How to make WindowsAD with logon token

sdk development
1

Hi All,
Wondering if anyone have achieved running Crystal or webi reports using WindowsAD with logon token?

We are trying to use below code and it’s failing. Although it works for Enterprise Authentication but not for SecWinAD.

Imports CrystalDecisions.Enterprise 'referencing CrystalDecisions.Enterprise.Framework.dll

Dim ceSessionMgr As New SessionMgr
Dim ceSession As EnterpriseSession
Dim ceEnterpriseService As EnterpriseService
Dim ceInfoStore As InfoStore
Dim ceReportObjects As InfoObjects

ceSession = ceSessionMgr.Logon(“”, “”, My.Settings.BOServer, “secWinAD”)
ceEnterpriseService = ceSession.GetService("", “InfoStore”)
ceInfoStore = New InfoStore(ceEnterpriseService)
strQuery = “Select * From CI_INFOOBJECTS Where SI_CUID=’” + strCUID + “’”
ceReportObjects = ceInfoStore.Query(strQuery)

If ceReportObjects.Count > 0 Then
ceReportObject = ceReportObjects.Item(1)

            ceReport = CType(ceReportObject, Report)
            Dim myReportClientDocument As ReportClientDocument
            Dim myReportAppFactory As ReportAppFactory
            Dim myObject As Object

            myObject = ceSession.GetService("", "RASReportFactory").Interface
            myReportAppFactory = CType(myObject, ReportAppFactory)
            myReportClientDocument = myReportAppFactory.OpenDocument(ceReportObject.ID, 0)

……

Errors mapped user vs not mapped, on line ‘ceSession = ceSessionMgr.Logon(“”, “”, My.Settings.BOServer, “secWinAD”)’

• The following error occurs for user ‘user1’…
“Cannot access report from Server: server:port. Please contact the Helpdesk for resolution. Error Message: “Internal error.” “

• The following error occurs for user ‘user2’…
“Cannot access report from Server: server:port. Please contact the Helpdesk for resolution. Error Message: “Logon failed. Please make sure you are a member of a valid mapped group. (FWB 00029)” “

prateekjain :australia: (BOB member since 2009-10-08)

2

I don’t see anywhere in your code where you’re actually using a logon token. If you’re trying to login in a user who is “known” because they have already logged in to your application, then you need to look at using “Trusted Authentication” where you will pass in the User ID and CMS using SessionManager.CreateTrustedPrincipal(user ID, CMS name).

In order for this to work, you have to do the following:

  1. In the CMC, go to Authentication>>Enterprise.

  2. Turn on Trusted Authentication and generate a “secret key”.

  3. Download the secret key to TrustedPrinicpal.conf and put the file in both the win32_x86 and win64_x64 folders where the SDK is installed.

NOTE: The file will have to be recreated any time someone regenerates the secret key. Also, the secret key is specific to the system where it’s generated, so you’ll need separate files to connect to Dev, Test, and Prod environments if that’s how your systems are configured.

-Dell

hilfy :us: (BOB member since 2007-04-16)