This article was previously published under Q241088
This article has been archived. It is offered "as is" and will no longer be updated.
When you install OLAP Services version 7.0 on a Windows 2000 computer, all of the local computer users receive administrators rights to administer OLAP Services. This occurs because of behavior changes in the defaults of the registry system of Windows 2000. Windows 2000 now inherits the security permission of the parent node in the registry tree, which causes all of the local computer users to have administrators rights.
This means that the server installs and works well on Windows 2000 out of the box. However, now too many people now have too many rights.
The Win32 function SetNamedSecurityInfo works differently in Windows 2000 than in previous versions of Windows NT. A new flag PROTECTED_DACL_SECURITY_INFORMATION has been introduced in Windows 2000 that you need to use in order to prevent registry keys from inheriting a parent key security setting.
To work around this behavior, download the following file and run it on your Windows 2000 server:
- restricts it for Full Control to OLAP Administrators.
Microsoft has confirmed this to be a problem in SQL Server 7.0. This problem has been corrected in U.S. Service Pack 2 for Microsoft SQL Server 7.0. For more information, click the following article number to view the article in the Microsoft Knowledge Base:
254561 INF: How to Obtain Service Pack 2 for Microsoft SQL Server 7.0 and Microsoft Data Engine (MSDE) 1.0
For more information, contact your primary support provider.