cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SAP Crystal Server 2013 - Enabling Windows AD Authentication

Go to solution
Former Member

on ‎06-23-2015 7:29 PM

0 Kudos

Hi All,

We recently installed SAP Crystal Server 2013 and now we would like to enable Windows AD authentication with kerberos.

Could someone, please detail me the exact steps involved in setting this up. I'm not a Windows/BO administrator but a developer and is tasked with this work. So, would appreciate if steps are given in detail, so I can successfully set this up.

Our installation is SAP Crystal Server 2013 and the details of the version are SAP BusinessObjects BI Platform 4.1 Support Pack 1 Version: 14.1.1.1036;


Appreciate your help.


Thanks very much!

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

DellSC
Active Contributor
‎06-23-2015 7:44 PM
0 Kudos

Because you have Crystal Server, you should have a maintenance contract.   This means that you should be able to get an "S"-id from SAP to access the support site.  From there you can search for note 1631734, which is the latest step-by-step instructions for doing this configuration.

For further assistance configuring Crystal Server, please ask your questions here:    Crystal Server is just a limited set of the code from the BI Platform, so it works and is configured the same way.

-Dell

Show replies
Show replies
Former Member
‎06-23-2015 7:47 PM
0 Kudos

Hi Dell,

Thanks for your prompt response. Yes, we have recently purchased this software and I will check that document which you have mentioned.

If I find any issues in that then I will post in BI Platform community.

Thanks again.

Former Member
‎06-23-2015 8:12 PM
0 Kudos

Hi Dell,

One more question, is there any difference in creating users via Enterprise authentication and granting them the requested privileges to reports and folders and creating users via Windows AD authentication.

Basically, we have some users who would like to run Crystal reports on-demand on this platform.

It looks to me creating users via Enterprise looks simpler than via Windows AD.

Thanks.

DellSC
Active Contributor
‎06-23-2015 8:27 PM
0 Kudos

It depends on how far you want to go with it.  I have clients who manage ALL of their access through AD - so they have multiple AD groups, one for each type of access, and users can be assigned to more than one.  In this way, their service desk or AD admins don't have to know anything about BusinessObjects (BO) or Crystal Reports Server (CRS) in order to give users access to the system.  If you handle it this way, you need to be sure to map each of your AD groups to a corresponding Enterprise group within CRS and then use the Enterprise group for setting up security.  This way you won't lose your security if your system ever loses contact with the domain server.

I have other clients who use AD just to determine who has access to log in to the system and then they assign the AD users to enterprise groups to give them access to objects in the system.

Or you could do it all through Enterprise users and groups.  There's not any difference in how they work with authentication and authorization in the system.

-Dell

Former Member
‎06-23-2015 8:32 PM
0 Kudos

Thanks Dell for the details.

Appreciate your help. I observed you and Abhilash are some of the most helpful contributors on this site; Thanks again for sharing your knowledge and pitching in for the help.

I will verify the two options and will decide, but looks like Enterprise users set up is a way for me, just for my ease.

Answers (0)

Ask a Question