Using NT Authentication Drivers:

We are thinking about changing to NT authentication, but have some questions
before “taking the plunge” and were hoping that others may have experience
in the following areas:

  • What happens with “special” user id’s that are not part of the NT domain.
    We have some that we use for getting at historical data. Can they be
    accessed through the Tools/Login As … menu options?

  • Many of our users rely on a master/shared set up to access BO. The
    authentication drivers reside on the shared server. Some of the clients
    will be Win 95, so they will not be able to benefit from NT authentication.
    Do these clients have to use the default driver (kgluidrv.dll), or will BO
    look for them in the repository?

  • All of our user ids have passwords associated with them. Most of the
    passwords do not match the user’s NT password. If we change to the NT
    drivers, do we have to “blank out” the passwords, or can they be left “as
    is”.

  • Does anyone have any experience with Webi and NT authentication? We are
    testing Webi and have followed the recommended set up (which includes NT
    challenge/Response). Is it safe to assume that all we would need to do is
    change out the driver?

Thanks in advance.

Jay Clise
Sandia National Labs
Albuquerque, New Mexico


Listserv Archives (BOB member since 2002-06-25)

  • What happens with “special” user id’s that are not part of the NT
    domain.
    We have some that we use for getting at historical data. Can they be
    accessed through the Tools/Login As … menu options?
    You need to change back and forth the Kgluidrv.dll file so that
    Business Objects can prompt you for a Login and Password.
  • Many of our users rely on a master/shared set up to access BO. The
    authentication drivers reside on the shared server. Some of the
    clients
    will be Win 95, so they will not be able to benefit from NT
    authentication.
    Do these clients have to use the default driver (kgluidrv.dll), or
    will BO
    look for them in the repository?
    Business Objects also has authentication drivers for Win95/98.
    That will resolve the issue.
  • All of our user ids have passwords associated with them. Most of the
    passwords do not match the user’s NT password. If we change to the NT
    drivers, do we have to “blank out” the passwords, or can they be left
    “as
    is”.
    When you log in using the NT authentication, Business Objects
    does not checks for the password. You can just leave the passwords in
    Business Objectsthe way they are.
  • Does anyone have any experience with Webi and NT authentication? We
    are
    testing Webi and have followed the recommended set up (which includes
    NT
    challenge/Response). Is it safe to assume that all we would need to
    do is
    change out the driver?
    Good Luck
    Dilip

Listserv Archives (BOB member since 2002-06-25)

“Clise, Jay” ljclise@SANDIA.GOV on 07/01/99 01:07:30

Please respond to Business Objects Query Tool BUSOB-L@LISTSERV.AOL.COM

cc:

  • What happens with “special” user id’s that are not part of the NT domain.
    We have some that we use for getting at historical data. Can they be
    accessed through the Tools/Login As … menu options?

A : NO - The login/as option automatically logs you on as the same NT-user.
We solve this by providing stand-alone installations for users who use
these features. We don’t rename the local dll => client can use login/as
Note that this problem also goes for the DAS - You will need a dedicated
DAS-NT logon if you only use NT-auth.

  • Many of our users rely on a master/shared set up to access BO. The
    authentication drivers reside on the shared server. Some of the clients
    will be Win 95, so they will not be able to benefit from NT authentication.
    Do these clients have to use the default driver (kgluidrv.dll), or will BO
    look for them in the repository?

A : We had the same problem (were it with win311) Win311 users were unable
to use the nt-driver and could not log on. The solution was to provide a
stand-alone installation for one of the two groups of users. An alternative
solution is to have two master installations pointing to the same
bomain.key: 1 with NTdll the other 1 without it and do different client
installations depending on the client config.

  • All of our user ids have passwords associated with them. Most of the
    passwords do not match the user’s NT password. If we change to the NT
    drivers, do we have to “blank out” the passwords, or can they be left “as
    is”.
    A: AFAIK the passwords are not taken into account.
  • Does anyone have any experience with Webi and NT authentication? We are
    testing Webi and have followed the recommended set up (which includes NT
    challenge/Response). Is it safe to assume that all we would need to do is
    change out the driver?
    A: Same questions here
    Thanks in advance.
    Welcome

Diederik Dellaert
PricewaterhouseCoopers
Belgium


Listserv Archives (BOB member since 2002-06-25)