Problem Note 36437: The OLAP member-level security interface might not include all members when generating a security expression
 |  |  |  |  |
Overview
SAS® 9.2 introduced a new user interface for defining member-level security within a SAS® OLAP cube. This interface enables you to point and click to define a security condition. However, if your condition begins the security at a level beyond the first user-defined level in the cube (see below for an example), the generated expression is incomplete and might result in errors or a traceback in the SAS® OLAP Server log.
Example
For example, consider a dimension named Example, which has the levels, A, B, and C. Security is placed on the first member of the B level, which is A1.B1, granting access to the member and its descendants at the C level. This results in a security condition that looks like this:
{[Example].[All Example],
[Example].[All Example].[A1].[B1],
Descendants([Example].[All Example].[A1].[B1])}
|
This condition would enable users to access only the All Example member because there is a break between the All Example member and the A1.B1 member. To provide the correct results, you would modify this expression to include the A1 member:
{[Example].[All Example],
[Example].[All Example].[A1],
[Example].[All Example].[A1].[B1],
Descendants([Example].[All Example].[A1].[B1])}
|
Workaround
In order to use the cube in SAS® Web Report Studio, you must manually modify the expression to add the missing levels as explained in the example. Otherwise, reports display "No values were returned for this table" for users who are affected by the security expression. The SAS OLAP Server log does not list any errors. There is no hot fix that resolves this issue in any release.
If you are using the cube in SAS® Enterprise Guide with SAS 9.21, then you can apply the hot fix from the Hot Fix tab in this SAS Note. The hot fix resolves the SAS OLAP Server error, and the security is successfully applied even with a missing level. If you are using 9.2_M2 or later, then you do not need to apply the hot fix. The OLAP Server error is resolved and the security is correctly applied even with a missing level.
Operating System and Release Information
| Product Family | Product | System | Product Release | SAS Release | ||
| Reported | Fixed* | Reported | Fixed* | |||
| SAS System | SAS OLAP Server | Tru64 UNIX | 9.2 | 9.21_M2 | 9.2 TS2M0 | 9.2 TS2M2 |
| Solaris for x64 | 9.2 | 9.21_M2 | 9.2 TS2M0 | 9.2 TS2M2 | ||
| Solaris | 9.2 | 9.21_M2 | 9.2 TS2M0 | 9.2 TS2M2 | ||
| OpenVMS on HP Integrity | 9.2 | 9.21_M2 | 9.2 TS2M0 | 9.2 TS2M2 | ||
| Linux for x64 | 9.2 | 9.21_M2 | 9.2 TS2M0 | 9.2 TS2M2 | ||
| OpenVMS Alpha | 9.2 | 9.21_M2 | 9.2 TS2M0 | 9.2 TS2M2 | ||
| Linux | 9.2 | 9.21_M2 | 9.2 TS2M0 | 9.2 TS2M2 | ||
| HP-UX IPF | 9.2 | 9.21_M2 | 9.2 TS2M0 | 9.2 TS2M2 | ||
| HP-UX | 9.2 | 9.21_M2 | 9.2 TS2M0 | 9.2 TS2M2 | ||
| AIX | 9.2 | 9.21_M2 | 9.2 TS2M0 | 9.2 TS2M2 | ||
| 64-bit Enabled HP-UX | 9.2 | 9.21_M2 | 9.2 TS2M0 | 9.2 TS2M2 | ||
| 64-bit Enabled Solaris | 9.2 | 9.21_M2 | 9.2 TS2M0 | 9.2 TS2M2 | ||
| 64-bit Enabled AIX | 9.2 | 9.21_M2 | 9.2 TS2M0 | 9.2 TS2M2 | ||
| Windows Vista for x64 | 9.2 | 9.21_M2 | 9.2 TS2M0 | 9.2 TS2M2 | ||
| Windows Vista | 9.2 | 9.21_M2 | 9.2 TS2M0 | 9.2 TS2M2 | ||
| Microsoft Windows XP Professional | 9.2 | 9.21_M2 | 9.2 TS2M0 | 9.2 TS2M2 | ||
| Microsoft Windows Server 2008 for x64 | 9.2 | 9.21_M2 | 9.2 TS2M0 | 9.2 TS2M2 | ||
| Microsoft Windows Server 2008 R2 | 9.2 | 9.21_M2 | 9.2 TS2M0 | 9.2 TS2M2 | ||
| Microsoft Windows Server 2003 for x64 | 9.2 | 9.21_M2 | 9.2 TS2M0 | 9.2 TS2M2 | ||
| Microsoft Windows Server 2003 Standard Edition | 9.2 | 9.21_M2 | 9.2 TS2M0 | 9.2 TS2M2 | ||
| Microsoft Windows Server 2003 Enterprise Edition | 9.2 | 9.21_M2 | 9.2 TS2M0 | 9.2 TS2M2 | ||
| Microsoft Windows Server 2003 Datacenter Edition | 9.2 | 9.21_M2 | 9.2 TS2M0 | 9.2 TS2M2 | ||
| Microsoft Windows XP 64-bit Edition | 9.2 | 9.21_M2 | 9.2 TS2M0 | 9.2 TS2M2 | ||
| Microsoft® Windows® for x64 | 9.2 | 9.21_M2 | 9.2 TS2M0 | 9.2 TS2M2 | ||
| Microsoft Windows Server 2003 Enterprise 64-bit Edition | 9.2 | 9.21_M2 | 9.2 TS2M0 | 9.2 TS2M2 | ||
| Microsoft Windows Server 2003 Datacenter 64-bit Edition | 9.2 | 9.21_M2 | 9.2 TS2M0 | 9.2 TS2M2 | ||
| Microsoft® Windows® for 64-Bit Itanium-based Systems | 9.2 | 9.21_M2 | 9.2 TS2M0 | 9.2 TS2M2 | ||
| z/OS | 9.2 | 9.21_M2 | 9.2 TS2M0 | 9.2 TS2M2 | ||
A fix for this issue for Base SAS 9.21 is available at:
http://ftp.sas.com/techsup/download/hotfix/HF2/A01.html#36437| Type: | Problem Note |
| Priority: | high |
| Topic: | Data Management ==> Data Sources ==> Cubes System Administration ==> Security ==> Permissions System Administration ==> Servers ==> OLAP Query and Reporting ==> OLAP (Online Analytical Processing) |
| Date Modified: | 2016-06-07 15:07:52 |
| Date Created: | 2009-07-02 12:06:09 |