Database Warehouse Authentication Information Flow

The following scenario presents an overview of the general flow of information between Intelligence Server and a database server when a database user logs into Developer or MicroStrategy Web.

The user anonymously logs in to a project source.
This is done anonymously because the user has not yet logged in to a specific project. Because a warehouse database is not associated with the project source itself, users are not authenticated until they select a project to use. For more information about anonymous authentication, including instructions on enabling it for a project source, see Implement Anonymous Authentication.
- By default, the Public/Guest group is denied access to all projects. A security role with View access to the projects must be explicitly assigned to the Public/Guest group, so that these users can see and log in to the available projects.
- All users logging in to a database warehouse authentication project source can see all projects visible to the Guest user. Project access is then granted or denied for each individual user when the user attempts to log into the project.
The user selects a project, and then logs in to that project using their data warehouse login ID and password. They are authenticated against the data warehouse database associated with that project.
To enable database authentication, you must link the users in the MicroStrategy metadata to RDBMS users. Linking causes Intelligence Server to map a warehouse database user to a MicroStrategy user. If a user attempts to log in to a project without having been linked to a MicroStrategy user, a "User not found" error message is returned.