In the registry, look at the ThreadingModel key for any DSO component and you’ll see DSO has to run in a single threaded apartment (STA). ASP.NET pages run free threaded by default. This forces COM to activate a DSO component on a different thread, a thread that does not have the security credentials of the client. Thus, even with impersonation you are still not able to access the OLAP server via DSO.
The solution: In the @ Page directive of your aspx file set aspcompat=”true”. The aspcompat attribute forces the page to execute on an STA thread. When the DSO component is instantiated, COM allows the method calls to happen from the same thread executing the ASPX file, the thread with the client’s security credentials.
Remember also when using the aspcompat attribute to only create COM components in the Page_Load event handler or later. The runtime does not place the request into STA mode until after the constructor has completed, and creating an STA COM component before this time will lead to additional marshalling overhead between apartments.