UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The Analysis Services server role should be restricted to authorized users.


Overview

Finding ID Version Rule ID IA Controls Severity
V-15193 DM6108-SQLServer9 SV-25476r1_rule ECLP-1 Medium
Description
The Analysis Services server role grants server-wide security privileges to the assigned user. An unauthorized user could compromise database and analysis server data and operational integrity or availability.
STIG Date
Microsoft SQL Server 2005 Instance Security Technical Implementation Guide 2015-06-16

Details

Check Text ( C-13803r1_chk )
If Analysis Services is not deployed on the local host, this check is Not a Finding.

Note: To detect deployment, view Windows Services. If SQL Server Analysis Services ([instance name]) is not listed, then Analysis Services is not installed on this host.

From the SQL Server Management Studio GUI:

1. Connect to the Analysis Services instance
2. Right click on the Analysis Services instance
3. Select Properties
4. Select the Security page
5. View member names assigned to the server role

If any assigned members are not included as authorized in the System Security Plan, this is a Finding.
Fix Text (F-14823r1_fix)
Remove unauthorized members from the Analysis Service instance.

From the SQL Server Management Studio GUI:

1. Connect to the Analysis Services instance
2. Right click on the Analysis Services instance
3. Select Properties
4. Select the Security page
5. Select any unauthorized user to remove
6. Click the Remove button
7. Click OK