Nick Haslam's questions

I'm trying to create a role, to restrict access to a cube on Analysis services, so that a member of this role can only see records related to a specific country (from a dim_country dimension). So, for example, they'd only see the records where the dim_country name is 'England', and nothing at all for any other countries.

The issue I'm getting is that all records are being returned, regardless of what I'm putting in. This issue is the case when testing in BIDS (using Test Cube Security) and from Excel when I've added the Roles= into the cube connection definition.

I'd appreciate any suggestions.

The Role Definition I've made the following changes, and replicated it in AdventureWorks General -> Read Definition Checked
Cubes -> Access =Read
-> Local Cube / Drillthrough Access selected

Dimension Data
On the Customer Dimension, in Country
Allowed Member set = [Customer].[Country].&[France]
Denied Member Set = [Customer].[Customer].[All Customers]
Enabled Visual Totals = Ticked.

As I said, the issue is that I'm getting all values returned, rather than those filtered by the country

We have an issue when we add a Windows 7 machine to our domain.

We have a domain, running a Windows Server 2003 domain, and using XP machines, and are wanting to start using Windows 7.

However, when we try and join a Win 7 machine to the domain, shortly afterwards (minutes), the Win7 machine crashes, and on reboot, it fails to recover using any System Restores (which means nothing in the Event Log!).

This has happened on reinstalled XP machines (wiped, and installed Win7 on them) and on new Win7 machines (machines built with, and supplied with Win7 installed)

There is a group policy on the network, but the user logging in is exempt from that (admin...)

Update: Appears to be unrelated to UAC

We have an interesting situation.

We have two domains, one, called Smith(not really, but you get the idea) which is our main office based domain against which users are authenticated on login.

Another domain is hosted, and has a couple of servers running a database (SQL Server) server and SharePoint. The problem is that this domain is also called Smith.

How can we synchronise the users passwords between these two domains ?

Can we setup a trust between them (even though they have the same names) and have these users be able to access sharepoint and SQL Server through Windows Authenticated mode ?

If not, do you have any ideas as to how we could achieve this ?

Cheers

Nick