Restricting Network Access

Users and administrators must be authenticated by the Microsoft Windows operating system in order to access Microsoft SQL Server Analysis Services data or administer an instance of Analysis Services. The Windows operating system lets all authenticated users access a member server from the network. However, by default, members of the Everyone group are also permitted to access member servers. The Everyone group includes anonymous users.

To increase the security of the operating system and Analysis Services data, restrict the network access rights of anonymous users by doing the following:

• Use the Local Security Policy tool to remove the right of the Everyone group to access the computer from the network. This tool is located in the Administrative Tools group on the computer.

• Disable null sessions to prevent anonymous, or unauthenticated, sessions. To accomplish this, set the RestrictAnonymous key to 1. This key is in the Windows registry located at HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\LSA.