Microsoft® SQL Server™ OLAP Services controls access to Database and Cube objects via access control rights. These rights are enabled only if the server is installed on the Microsoft Windows NT® NTFS file system, which enforces access control lists (ACLs). Access control rights cannot be enforced on a file system such as file allocation table (FAT) that does not support ACLs.
OLAP Services provides three levels of access control: Read, Read/Write, and Admin.
Provides read-only access to the data. Supported functionality includes browsing of data and data structures (metadata). This level does not allow modifying data and processing of data. This level of access control is supported explicitly via the OLAP Manager user interface.
Provides write access to a write-enabled cube. Supported functionality includes all read access functionality and modifying data in cubes designated and enabled for write-back. This level of access control is supported explicitly via the OLAP Manager user interface.
Provides access to the OLAP Manager user interface and allows processing of data. By default, the user account used to install the server on a particular computer has Admin privileges on that computer. Upon initial installation, OLAP Services establishes a Windows NT group named OLAP Administrators and adds the logged-in user to this group. Only members of this group can start the OLAP Manager user interface and use administrative functions, including security management. You can use the Windows NT User Manager to manage this group.
Note If the service logon account specified in the Service dialog box of Windows NT is not System Account, the specified account has all three levels of access control: Read, Read/Write, and Admin.