We use the Analysis Services Deployment Wizard when moving our cubes from Dev to QA and then QA to Prod. Up until this point, we have been in "Beta" meaning that we have a few developers that have access plus a few SME's (Subject Matter Experts). So every once in a while we would get a call from one of the SME's saying that they no longer have access. We would look at the Analysis Services Role in which we are granting them access via and all permissions would be cleared and set back to none.
This issue we would only see once every other month and was tough troubleshooting since we didn't have that many SME's hitting the system on a frequent basis and all of the developers had admin access by default. As we got closer to "Go Live" we were making much more frequent promotions and the SME access was much more frequent. This allowed us to better troubleshoot the access permissions and we ended up finding that one of the options on the Deployment Wizard doesn't really do what we thought it should do.
The deployment option we would use every once in a while (again leading to tougher troubleshooting) was the "Retain roles and members". Per my understanding, this option should not deploy nor affect the current databases roles or membership. However, this apparently is not the case as per this support article: http://support.microsoft.com/default.aspx/kb/933836.
Marc Beacom ...