Lift Chart Failing With Restricted Security Model

Jan 4, 2007

Hello--

We're running into an issue where analysts are having problems obtaining lift charts (via the Mining Accuracy Chart UI available in the Visual Studio Analysis Services project) and performing prediction (via the Mining Model Prediction UI).

The issue seems to be related to the underlying analyst security model. Note that this post is related to:

http://forums.microsoft.com/MSDN/ShowPost.aspx?PostID=924641&SiteID=1


Analysts that work on the same problem will only have access to:

- A sandbox relational database (which contains views into the same source database). The analyst is db_owner of the sandbox database, so she/he can create data transformations required, etc. The sandbox database contains views to the source database, but the analyst only has read-access to the specific data elements needed from the source DB. So, they are very restricted w.r.t. the source database, but are db_owners of their sandbox relational databases. Note that the analyst will connect to he database via Windows Authentication.

- An Analysis Services sandbox database to use for their modeling, etc. In this AS sandbox db, we've created a role called "Administrator" and checked the permissions: Full control (Administrator), Process database, and Read definition. The analyst's windows account is the "user" associated with this role.

Also, in this situation, the SQL Server 2005 Relational Engine and Analysis Services are running on a single machine. The goal of this security model is to provide analysts with the ability to work in their "workspaces" (both SQL and AS), but not to see other analysts work, etc.

Under this model, Analysts are able to deploy mining models when the Data Source object that points to their relational "sandbox" DB is set-up with "Impersonation Information" = "Use a specific user name and password", where the Analyst provides their domain account information.

But, when trying to build a lift chart using the same data source view objects that were used to successfully train the model, the following error is occurring consistently:

Window Title: "Loading Mining Accuracy Chart"
Window Text: "Failed to execute the query due to the following error: Execution of the managed stored rocedure GenerateLiftTableUsingDatasource failed with the following error: Exception has been thrown by the target of invocation. Either '<domain><login>' user does not have permission to access the '' object, or the object does not exist. Errors in the high-level relational engine. A connection could not be made to the data source specified in the query. Errors in the high-level relational engine. A connection could not be made to the data source specified in the query.."

Since the Analyst was able to build the model with her/his given '<domain><login>' credentials, it is puzzling why the lift chart is failing.

Thanks in advance for your help,
- Paul

View 3 Replies


ADVERTISEMENT

How Get The Lift Chart In Datamining.i Am Not Geeting Mining Accuracy Chart And Mining Model Prediction

Sep 14, 2007



Hi,
I am not getting Mining Accuracy Chart and Min ing Model Prediction
Plz tel me how to do.And how to use the filter input data used to generate the lift chart and
select predictable mining model columns to show in the lift chart

View 1 Replies View Related

Lift Chart

Feb 13, 2007

Is there a Lift chart viewer like the model viewers that can be embedded within your windows apps ? If not, then can this be easily created via Adomd.net api calls ? Has anyone done this easily in custom DM applications ?

Thanks in advance,

anil

View 3 Replies View Related

Lift Chart

Dec 25, 2007

how can i change the language of lift chart for description of vertical axis and horizontal axis and howcan i see the script of this chart for time series algorithm

View 1 Replies View Related

Data Mining Plugin And Lift Chart

Jan 1, 2008

Hi,

I tried to create a lift chart with my custom plugin-algorithmn. The chart seems to be correct, but before it is drawn, an error occours:


Function ... Row 1 ... Column 43 ... cannot be used in this context.
(I've translated the key facts of this error message from german)

What did I do wrong?

Best wishes,
Manfred

View 12 Replies View Related

Lift Chart / Data Mining Legend

Jul 17, 2006

Hi,


I am having trouble really understanding what makes a model accurate and effective at predicting some attribute. I can't seem to find any clear documentation about the mining legend of the lift chart on the Mining Accuracy Chart tab when working with the Data Mining Structure designer in VS 2005. Specifically, I would like to know more about what numbers in the Score, Population Correct and Predict Probability columns mean, and why they change when you move the vertical gray bar on the Lift Chart. Also, what is generally a good score to be aiming for, provided that it is highly difficult to get 100% accuracy with the kind of data that I am using.

Any more information on this subject is much appreciated. Thank you for your time,

Chris Burns

View 1 Replies View Related

Why There Is No Random Guess Line Appeared In The Lift Chart?

May 3, 2007

Hi, all here,

Why the lift chart for my mining models evaluation does not have a random guess model line there? As normal, there should be lines like trained models, ideal model, and random guess model? Why is that? What did I miss? Could any experts here shed me any light on that.

Thanks a lot in advance for your advices and help and I am looking forward to hearing from you shortly.

With best regards,

Yours sincerely,

View 5 Replies View Related

Data Mining Lift Chart Problem On Vs2005

Jun 4, 2006

Hello . Because of my graduation project , I interested in data mining application , Adventureworks DW on MS VS 2005 . I opened File->Open->project/solution ->Enterprise -> AdventureworksDW .then I successfully deployed the algorithms decision tree and Clustering . Then I opened tab Mining Accuracy Chart then selected input table "testing" , which I had created before ,  from vTargetMail . After that , mining structure table and target mail table has automaticaly linked each other .Next , I selected predictive input as 1 , of the predictable row "BikeBuyer" . But , when I clicked "Lift Chart ", I only got a 45 degree line , everytime .. How can I fix it ?

View 7 Replies View Related

Problems With Neural Net Viewer, Lift Chart And Predictions Still Ocurring In SP2

Nov 24, 2006

Greetings,



I have a mining structure that I am using to perform a text-mining
classification task. The mining structure contains three models: a
decision tree, a naive bayes and a neural network.


Both the decision tree and the naive bayes models process without
any problems, but I am having significant difficulties with the neural
network model.


Initially when I processed the model, processing would fail altogether with the following error message:



"Memory error: Allocation failure : Not enough storage is available to process this command"



This was remedied by taking the steps prescribed in
http://support.microsoft.com/kb/917885 (I upgraded to SQL 2005 SP1 and
applied all available hotfixes listed in
http://support.microsoft.com/kb/918222/). This got me to the point
where the model (seemingly) processed correctly after restricting the
MAXIMUM_INPUT_ATTRIBUTES to a relatively low number. So after
processing, I went to try and browse the neural network model and view
the lift chart...



<error>

"Execution of the managed stored procedure GetAttributeScores
failed with the following error: Exception has been thrown by the
target of an invocation.Input string was not in a correct format.."

</error>



(see http://forums.microsoft.com/TechNet/ShowPost.aspx?PostID=935340&SiteID=17)



Also when I would attempt to view the lift chart and the
classification matrix the queries would time out with the following
error message:



<error>

XML for Analysis parser: The XML for Analysis request timed out before it was completed.

Execution of the managed stored procedure
GenerateLiftTableUsingDatasource failed with the following error:
Exception has been thrown by the target of an
invocation.Microsoft::AnalysisServices::AdomdServer::AdomdException.

</error>



Now, my poking around on Technet lead me to believe that this issue
could finally be resolved by uprading to the CTP release of SQL server
2005 SP2. Now I am still encountering problems. When I go to browse the
model in the Neural Network Viewer, I see the correct drop down menus
to select attributes and attribute values in the "Input" and "Output"
panes but I see no data displayed in the "Variables" pane at the
bottom.


Interestingly, while I cannot view the model contents in the
graphical viewer, the mining model contents viewer reveals model
contents that look to be pretty normal for a trained neural network.



Attempts to view the lift chart time out with the error message:



<error>

XML for Analysis parser: The XML for Analysis request timed out before it was completed.

Execution of the managed stored procedure
GenerateLiftTableUsingDatasource failed with the following error:
Exception has been thrown by the target of an
invocation.Microsoft::AnalysisServices::AdomdServer::AdomdException.

</error>



and when I run predictions against the trained NN model in the
"Mining Model Prediction" pane it predicts the same value for every
case in the testing set.



Any thoughts?

View 9 Replies View Related

Broken Lift Chart And Empty Classification Matrix In Data Mining

Sep 5, 2007

Hi,I am studying data mining features of SSAS and for a workshop I'vecreated 2 views derived from vTargetMail view of AdventureWorksDW.Train data consists every record except those in Pacific, and testview consists only records from Pacific area.1. I've created a mining structure based on Decision Tree and selectedBikeBuyer as predictable column.2. According to input column suggestions, I've selected Age,Eng.Education, NumberCarsOwned, YearlyIncome, CommuteDistance,NumberChildsatHome and TotalChildren as input columns,3. I've modified no other setting, and deployed project.I can get training results in decision tree browser and dependencynetwork (and both seem to give rather logical results) however, when Itry to browse lift chart or classification matrix I get an emptyclass.matr. and a lift chart of a single 45 degree line.Am I missing a step, or must I do some fine-tuning on (what)parameters?Thanks...

View 2 Replies View Related

Broken Lift Chart And Empty Classification Matrix In Data Mining

Sep 5, 2007

Hi,
I am studying data mining features of SSAS and for a workshop I've
created 2 views derived from vTargetMail view of AdventureWorksDW.
Train data consists every record except those in Pacific, and test
view consists only records from Pacific area.


1. I've created a mining structure based on Decision Tree and selected
BikeBuyer as predictable column.
2. According to input column suggestions, I've selected Age,
Eng.Education, NumberCarsOwned, YearlyIncome, CommuteDistance,
NumberChildsatHome and TotalChildren as input columns,
3. I've modified no other setting, and deployed project.



I can get training results in decision tree browser and dependency
network (and both seem to give rather logical results) however, when I
try to browse lift chart or classification matrix I get an empty
class.matr. and a lift chart of a single 45 degree line.



Am I missing a step, or must I do some fine-tuning on (what)
parameters?

View 3 Replies View Related

Question On Column Mappings Between Mining Structure And Case Table For Lift Chart

May 3, 2007

Hi, all experts here,

I am a bit confused for the model evaluation (lift chart), should we map all the columns for both the mining structure and the case table? I mean for those predictive models, we have a predict column, shouldnt we ignore the mapping of the predictive column between the mining structure and the case table? But it seemes we are not allowed to miss the predictive column mapping between the mining structure and the case table.

Why is that? Could any experts here give me some explanation on that?

Hope my question is clear for your help.

Thanks a lot and I am looking forward to hearing from you shortly.

With best regards,

Yours sincerely,

View 3 Replies View Related

How Is The 'Score' Value Derived In The Lift Chart/Mining Legend For Data Mining Models?

Sep 26, 2006

Hi,
I have just run a simple data set through a model to predict a simple true or false value (i.e. binary output)
The Lift Chart/Mining Legend in Analysis Services shows three results €“ Score, Population Correct (%), and Predict Probability (%)

Population Correct I beleive is the percentage of predictions it got right out of the total number of predictions it tried to make. Is this correct?

However, I can€™t work out how the other two are derived in particular the 'SCORE'. To give a live example the scores were as follows:

Model Score Pop Correct Pred Probability
Decision Trees 0.83 76.59% 54.28%
Neural Network 0.75 67.63% 50.05%
Ideal Model 100.00%


Can anyone help with this and give a detailed explanation?

Many thanks,
S Rajput

View 4 Replies View Related

SSRS -- Security Filter And Model Item Security Setting

Jul 31, 2007



Hi,


I have posted this issue for a week, haven't got any reply yet, I posted it again and desperately need your help.


The article http://msdn2.microsoft.com/en-us/library/ms365343.aspx says:
Model Item Security can be set for differnt security filters, but when I use SQL Server Management Studio to set Model Item Security, it seems "Permissions" property surpass "Model Item Security" property. -- My report server is using Custom Authentication.



For example, in "Permissions" property of the model, if I checked "Use these roles for each group or user account" without setting any user or group, no matter what users I added to "Model Item Security" with "Secure individual model items independently for this model" checked, NO one user can see the model on report manager and report builder;

in above situation, if I added "user1" and gave role such as "Browser" role to "user1" in "Permissions" property, if I checked "Secure individual model items independently for this model" in "Model Item Security" property, even I did NOT grant "user1" to root model and any entities under the model, the "user1" is able to access the model and all entities in report builder.



My question is on the same report model, how to set "AdminFilter" (empty security filter) for administrator permissions and set "GeneralFilter" (filtered on UserID) for general user based on their UserID?


The article also says:

"Security filters are always applied, even for users who have Content Manager or Administrator permissions to the model. To allow administrators or other users to see all rows of an entity on which row-level security is defined, you can create an empty security filter (which always returns True) and then use the filter to grant those users access to all the rows."



So I defined 2 filters "GeneralFilter" and "AdminFilter" for "Staff" entity for my report model "SSRSModel", I expect after I deployed the report model, the administrator users use report builder to build reports with all rows available, and the non-admin users can only see rows based on their UserID.



I can only get one result at a time but not both:

either the rows are filtered or not filtered at all, no matter how I set the "SecurityFilter" for the entity: I tried setting both "AdminFilter" and "GeneralFilter" for SecurityFilter at the same time, combination of "DefaultSecurityFilter" and "SecurityFilter", or one at a time.



Your help is highly appreciated!

Desperate developer

View 1 Replies View Related

Setup Failing Due To Security Issue With WMI Namespace

Nov 16, 2006

I'm installing SQL Server Express SP1 on a new Windows XP Pro SP2 laptop that is part of a corporate network. The last item in the Setup Progress dialog box says:

Workstation Components, Books Online and Development Tools....Setup failed. Refer to log file.

C:Program FilesMicrosoft SQL Server90Setup BootstrapLOGSummary.txt looks fine except for the last few lines:

--------------------------------------------------------------------------------
Machine : ROVER
Product : Microsoft SQL Server 2005 Tools
Product Version : 9.1.2047.00
Install : Failed
Log File : c:Program FilesMicrosoft SQL Server90Setup BootstrapLOGFilesSQLSetup0004_ROVER_Tools.log
Last Action : InstallFinalize
Error String : SQL Server Setup failed to modify security permissions on WMI namespace \.
ootMicrosoftSqlServerComputerManagement. To proceed, verify that the account and domain running SQL Server Setup exist, that the account running SQL Server Setup has administrator privileges, and that the WMI namespace exists on the destination drive.
Error Number : 29516


Is this a common error when installing on a PC that is part of a corporate network? I didn't dig too far into SQLSetup0004_ROVER_Tools.log; however, it contains a few references to "SOFTWARE RESTRICTION POLICY".

Other than this error, SQL Server Express seems to be working ok. Is this anything to be concerned about?

View 3 Replies View Related

Help With Security Model

Jun 10, 2004

Hi all,

I need some sugestions from all of you about setting up security model in
our SQL2000 box.

The server was setup using Mixed mode. However, all the applications
(web and MS access) access the server using "sa" userid.

There are several databases in our server. Ex: (DB1,DB2,DB3,DB4 and DB5)

Application 1: need read/write access to DB1,DB2 and DB3
Application 2: need read/write access to DB5
Application 3: need read/write access to DB4 and DB3

Should I set up three userids and give them the dbo access to those
database that they need to use?

Does that make any sense to you?

Thank you for all your suggestion

View 5 Replies View Related

Help Me Understand A MS-SQL Security Model

Apr 15, 2008

I'm a bear with a very little brain. Please review the following story to see if I understand the concepts.

For the purposes of this exercise let's say that a database is used to control a building's HVAC (Heating, ventilation and cooling) system. It's installed by the HVAC vendor, who installs client software on the PC's in the building. This software allows the occupants of the building to alter the setting of the HVAC system. A young and foolish programmer/DBA - eager to show his mettle - accepts the responsibility of overseeing the system to make sure it works. What could go wrong? Easy money.



Given: A database that contains securable. (Tables, views, schema's etc).

By the second week, there is always someone complaining that it's too hot, too cold, too noisy (fans on too high). Everyone is setting their own settings. No one is happy - the only thing that they agree on is that the system doesn't work - and it's up to the less-young and less-foolish programmer/DBA to fix it.

Option #1: Create an Application Role (AIR_GOD) to control who can really write to the thermostat tables. This effectively blocks anyone who doesn't know the AIR_GOD password from fiddling. This password is only given to a carefully selected few.

Two weeks and fourteen passwords later:

Option #2: Create a fixed database role (AIR_GOD2) and drop only the selected few logins into it. (Our programmer is learning)

It helps. But since the users can access the whole thermostat-table - they end up setting each other's zones settings - sometimes by accident. Sometimes the values entered are insane.

Option #3: Create a Data Access Layer (DAL) Our programmer/DBA learns fast - he removes update rights to the thermostat-table from all users with a login. Now the only way to change a thermostat-table setting is through the stored-procedure(s) with the 'user without a login' impersonation. Values are checked before they're written etc.

Is that about right?

(Our story ends with the programmer/DBA growing older and wiser vowing never - ever - ever - to get involved with HVAC control systems again.)

View 1 Replies View Related

Report Model Security

Feb 6, 2008

I have been playing with SRS 2005 for a few months now and have a decent setup going but am strugling with model security.

I have set my selected users up in the home folder and also as site users in site settings, they can launch the report builder and create reports fine.

HOWEVER

I intend to use the software accross multiple systems ie WMS, TMS, Finance package, T&A and therefore I only want the WMS users to see the WMS models and T&A users to only see the T&A models etc

No matter what settings are adjusted it seems that if you can launch the report builder then you can access all models and this poses an issue for me as systems like T&A and financials that I need to be as secure as possible.

I am aware that I can limit access to to models using Management studio but it seems to be basically on a column basis rather than the whole model.


Help!!!


Also aware of the fact im an idiot and basically posted the same thing 5 or 6 times! Hopefully the others are deleted

View 3 Replies View Related

Upgrading 6.5 To 7.0 And Retaining Security Model

Dec 30, 1999

Is is possible to upgrade from 6.5 to 7.0 and have all the logins that have been granted the ability to make a trusted connection to 6.5 be created the same capability in 7.0?

When I did it the logins were created as standard logins in 7.0

View 1 Replies View Related

Model Item Security Setting

Jan 4, 2008

Hi
I just deploy a report model and want use report builder to create ad-hoc using this report model.
I want some entitis and attributes are not visiable for some user, so I config the model item security for this model.
But no matter which user I use to login the report server, I always can access all the entities.
Even I delete all the groups and users in "Permissions" property of the model, I still can access this model through report builder.
All the user I used to test are local user of server with report service, my server is SQL Server 2005+SP2.

How can I fix it?

View 3 Replies View Related

I Have A Question On The Security Model For MSRS 2005

Sep 21, 2007

I have a question on the security model for MSRS 2005. I have been working with the permissions for the reporting server folders and reports at my company. Now it seems to me that I can let a user have access to a folder but they will not be able to see any reports that they do not have permissions to see. This would seem different from the Windows Security model where I can see an executable but not actually execute it. (ie. In MSRS the user would be able to see the report but not execute it)

Am I correct in this assumption or is there a way to allow the user to see the report but not execute it using the MSRS permissions.

View 1 Replies View Related

Report Model Item Security Has No Effect

Apr 25, 2007

Hi,



I am trying to use a very easy and simple feature of a reportmodel, model item security.

In my example i have two users; HGHJohn and HGHJKooi



I want to test if I am able to restrict access in the model to a whole entity. HGHJKooi shouldn't be able to see the entity 'Customers'.



These are the steps I executed:

1. In Sqlserver management studio I opened the properties of my model and navigated to the tabpage 'model item security'.

2. I activated the option 'secure individual model items...'

3. In the root of the model I declared two users(groups) as specified above

4. Automatically all nodes inherit these settings from the root.

5. For the entity 'Relations' I change the default, by selecting 'use these roles for each group or user account'

6. I removed HGHJKooi from this list, leaving only 'HGHJohn as model item browser



What I expected at this moment is that when I login the system as HGHJKooi, then I won't see this entity, but I still can! Does anybody know a solution to this problem?



Julian Kooiker

View 1 Replies View Related

Report Builder - Data Model(Security)

Feb 8, 2007

Hi all

I have created security roles that restrict access to a certain Dimension
and a member therein.

The security works fine when the users finened in it runs a report:
The data is accordingley ristricted.

The problem is when those same users run Report Builder and create a report,
those members are no longer restricted and they have acces to absoluteley
all data from the cubes.

Is there some way that I can force the Data Model to follow the cube's security roles?

Any help is much appreciated...

Gerhard Davids

EDIT:
I have found that it uses the wrong user when opening report builder.
For some reason it uses my windows account instead of the one I used to log onto
report manager. This is way the security isnt working

Any thoughts what may be causing this?

View 3 Replies View Related

Report Model Security Integration With SSAS 2005

Aug 7, 2006

Hi,

I have a question here for report model generated on top of SSAS 2005. If security has been defined in SSAS 2005 cube where RoleA only have access to certain dimension, is this security setting integrated with the report model and propogate down to the report builder when used where RoleA users have no access to dimension allowed?

Thanks,

J Lim

View 1 Replies View Related

Security Setting For Creating, Trainning Session Model With ASP.NET Front-end AP

Jan 30, 2008

Hi,
I would like to demonstrate mining temporary models in an ASP.NET application.

Creating, trainning, predicating actions are all witten at C# codes as follows:





Code Snippet

using (AdomdCommand cmd = new AdomdCommand())
{
// Build temporary mining model
cmd.Connection = asConn;
cmd.CommandText = "CREATE SESSION MINING MODEL " + modelName +
" (" +
"HCVS_MemberId Text KEY," +
"HCVS_MeasureDate DATE KEY TIME, " +
"SysPressure LONG CONTINUOUS PREDICT, " +
"DiaPressure LONG CONTINUOUS PREDICT," +
"Pluse LONG CONTINUOUS PREDICT" +
") " +
"USING Microsoft_Time_Series(Missing_Value_Substitution='Mean' ) "; // Periodicity_Hint = '{12}'
cmd.ExecuteNonQuery();

// Train Data
cmd.CommandText = "INSERT INTO " + modelName + " (HCVS_MemberId, HCVS_MeasureDate, SysPressure, DiaPressure, Pluse) " +
"OPENQUERY([Healthcare], " +
" 'SELECT HCVS_MemberId, HCVS_MeasureDate, SysPressure,DiaPressure,Pluse" +
" FROM v_VitalSignForecast WHERE HCVS_MemberId=''" + id + "'' AND HCVS_MeasureDate>=''" + from.ToShortDateString() + "'' AND HCVS_MeasureDate<=''" + to.ToShortDateString() +"'' ')";

cmd.ExecuteNonQuery();
// Predict upon the Train Data. In addition, the standard deviation of each predicated value is retrieved
cmd.CommandText = "SELECT FLATTENED " +
"( SELECT *, " +
" SysPressure + PredictStdev(SysPressure) AS [SysPressure_PlusStdev], " +
" SysPressure - PredictStdev(SysPressure) AS [SysPressure_MinusStdev] " +
"FROM PredictTimeSeries(SysPressure, " + fDays + ") AS SysTable " +
") " +
"FROM " + modelName ;


AdomdDataAdapter adapter = new AdomdDataAdapter(cmd);

DataSet sysDS = new DataSet();
adapter.Fill(sysDS);
The problem is that I do not know how to configure my Analysis Service Server to let ASP.NET account can utilize it. And ASP.NET account in trun impersonates the account who is authorized to use Healthcare DB in the Openquery. Please give a help. Thanks a lot.

Ricky.

View 4 Replies View Related

User Is Not Able To Access The Database Model Under The Current Security Context

Feb 7, 2008

I have a restriced user on SQL Server that is only permitted to creat a new database and manage it only. All other database are hidden to that user.

when that user login to SQL Server and create a database and try to change the default folder path for data and log files, gets an error,

The Server principal "User" is not able to access the database "model" under the current security context. (MSSQL Server, Error: 916)

Any idea???

Thanks,

View 7 Replies View Related

How To Create/enable Row Level Security Using An Indirect Match On A Report Model

Feb 13, 2008



I've been through a number of tutorials on how to enable row-level security based on a userID, but my problem is more complicated and I do not have sufficient understanding of report models to guess.

My security information is defined in a table within my database. It contains a username and an account mask. An account mask maps to 1 or more account codes contained in the other data tables in my report model. A user may have more than one account mask defined for his account.

I understand the concept of directly mapping the logged-in user to a field containing a matching username. Is it possible to do a two-step mapping, so that based on the user ID I can get the account mask(s) and then evaluate which account codes match the mask(s)?

Or is there a different/better way to set this up? Defining SQL roles/groups is not an option, because of some compatibility issues with external systems.


So far, because my security table has no defined relationship with the data tables, I have not even been able to get it into my report model (Would love any suggestions on that one, too.)

I'd appreciate any ideas or suggestions - even if only something to investigate.
Thanks,
Sarah

View 1 Replies View Related

Advice On Security Model For XML Web Services For Many Users In Active Directory Role

Feb 21, 2006

I am working on the security model for an application that will be used by 100s of users with a dedicated SQL 2005 database for this application and access via SQL XML Web Services.

The client has asked to make it "open" during alpha testing such that anyone can access the web services without having to set them up first. Is there a way to do this? The best I can figure is to use mixed mode security and hard code a login and password. Any method using Windows authentication would require that I add every user at a minimum to the database.

In production, all users will have an active directory role specified that determines if they should have access to the web services or not. However, it is my understanding that to use Windows authentication, I would still need to add each individual user at a minimum as a Login to the SQL Server, and under best practices also as database users with permissions granted to the endpoint.

Am I correct in the above, or is there a more efficient way to achieve these results?

Thanks

-L

View 1 Replies View Related

Impersonation Mode Issue: Multiple Analysts Requiring Separate AS DBs For Security Model

Nov 15, 2006

Hello--

We have a current situation where analysts will be modeling a variety of problems, all stemming from the same source data (stored in a SQL-Server 2005 relational database).

Analysts that work on the same problem will only have access to:

- A sandbox relational database (which contains views into the same source database). The analyst is db_owner of the sandbox database, so she/he can create data transformations required, etc. The sandbox database contains views to the source database, but the analyst only has read-access to the specific data elements needed from the source DB. So, they are very restricted w.r.t. the source database, but are db_owners of their sandbox relational databases. Note that the analyst will connect to the database via Windows Authentication.

- An Analysis Services sandbox database to use for their modeling, etc. In this AS sandbox db, we've created a role called "Administrator" and checked the permissions: Full control (Administrator), Process database, and Read definition. The analyst's windows account is the "user" associated with this role.

Also, in this situation, the SQL Server 2005 Relational Engine and Analysis Services are running on a single machine. The goal of this security model is to provide analysts with the ability to work in their "workspaces" (both SQL and AS), but not to see other analysts work, etc.

I'm running into a problem when trying to build models using this security model by doing the following:
- Running Visual Studio
- Selecting File -> Open -> Analysis Services Database and choosing the AS DB that I have access to (this is the only one that appears in the drop-down, after specifying the AS server).
- I've created a data source pointing to the relational sandbox DB.
- I've created a data source view choosing the table/view needed for the case table.
- I created a mining structure with a decision tree model

When I process the mining structure, I'm getting the following errors:

- If the data source Impersonation is "Default" -- the error is "The datasource, '<DS name>', contains an ImpersonationMode that is not supported for processing operations."

- If the data source Impersonation is "Use the credentials of the current user" -- the error is the same as "Default" above -- "The datasource, '<DS name>', contains an ImpersonationMode that is not supported for processing operations."

- If I change the data source Impersonation to "Use the service account" and select "OK" in the "Data Source Designer" window, and error comes up with message: "The ImpersonationInfo for '<DS name>' contains an ImpersonationMode that can only be used by a server administrator.

Any suggestions or pointers to help implement this security model to provide analysts with AS and SQL Relational resources for their modeling?


Thanks,

- Paul

View 1 Replies View Related

Report Model Deployment : The Model ID Of The Submitted Model Must Match That Of The

Dec 5, 2005

Running 2005 Beta 3 Refresh.  When I first deploy, it works fine. Subsequent deployments yield the following error:

View 9 Replies View Related

Reporting Services Report / Chart / Dynamically Hide-Unhide DataFields In A Chart

Mar 26, 2007



Hello All,

I have a reporting services report in the form of a chart. I have two datafields on the chart.

I need to be able to dynamically hide one datafield and view the chart for the other one and vice versa.

How do I do this ?

Any help would be appreciated..

Thanks!



View 4 Replies View Related

Reporting Services :: Export Server Report Chart To Excel As Editable Chart

Jul 17, 2014

When I export the report in excel format the chart is displayed as picture. I want it to be displayed as editable chart.Does Office Writer work in this situation and did anyone use Office Writer to accomplish same type of problem.Is there any other method or product we can use instead of the office writer.

View 2 Replies View Related

Reporting Services :: SSRS 2008 R2 Bar Chart Labels Not Staying Outside Chart Area?

Feb 13, 2012

I have a report designed in SSRS 2008 R2.My issue is that the data labels do not stay outside the bars for high values.

View 4 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved