Crystal Enterprise 9 with unmanaged reports

[Luvsql]

Currently, I have a website that lists reports. When a user accesses this site, then opens a report, if I wanted to now use NT Authentication, would the ODBC connection use the account that is setup to run the IIS service or would it want to use the account of the user running the report?

Take for an example, having a mixed authenticated network where we have users authenticating onto a novel server, they open the website (our IIS server resides on our Win 2k domain and the IIS service is setup to run using a domain account), would it be able to authenticate assuming that IIS account has rights within sql server, or would it try and use the local account of that user?

 

[JGALEY]

I have had better luck doing the following when it comes to IIS and SQL Server access:

Use a SQL Server login from your report to SQL Server via ODBC, OLE DB, etc.

Use ACL's in Win2k to control access to the reports and limit who can access which.

The reason for this is that there is a problem in IIS/SQL Server where IIS is unable to pass the user's credentials to SQL Server. Instead, it passes the credentials of the user under which IIS is running, which does not usually work for you.

I could be wrong, but that has been my experience, and the solution I listed above has always worked. Just make sure your SQL logins have strong passwords for security. You can still use the Win2k authentication - if your Novell setup is not synched with Win2k somehow, it should just prompt them for a logon and password when they attempt to access the site, since you will have turned on authentication in IIS.

HTH, and if someone else has a better idea, feel free to chime in.


Jason

http://www.catotek.com