MicroStrategy ONE

About MicroStrategy User Groups

A user group (or "group" for short) is a collection of users and/or subgroups. Groups provide a convenient way to manage a large number of users.

Instead of assigning privileges, such as the ability to create reports, to hundreds of users individually, you may assign privileges to a group. Groups may also be assigned permissions to objects, such as the ability to add reports to a folder.

In addition to having privileges of their own, subgroups always inherit the privileges from their parent groups.

For a list of the privileges assigned to each group, see the List of Privileges section.

Do not modify the privileges for an out-of-the-box user group. During upgrades to newer versions of MicroStrategy, the privileges for the out-of-the-box user groups are overwritten with the default privileges. Instead, you should copy the user group you need to modify and make changes to the copied version.

The Everyone Group

All users except for guest users are automatically members of the Everyone group. The Everyone group is provided to make it easy for you to assign privileges, security role memberships, and permissions to all users.

When a project is upgraded from MicroStrategy version 7.5.x or earlier to version 9.x, the Use Developer privilege is automatically granted to the Everyone group. This ensures that all users who were able to access Developer in previous versions can continue to do so.

Authentication-Related Groups

These groups are provided to assist you in managing the different ways in which users can log into the MicroStrategy system. For details on the different authentication methods, see Identifying Users: Authentication.

  • Public/Guest: The Public group provides the capability for anonymous logins and is used to manage the access rights of guest users. If you choose to allow anonymous authentication, each guest user assumes the profile defined by the Public group. For more information about anonymous authentication and the Public/Guest group, see Implement Anonymous Authentication.
  • 3rd Party Users: Users who access MicroStrategy projects through third-party (OEM) software.
  • LDAP Users: The group into which users that are imported from an LDAP server are added.
  • LDAP Public/Guest: This group is for LDAP anonymous login. It behaves like the Public/Guest group, except that it is for LDAP anonymous login. When an LDAP anonymous user logs in, it is authorized with the privileges and access rights of LDAP Public/Guest and Public/Guest.

    For information on integrating LDAP with MicroStrategy, see Implement LDAP Authentication.

  • Warehouse Users: Users who access a project through a warehouse connection.

Groups Corresponding to Product Offerings

These groups are built-in groups that correspond to the licenses you have purchased. Using these groups gives you a convenient way to assign product-specific privileges.

  • Architect: Architects function as project designers and can create attributes, facts, hierarchies, projects, and so on.
  • Analyst: Analysts have the privileges to execute simple reports, answer prompts, drill on reports, format reports, create reports by manipulating Report Objects, create derived metrics, modify view filter, pivot reports, create page by, and sort using advanced options.
  • Developer: Developers can design new reports from scratch, and create report components such as consolidations, custom groups, data marts, documents, drill maps, filters, metrics, prompts, and templates.
  • Web Reporter: Web Reporters can view scheduled reports and interactively slice and dice them. They can also use the printing, exporting, and e-mail subscription features.
  • Web Analyst: Web Analysts can create new reports with basic report functionality, and use ad hoc analysis from Intelligent Cubes with interactive, slice and dice OLAP.
  • Web Professional: Web Professional users have the maximum access to MicroStrategy Web functionality. They can create Intelligent Cubes and reports for users, with full reporting, ad hoc, and OLAP capabilities with seamless ROLAP analysis.

Administrator Groups

  • System Monitors: The System Monitors groups provide an easy way to give users basic administrative privileges for all projects in the system. Users in the System Monitors groups have access to the various monitoring and administrative monitoring tools
  • System Administrators: The System Administrators group is a group within the System Monitors group. It provides all the capabilities of the System Monitors group plus the ability to modify configuration objects such as database instances, and so on.