BusinessObjects Board

BOXI4 - Crystal Report Server 2011 authentification Active Directory

general discussion
#1

Hi,

I have BOXI4 - Crystal Server 2011.

Is there a solution to use active directory authentification in BI launch pad http://localhost:8080/BOE/BI :

  • without kerberos ?

  • withour SSO ?

I want to simply use NTLM authentication.

Thanks

#2

I don’t know exactly how it may work in Crystal Reports Server, but in the full BOE installation, this is possible. You configure it in the Authentication area for Windows AD. There is information on this in the Administrator’s Guide.

#3

Thanks JohnBClark,
I already enable Windows Active Directory (AD) in CMC.

But in “BI launch pad” there is no authentification option like Windows AD, Enterprise or LDAP.

2022-06-03 16_38_49-Document1 - Word
2022-06-03 16_38_49-Document1 - Word1064Ă—1591 148 KB

Thanks

#4

There are configurations that must be done on the web server to make it show the authentication drop down box for BiLaunchPad.

#5

The visibility of the Authentication Type option is set in a BILaunchpad.properties for BI Launchpad and CMCApp.properties for the CMC. Here’s how you make the change (assuming default install location on the C: drive and that you haven’t made any properties changes):

  1. Go to C:\Program Files (x86)\SAP BusinessObjects\tomcat\webapps\BOE\WEB-INF\config\default. Find both of the files mentioned above and copy them.

  2. Go to C:\Program Files (x86)\SAP BusinessObjects\tomcat\webapps\BOE\WEB-INF\config\custom and paste the files. If the files already exist, edit what’s there.

  3. Edit BILaunchpad.properties in a text editor. You can delete everything you’re not changing as all of those properties will come from the default version of the file. For non-SSO Active Directory, I usually set the file to something like this for my clients (including the comments from the default version of the file):

# You can specify the default Authentication types here.  secEnterprise, secLDAP, secWinAD, secSAPR3
authentication.default=secWinAD

# Choose whether to let the user change the authentication type.  If it isn't shown the default authentication type from above will be used
authentication.visible=true

# You can specify the authentications that are supported in this field. 
# By default all the authentications listed below will appear. You can add or remove values from the field, based on the authentications which are supported.
# Authentications List --- secEnterprise,secLDAP,secWinAD,secSAPR3,secOraApps,secPSE1,secpsenterprise,secSiebel7
logon.authentication.visibleList=secEnterprise,secWinAD

# Choose whether to let the user change the CMS name
cms.visible=false

# Set sso.types.and.order to define a comma delimited list of SSO types to be enabled and the ordering
# An empty list indicates that the legacy ordering is to be used
# If the list is specified, the legacy options will be ignored
# Valid options: vintela, trustedIIS, trustedHeader, trustedParameter, trustedCookie, trustedSession, trustedUserPrincipal, trustedVintela, trustedX509, sapSSO, siteminder
# If none are desired specify: none
sso.types.and.order=vintela

  1. Do something similar with the CMCApp.properties file.

  2. Restart Tomcat.

  3. If everything looks like it’s working, copy the custom files to C:\Program Files (x86)\SAP BusinessObjects\SAP BusinessObjects Enterprise XI 4.0\warfiles\webapps\BOE\WEB-INF\config\custom to ensure that the files don’t get overwritten when you upgrade your software.

I like to include the changes to logon.authentication.visibleList so that only the options that are configured in your system are available.

-Dell

1 Like