/Period). In DSO initially "0FISCPER" was there and later request came to add "0FISCYEAR". Now data in char. "0FISCPER" is since beginning (from 2000) and for char. "0FISCYEAR" is since 2010.
  User's requirement is to create a report which will display data Year wise.
  My issue is if i am using "0FISCYEAR" then user is not able to see year instead it shows #. I dont want to do data reloading as this is GL data and hold huge no. of records in it.
  So my concern is : Is there any way to use only year value from "0FISCPER" (Fiscal Year/Period) at BEx level? Is there any setting which I can apply and get the same value of Year as I can see from "0FISCYEAR". Please assist me on this.
  Thanks,
  Arvind

  Hi Arvind,
  Your requirement can be realised through virtual characteristics.
  http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/b04be008-86cc-2c10-4bad-e517ea3f4c80?QuickLink=index&…
  however, I would still suggest to reload the data. you will only need to reload years before 2010 and you can do this in phases.
  Hope this helps.
  -Swati.

• How could be calculate only result  for cummulative value in bex level?

  Hi Expert,
  I have to requirement on bex level only result calculation
  scenario below like that
  Company code         % X
  100                      10
  200                      13
  300                      15
  Result           = only cummulative   (not sum eg 38)
  So how could be achieve  only this result value ??
  Pls advice
  Regards
  Waseem

  Hi Suman,
  Thanks for reply
  I had already applied its came only sum values
  But i have to need only Result values . I am giving one more scenario like that
  Comapny code         M               J                     L             D %
  100                        70              30                     10             = 10/(70+30)*100 = 10
  200                        80              20                     13           = 10/(80+20)*100 = 10
  300                        150             50                    30            = 30/(150+50)*100 = 25
  Result                                                                          =    L/(M+J)*M = 53/400*300 = 39.75
  I hided the values M , J and L , need only result value above scenario so could be achive
  pls reply
  Regards
  Waseem

• RFQ insufficient security or privacy level

  Hello
  I get the follwing error when adding a online RFQ to the system:
  I am also not able to send out a Test e-mail?
  Any Ideas?
  <?xml version="1.0" encoding="utf-8" ?>
  - <Msg xmlns="urn:com.sap.b1i.vplatform:entity" xmlns:b1il="urn:com.sap.b1i.sim:b1ilog" xmlns:b1im="urn:com.sap.b1i.sim:b1imessage" xmlns:bfa="urn:com.sap.b1i.bizprocessor:bizatoms" xmlns:jdbc="urn:com.sap.b1i.adapter:jdbcadapter" xmlns:sim="urn:com.sap.b1i.sim:entity" xmlns:vpf="urn:com.sap.b1i.vplatform:entity" branch="3" MessageId="14051208440847750512C0A8B2220185" BeginTimeStamp="20140512084408" recording="false" logmsg="0012" SubMessageId="2" status="success" vBIU.errhdlg="" exceptionmsg="com.sap.b1i.xcellerator.XcelleratorException: XCE001 Nested exception: java.lang.RuntimeException: com.sun.mail.smtp.SMTPSendFailedException: 550-Requested action not taken: mailbox unavailable 550 Insufficient security or privacy level. ; nested exception is: com.sun.mail.smtp.SMTPSenderFailedException: 550-Requested action not taken: mailbox unavailable 550 Insufficient security or privacy level." msglogexcl="false" handover2CentralSrv="" MessageLog="true"> 
  - <Header> 
  <msglog step="Default message log" always="false" b1ifactive="true" />  
  <EA vBIU="sap.sl.purchquote.req" vPac="sap.B1RFQ" snd="0010000102" rcv="0010000000" out="" dir="/com.sap.b1i.vplatform.directory/ErrorActions/ErrorActions.xml" />  
  <Hard-Reset xmlns="" originalState="INCOMMIT" finalState="COMPLETED" />  
  - <ErrorHandler phase="2" async="Default error handling" sync="Default error handling" outbound="Default error handling" errorinbox="true"> 
  - <delqueue status="false" qok="false"> 
  <queue>Q.PRC_B1.0010000102</queue>  
  <stream>S.sap.sl.purchquote.req</stream>  
  </delqueue>
  - <callvBIU status="false"> 
  <queue>Q.INB_IQ_INTQ_ASYN_QS.0010000000</queue>  
  <stream>Default error handling</stream>  
  </callvBIU>
  </ErrorHandler>
  - <Resumption> 
  <starter ipo="/vP.0010000102.in_BEAE/com.sap.b1i.vplatform.runtime/INB_B1_EVNT_ASYN_EVT/INB_B1_EVNT_ASYN_EVT.ipo/proc" />  
  <restart id="processing" q="Q.PRC_B1.0010000102" s="S.sap.sl.purchquote.req" u="14051208440847750512C0A8B2220185.2" />  
  </Resumption>
  <ProcStream>S.sap.sl.purchquote.req</ProcStream>  
  <IPO Id="INB_B1_EVNT_ASYN_EVT" tid="14051208113447750501C0A8B2223D60" />  
  <Sender Id="0010000102" ObjId="540000006" />  
  <vBIU Id="sap.sl.purchquote.req" SId="sap.B1RFQ" filter="" sndfilter="" phase="" />  
  <Successor Id="" Mode="" />  
  <Identification Ident="B1 Event" IdPar="n.a." />  
  <nsList />  
  </Header>
  - <Body> 
  - <Payload Role="T" Type="B1Event" add=""> 
  - <Event xmlns="" B1EventFilter="false"> 
  - <b1e:b1events xmlns:b1e="urn:com.sap.b1i.sim:b1event"> 
  - <b1e:b1event> 
  <b1e:eventsource>SAP_DEMO_OGD_2NKS</b1e:eventsource>  
  <b1e:objecttype>540000006</b1e:objecttype>  
  <b1e:transactiontype>A</b1e:transactiontype>  
  <b1e:usercode>manager</b1e:usercode>  
  <b1e:userid>manager</b1e:userid>  
  - <b1e:keys count="1"> 
  - <b1e:key> 
  <b1e:name>DocEntry</b1e:name>  
  <b1e:value>11</b1e:value>  
  </b1e:key>
  </b1e:keys>
  <b1e:sourcesite>INITMOBILE77</b1e:sourcesite>  
  <b1e:sourceport>1433</b1e:sourceport>  
  <b1e:sourcetype>0</b1e:sourcetype>  
  <b1e:sld value="INITMOBILE77!!SAP_DEMO_OGD_2NKS" valueport="INITMOBILE77:1433!!SAP_DEMO_OGD_2NKS" />  
  </b1e:b1event>
  </b1e:b1events>
  - <b1ie:B1IEvent xmlns:b1ie="urn:com.sap.b1i.sim:b1ievent" SysId="0010000102" SysTypeId="B1.9.0" Task="I" LocalObjectType="540000006"> 
  - <b1ie:PrimaryKeyList> 
  <b1ie:PrimaryKey Key="DocEntry" Value="11" />  
  </b1ie:PrimaryKeyList>
  </b1ie:B1IEvent>
  </Event>
  </Payload>
  <Payload Role="S" />  
  - <Payload id="ErrorInfos" iterationCount="0" reactivations="-1" tState="INCOMMIT"> 
  <ipo uri="/vP.0010000102.prc_B1/com.sap.b1i.vplatform.runtime/PRC_B1/PRC_B1.ipo/proc" tid="14051208113447750567C0A8B2223756" tStamp="20140512084412" duration="-1" initiator="[HTTP]2044639498/B1iadmin" />  
  <bfd uri="/com.sap.b1i.vplatform.runtime/PRC_B1/PRC_B1.bfd" />  
  - <exception xmlns="urn:com.sap.b1i.xcellerator:spltdoc" type="hard" userdef="false"> 
  <message>com.sap.b1i.xcellerator.XcelleratorException: XCE001 Nested exception: java.lang.RuntimeException: com.sun.mail.smtp.SMTPSendFailedException: 550-Requested action not taken: mailbox unavailable 550 Insufficient security or privacy level. ; nested exception is: com.sun.mail.smtp.SMTPSenderFailedException: 550-Requested action not taken: mailbox unavailable 550 Insufficient security or privacy level.</message>  
  <usermsg />  
  <innermsg>550-Requested action not taken: mailbox unavailable 550 Insufficient security or privacy level.</innermsg>  
  </exception>
  - <calls> 
  - <call id="B1Call_Proc"> 
  - <Envelope xmlns="urn:com.sap.b1i.xcellerator:spltdoc"> 
  - <Header> 
  <Action throwException="true" autoCommit="false">get</Action>  
  </Header>
  - <Body> 
  - <BOM> 
  - <BO> 
  - <AdmInfo> 
  <Object>540000006</Object>  
  <Version>2</Version>  
  </AdmInfo>
  - <QueryParams> 
  <DocEntry>11</DocEntry>  
  </QueryParams>
  </BO>
  </BOM>
  </Body>
  </Envelope>
  </call>
  - <call id="B1Call"> 
  - <SimpleCall xmlns="urn:com.sap.b1i.xcellerator:spltdoc" throwException="false" autoCommit="false"> 
  <Class>CompanyService</Class>  
  <Function>GetAdminInfo</Function>  
  <Parameters />  
  </SimpleCall>
  </call>
  - <call id="B1Call"> 
  - <Envelope xmlns="urn:com.sap.b1i.xcellerator:spltdoc"> 
  - <Header> 
  <Action throwException="false" autoCommit="false">getList</Action>  
  </Header>
  - <Body> 
  - <BOM> 
  - <BO> 
  - <AdmInfo> 
  <Object>2</Object>  
  <Version>2</Version>  
  </AdmInfo>
  - <QueryParams> 
  <CardCode>70000</CardCode>  
  </QueryParams>
  </BO>
  </BOM>
  </Body>
  </Envelope>
  </call>
  - <call id="B1Call"> 
  - <Envelope xmlns="urn:com.sap.b1i.xcellerator:spltdoc"> 
  - <Header> 
  <Action throwException="false" autoCommit="false">getList</Action>  
  </Header>
  - <Body> 
  - <BOM> 
  - <BO> 
  - <AdmInfo> 
  <Object>11</Object>  
  <Version>2</Version>  
  </AdmInfo>
  - <QueryParams> 
  <CardCode>70000</CardCode>  
  </QueryParams>
  </BO>
  </BOM>
  </Body>
  </Envelope>
  </call>
  - <call id="B1Call"> 
  - <Envelope xmlns="urn:com.sap.b1i.xcellerator:spltdoc"> 
  - <Header> 
  <Action throwException="false" autoCommit="false">get</Action>  
  </Header>
  - <Body> 
  - <BOM>

  Certain Firefox problems can be solved by performing a ''Clean reinstall''. This means you remove Firefox program files and then reinstall Firefox. Please follow these steps:
  '''Note:''' You might want to print these steps or view them in another browser.
  #Download the latest Desktop version of Firefox from http://www.mozilla.org and save the setup file to your computer.
  #After the download finishes, close all Firefox windows (click Exit from the Firefox or File menu).
  #Delete the Firefox installation folder, which is located in one of these locations, by default:
  #*'''Windows:'''
  #**C:\Program Files\Mozilla Firefox
  #**C:\Program Files (x86)\Mozilla Firefox
  #*'''Mac:''' Delete Firefox from the Applications folder.
  #*'''Linux:''' If you installed Firefox with the distro-based package manager, you should use the same way to uninstall it - see [[Installing Firefox on Linux]]. If you downloaded and installed the binary package from the [http://www.mozilla.org/firefox#desktop Firefox download page], simply remove the folder ''firefox'' in your home directory.
  #Now, go ahead and reinstall Firefox:
  ##Double-click the downloaded installation file and go through the steps of the installation wizard.
  ##Once the wizard is finished, choose to directly open Firefox after clicking the Finish button.
  Please report back to see if this helped you!

• Information Regarding Essbase Security Except Filter Level and User Level

  I have an requirement to implement data level security in Essbase. For ex: A user can only see those data which are from Asia region or an user will be able to see those data which are from America.
  Asia and America are defined in my location dimension.
  can any one explain about it without using user Level Security and Filter level security.
  Please tell me how to do it?
  Thanks in advance.

  Sandeep's reference the DBAG and the section on filters is the right direction. The filter is created in EAS.
  Let's use an example.
  You create a METAREAD filter (that is, it filters both data and dimensionality) that gives a user limited access to the Location dimension (I think I have that right), e.g., the British Isles, the UK and Ireland. You can also create a READ filter but it only limits data and, in my opinion at least, causes confusion because users can see metadata (the whole world) but only see data for the British Isles.
  NB -- filters can be assigned to individual usernames or to groups that users are members of. For a POC, I'd keep it simple and just assign it to a username, but it's your choice.
  Assign the filter to the user in Shared Services.
  Try connecting to the database in Excel through the Classic Add-In or SmartView to test what the user sees -- it should be: Total Location, British Isles, the UK, and Ireland. You will see Total Location (top of the dimension) because that's how Essbase navigates down -- it has to have the dimension name to find the limited children. You won't see any data there. But you will see data at the Location members that the METAREAD filter allows.
  That's it -- it's been around since the year dot, and is the way access is restricted. You shouldn't need to reinvent the wheel to get this to work in OBIEE. Essbase should do the work.
  Regards,
  Cameron Lackpour

• Question I am getting this error and see no place to change scripting?JavaScript is disabled in your browser. Please activate JavaScript from Tools Internet Options Security Internet Custom Level Scripting Active Scripting Enabled.

  JavaScript is disabled in your browser. Please activate JavaScript from Tools>Internet Options>Security>Internet>Custom Level>Scripting>Active Scripting>Enabled.
  These are the instructions for internet explorer but i can't see anything in firebox.

  In my Firefox 5.0 I see check-box for enabling/disabling JavaScript in the "Content" tab.
  Is it checked in your Firefox and JavaScript still not working?

• Security In Bex Query

  Hi,
  I need a help on applying security in Bex Query, my scenario is i have a single InfoCube which contains all data, and we have a query based on this cube. Requirement is that this query should display the rows based on the logged in User's Service Organization. How can we achive this.
  Also, there is a requirement where in the Query Designer would be directly exposed to certain users where they will select the InfoCube and create Queries, this security should be applied to them as well.
  Thanks
  Akila. R

  Hi Akila
  Does your query contains the field service organization? If yes then you can create analysis authorization objects in TCODE RSECADMIN to restrict your query to the user's service organization and then assign analysis authorization object to the user's role.
  To give access to the creation of query, you can use the standard authorization RS_COMP* objects to the user's role with the activity as change so that the user could be able to create and display the reports in Bex.
  Let me know if you need further inputs.
  Regards
  Sadeesh

• Material Master Security at Material Level

  Hi!
  Can anyone tell me if we can lock security on material masters down on certain material types? We have just started testing security at the screen level but would like to take it a step further to material type. We are on 45.B still...
  Thanks for all your help!

  I never worked on 45b, but with 46c and Ecc6 it is possible to restrict based on materail type by using authorization object M_MATE_MAR

• Security and access levels

  I have created 4 users access levels, however, when I try to implement, when I keep inheritence, default security keeps coming up,   e.g. try changing everyone to my new access level and I get the new access level, but I also get view (inherited) - how can I "clean out" the old security settings??

  Sorry for the delay!
  OK, here's our situation - it's pretty straight forward;
  1500 users
  1500 (all) users in Everyone
  Of the 1500 users in Everyone;
  1200 in subgroup A
  200 in subgroup B
  90 in subgroup C
  10 users in Administrators
  4 universes
  1 connection
  Goal:
  Everyone and subgroups, same as admin, exception: can't delete or save to "corp" doc's.  My thought is to use same access level, then use the advanced configuration on the folders to prevent everyone from deleting any "corp docs"
  I have applied this access level to everyone and admin at;
  application > infoview, webi. cmc, deski, discussions, search
  universes > all 4
  connections > the 1
  folders > root folder,  level 1, denied access to everyone accordingly on level 2
  I have also added this access level to the top level security for users and groups
  Issues; 
  1. When I check the access level for everyone on folders, level 1 and below, I get the custom access level as inherited, but also view aslo as inherited.
  2. The users added to the admin group do not have same rights as the "administrator - for example, administrator can delete objects in the folders, but other users (within admin group) can not?  if I manually add the users to the folders, I can get this to work,  but doesn;t make sense, why would a user within a group have different rights, than any other user within the same group, with the same rights???
  Hope this helps!
  Edited by: Michael Bujarski on Jun 5, 2009 3:56 PM

• How to set dimension level security with multiple levels

  Hi,
  We have hierarchy with Level 0 codes to Level 4 codes.
  For e.g.
  Region 1 : Level 0 code 10000, Level 1 code 10001, Level 2 code 10011, Level 3 code 10111, Level 4 code 11111
  Region 2: Level 0 code 20000, Level 1 code 20001, Level 2 code 20011, Level 3 code 20111, Level 4 code 21111
  Region 3: Level 0 code 30000, Level 1 code 30001, Level 2 code 30011, Level 3 code 30111, Level 4 code 31111
  From SSAS role administration, I would like to assign a user permission to all Region 1 codes and only Level 3 code (30111) of region 3.
  How and where do I set this kind of permission?
  Thanks in advance.
  Manisha

  see
  http://www.mssqltips.com/sqlservertip/1834/introduction-to-dimension-security-in-sql-server-analysis-services-ssas-2005/
  Please Mark This As Answer if it helps to solve the issue Visakh ---------------------------- http://visakhm.blogspot.com/ https://www.facebook.com/VmBlogs