Data Warehouse Components Requiring Security

Article
11/12/2009

This section discusses the Data Warehouse objects that should be secured: databases, connection strings, and reports. This section provides detailed reference information about each Data Warehouse component, and the permissions required to access it.

To secure these components, you do the following:

Databases. Always secure the Data Warehouse databases behind a firewall. For instructions, see Deploying a Secure Site. In addition, do the following:
- For the SQL Server database, run the ReportViewer.sql, ReportAdvanced.sql, and SegmentViewer security scripts to create the required roles on the Data Warehouse database for Business Desk users who run reports and work with the Segment Viewer module, and then assign the Business Desk users to the appropriate roles.
- For the OLAP database, the account that you define for the Analysis Server must have Select access to all Commerce Server views.
- To run the Data Warehouse Import Wizard and save a package, your account must have Select, Insert, and Update permissions on the msdb database of the SQL Server on which you are running the DTS tasks. The msdb database is used by SQL Server Agent for scheduling alerts and jobs, and it is accessed to save the DTS package. In addition, assign the same permissions on the sysDTSPackage object, which allows users to save a DTS package.
Connection strings. Configure the connection strings to use Windows Authentication.
Reports. Use the Business Desk Permissions module to grant Business Desk users access to the user interface features for running, creating, and modifying reports.
Segment Viewer module. Use the Business Desk Permissions module to grant Business Desk users access to the user interface features for working with the Segment Viewer module.

This section contains:

Data Warehouse Components Requiring Security

Additional resources