36437 - The OLAP member-level security interface might not include all members when generating a security expression

SUPPORT / SAMPLES & SAS NOTES

Support

Problem Note 36437: The OLAP member-level security interface might not include all members when generating a security expression

Overview

SAS^® 9.2 introduced a new user interface for defining member-level security within a SAS^® OLAP cube. This interface enables you to point and click to define a security condition. However, if your condition begins the security at a level beyond the first user-defined level in the cube (see below for an example), the generated expression is incomplete and might result in errors or a traceback in the SAS^® OLAP Server log.

Example

For example, consider a dimension named Example, which has the levels, A, B, and C. Security is placed on the first member of the B level, which is A1.B1, granting access to the member and its descendants at the C level. This results in a security condition that looks like this:

   {[Example].[All Example],
    [Example].[All Example].[A1].[B1],
    Descendants([Example].[All Example].[A1].[B1])}

This condition would enable users to access only the All Example member because there is a break between the All Example member and the A1.B1 member. To provide the correct results, you would modify this expression to include the A1 member:

   {[Example].[All Example],
    [Example].[All Example].[A1],
    [Example].[All Example].[A1].[B1],
    Descendants([Example].[All Example].[A1].[B1])}

Workaround

In order to use the cube in SAS^® Web Report Studio, you must manually modify the expression to add the missing levels as explained in the example. Otherwise, reports display "No values were returned for this table" for users who are affected by the security expression. The SAS OLAP Server log does not list any errors. There is no hot fix that resolves this issue in any release.

If you are using the cube in SAS^® Enterprise Guide with SAS 9.21, then you can apply the hot fix from the Hot Fix tab in this SAS Note. The hot fix resolves the SAS OLAP Server error, and the security is successfully applied even with a missing level. If you are using 9.2_M2 or later, then you do not need to apply the hot fix. The OLAP Server error is resolved and the security is correctly applied even with a missing level.

Operating System and Release Information

Product Family	Product	System	Product Release		SAS Release
Product Family	Product	System	Reported	Fixed*	Reported	Fixed*
SAS System	SAS OLAP Server	Tru64 UNIX	9.2	9.21_M2	9.2 TS2M0	9.2 TS2M2
		Solaris for x64	9.2	9.21_M2	9.2 TS2M0	9.2 TS2M2
		Solaris	9.2	9.21_M2	9.2 TS2M0	9.2 TS2M2
		OpenVMS on HP Integrity	9.2	9.21_M2	9.2 TS2M0	9.2 TS2M2
		Linux for x64	9.2	9.21_M2	9.2 TS2M0	9.2 TS2M2
		OpenVMS Alpha	9.2	9.21_M2	9.2 TS2M0	9.2 TS2M2
		Linux	9.2	9.21_M2	9.2 TS2M0	9.2 TS2M2
		HP-UX IPF	9.2	9.21_M2	9.2 TS2M0	9.2 TS2M2
		HP-UX	9.2	9.21_M2	9.2 TS2M0	9.2 TS2M2
		AIX	9.2	9.21_M2	9.2 TS2M0	9.2 TS2M2
		64-bit Enabled HP-UX	9.2	9.21_M2	9.2 TS2M0	9.2 TS2M2
		64-bit Enabled Solaris	9.2	9.21_M2	9.2 TS2M0	9.2 TS2M2
		64-bit Enabled AIX	9.2	9.21_M2	9.2 TS2M0	9.2 TS2M2
		Windows Vista for x64	9.2	9.21_M2	9.2 TS2M0	9.2 TS2M2
		Windows Vista	9.2	9.21_M2	9.2 TS2M0	9.2 TS2M2
		Microsoft Windows XP Professional	9.2	9.21_M2	9.2 TS2M0	9.2 TS2M2
		Microsoft Windows Server 2008 for x64	9.2	9.21_M2	9.2 TS2M0	9.2 TS2M2
		Microsoft Windows Server 2008 R2	9.2	9.21_M2	9.2 TS2M0	9.2 TS2M2
		Microsoft Windows Server 2003 for x64	9.2	9.21_M2	9.2 TS2M0	9.2 TS2M2
		Microsoft Windows Server 2003 Standard Edition	9.2	9.21_M2	9.2 TS2M0	9.2 TS2M2
		Microsoft Windows Server 2003 Enterprise Edition	9.2	9.21_M2	9.2 TS2M0	9.2 TS2M2
		Microsoft Windows Server 2003 Datacenter Edition	9.2	9.21_M2	9.2 TS2M0	9.2 TS2M2
		Microsoft Windows XP 64-bit Edition	9.2	9.21_M2	9.2 TS2M0	9.2 TS2M2
		Microsoft® Windows® for x64	9.2	9.21_M2	9.2 TS2M0	9.2 TS2M2
		Microsoft Windows Server 2003 Enterprise 64-bit Edition	9.2	9.21_M2	9.2 TS2M0	9.2 TS2M2
		Microsoft Windows Server 2003 Datacenter 64-bit Edition	9.2	9.21_M2	9.2 TS2M0	9.2 TS2M2
		Microsoft® Windows® for 64-Bit Itanium-based Systems	9.2	9.21_M2	9.2 TS2M0	9.2 TS2M2
		z/OS	9.2	9.21_M2	9.2 TS2M0	9.2 TS2M2

* For software releases that are not yet generally available, the Fixed Release is the software release in which the problem is planned to be fixed.

Type:	Problem Note
Priority:	high
Topic:	Data Management ==> Data Sources ==> Cubes System Administration ==> Security ==> Permissions System Administration ==> Servers ==> OLAP Query and Reporting ==> OLAP (Online Analytical Processing)

Date Modified:	2016-06-07 15:07:52
Date Created:	2009-07-02 12:06:09