Apparently this is more difficult then I first thought.
I have an app "App1" which contains 2 databases "DB1" and "DB2"
I have group Read access defined for "App1" but I only want them to see "DB1"
I created a filter for "App1", "DB2" where access is set to None on @Idesendents(Dimx) (I tried this for all dimensions)
I then provisioned the group "DB2" to this filter.
"DB2" still apears in add-in connection dialog.
Any ideas anyone?
I think I described the solution you proposed in my initial question. What do you see as different? Group access to the Application is in shared services, filter is created in Essbase then in Shared Services I Assigned this filter to the specific Database. What am I missing I wonder?
Thanks for taking the time to respond.
It's because you are doing this in Shared Services mode.
Unlike "classic" Essbase security, in Shared Services mode, if you give users (or groups) access to one database under the application, you give them access to all databases under the application. There's nothing, unfortunately, you can do about it.
I guess you could dump Shared Services but that would be a bit extreme.
Embrace the one app, one db mindset and all is well. And yes, that is not so great for performance purposes with @XREF (although to be honest I can't remember how bad it actually is -- it as been a while).
P.S. Try doing that assign in MaxL and you'll see a very specific warning from Essbase about the above.
Edited by: CL on Dec 17, 2012 12:57 PM