Skip to Content
0

Crystal send empty pwd of stored odbc connections

Jul 12, 2017 at 02:02 PM

47

avatar image

Hi there,

if I connect in Crystal Reports (version 2013, 14.1.1.1036) to my SQL server instance (version 12.0.4232) via odbc connection ...

... this connection is then saved under "my connection". Now if you disconnect the server or close Crystal Report and try to reconnect this saved connection ...

again the dialog for asking the pwd is opening.

At this point Crystal Report has already produced a login error 18456 on sql server.

This is very problematic if the Domain Security Policy allows you only few login attempts, because the hole sql instance is locked then for e.g. 30min!

I suppose, that Crystal Reports cannot save the pwd information 'cause of a security issue and send just a empty string as pwd. This behaviour is very very bad and can block important databases for a long time, if one user is working unproperly with Crystal Reports.

I now there is a workaround with windows authentification or udl. Nevertheless I want to know, if it is possible to save a odbc connection with sql server authentification without generating a login error. Is there any way to define such a connection manually in Crystal Reports?

Best regards, Primus

10 |10000 characters needed characters left characters exceeded
* Please Login or Register to Answer, Follow or Comment.

3 Answers

Best Answer
Vitaly Izmaylov
Jul 12, 2017 at 02:21 PM
1

2178997 - Crystal Reports attempts to login with no password

Symptom

  • Crystal Reports attempts to login with empty password
  • Error "Login failed for user '*****'. Reason: Password did not match that for the login provided."

Environment

  • Crystal Reports 2008
  • SAP Crystal Reports 2011
  • SAP Crystal Reports 2013
  • SAP Crystal Reports 2016

Reproducing the Issue

  1. Activate CRLogger following SAP KBA 1603398
  2. Open any report connected to any relational database like Oracle, MS SQL Server, Sybase, etc.
  3. Refresh the report in CR Designer
  4. Review the log file and notice a logon error for attempt to login with an empty password

Cause

This behavior is By Design and stays the same from legacy versions of Crystal Reports. The application makes attempt to initialize some logon properties.

The only exception is Universe connectivity.

Resolution

WARNING:

Using the Registry Editor can cause serious problems that may require reinstalling the operating system. SAP is not responsible for any problems resulting from using the Windows Registry Editor; use it at your own risk. SAP recommends that you back up the registry before you edit it.

To disable the attempt add the following registry key:

"AvoidEmptyPasswordLogon"

Type: STRING

Recognized Values: Yes; No

Default Value: Yes

at the following locations:

For Crystal Reports 2008:

  • HKEY_LOCAL_MACHINE\Software\Wow6432Node\Business Objects\Suite 12.0\Crystal Reports\Database\ (on 64 bit OS)
  • HKEY_LOCAL_MACHINE\Software\ Business Objects\Suite 12.0\Crystal Reports\Database\ (on 32 bit OS)
  • HKEY_CURRENT_USER\ Software\ Business Objects\Suite 12.0\Crystal Reports\Database\

For Crystal Reports 2011:

  • HKEY_LOCAL_MACHINE\ Software \Wow6432Node\SAP BusinessObjects\Suite XI 4.0\Crystal Reports\Database\ (on 64 bit OS)
  • HKEY_LOCAL_MACHINE\ Software \ SAP BusinessObjects\Suite XI 4.0\Crystal Reports\Database\ (on 32 bit OS)
  • HKEY_CURRENT_USER\ Software\ SAP BusinessObjects\Suite XI 4.0\Crystal Reports\Database\

Note: Registry settings in HKEY_LOCAL_MACHINE applies to all Users on the machine, but the HKEY_CURRENT_USER applies only to the User currently logged in to the machine. If both keys set, Crystal Reports will take the value from HKEY_CURRENT_USER.

For the registry key to take effect the application (CR Designer or BI Server) needs to be restarted

Share
10 |10000 characters needed characters left characters exceeded
Marcel Thalmann Jul 13, 2017 at 08:06 AM
0

Thank you for your response.

Is it also possible to avoid this login attempt by a registry entry for Crystal Reports 2013? The entry "AvoidEmptyPasswordLogon" does not have an effect in HKEY_CURRENT_USER\ Software\ SAP BusinessObjects\Suite XI 4.0\Crystal Reports\DatabaseOptions\ neither in HKEY_CURRENT_USER\ Software\ SAP BusinessObjects\Suite XI 4.0\Crystal Reports\DatabaseServer\

sincerely

Share
10 |10000 characters needed characters left characters exceeded
Don Williams
Jul 12, 2017 at 02:06 PM
0

Check on Use Trusted Authentication then it uses the Domains User Name and PW credentials to log on, needs to be configured in MS SQL Server as well.

Also, in Report Settings uncheck all Verify options then it will not try to pass a blank password.

Don

Share
10 |10000 characters needed characters left characters exceeded