Skip to Content

Crystal send empty pwd of stored odbc connections

Hi there,

if I connect in Crystal Reports (version 2013, 14.1.1.1036) to my SQL server instance (version 12.0.4232) via odbc connection ...

... this connection is then saved under "my connection". Now if you disconnect the server or close Crystal Report and try to reconnect this saved connection ...

again the dialog for asking the pwd is opening.

At this point Crystal Report has already produced a login error 18456 on sql server.

This is very problematic if the Domain Security Policy allows you only few login attempts, because the hole sql instance is locked then for e.g. 30min!

I suppose, that Crystal Reports cannot save the pwd information 'cause of a security issue and send just a empty string as pwd. This behaviour is very very bad and can block important databases for a long time, if one user is working unproperly with Crystal Reports.

I now there is a workaround with windows authentification or udl. Nevertheless I want to know, if it is possible to save a odbc connection with sql server authentification without generating a login error. Is there any way to define such a connection manually in Crystal Reports?

Best regards, Primus

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

3 Answers

  • Best Answer
    Jul 12, 2017 at 02:21 PM

    2178997 - Crystal Reports attempts to login with no password

    Symptom

    • Crystal Reports attempts to login with empty password
    • Error "Login failed for user '*****'. Reason: Password did not match that for the login provided."

    Environment

    • Crystal Reports 2008
    • SAP Crystal Reports 2011
    • SAP Crystal Reports 2013
    • SAP Crystal Reports 2016

    Reproducing the Issue

    1. Activate CRLogger following SAP KBA 1603398
    2. Open any report connected to any relational database like Oracle, MS SQL Server, Sybase, etc.
    3. Refresh the report in CR Designer
    4. Review the log file and notice a logon error for attempt to login with an empty password

    Cause

    This behavior is By Design and stays the same from legacy versions of Crystal Reports. The application makes attempt to initialize some logon properties.

    The only exception is Universe connectivity.

    Resolution

    WARNING:

    Using the Registry Editor can cause serious problems that may require reinstalling the operating system. SAP is not responsible for any problems resulting from using the Windows Registry Editor; use it at your own risk. SAP recommends that you back up the registry before you edit it.

    To disable the attempt add the following registry key:

    "AvoidEmptyPasswordLogon"

    Type: STRING

    Recognized Values: Yes; No

    Default Value: Yes

    at the following locations:

    For Crystal Reports 2008:

    • HKEY_LOCAL_MACHINE\Software\Wow6432Node\Business Objects\Suite 12.0\Crystal Reports\Database\ (on 64 bit OS)
    • HKEY_LOCAL_MACHINE\Software\ Business Objects\Suite 12.0\Crystal Reports\Database\ (on 32 bit OS)
    • HKEY_CURRENT_USER\ Software\ Business Objects\Suite 12.0\Crystal Reports\Database\

    For Crystal Reports 2011:

    • HKEY_LOCAL_MACHINE\ Software \Wow6432Node\SAP BusinessObjects\Suite XI 4.0\Crystal Reports\Database\ (on 64 bit OS)
    • HKEY_LOCAL_MACHINE\ Software \ SAP BusinessObjects\Suite XI 4.0\Crystal Reports\Database\ (on 32 bit OS)
    • HKEY_CURRENT_USER\ Software\ SAP BusinessObjects\Suite XI 4.0\Crystal Reports\Database\

    Note: Registry settings in HKEY_LOCAL_MACHINE applies to all Users on the machine, but the HKEY_CURRENT_USER applies only to the User currently logged in to the machine. If both keys set, Crystal Reports will take the value from HKEY_CURRENT_USER.

    For the registry key to take effect the application (CR Designer or BI Server) needs to be restarted

    Add comment
    10|10000 characters needed characters exceeded

  • Jul 13, 2017 at 08:06 AM

    Thank you for your response.

    Is it also possible to avoid this login attempt by a registry entry for Crystal Reports 2013? The entry "AvoidEmptyPasswordLogon" does not have an effect in HKEY_CURRENT_USER\ Software\ SAP BusinessObjects\Suite XI 4.0\Crystal Reports\DatabaseOptions\ neither in HKEY_CURRENT_USER\ Software\ SAP BusinessObjects\Suite XI 4.0\Crystal Reports\DatabaseServer\

    sincerely

    Add comment
    10|10000 characters needed characters exceeded

  • Jul 12, 2017 at 02:06 PM

    Check on Use Trusted Authentication then it uses the Domains User Name and PW credentials to log on, needs to be configured in MS SQL Server as well.

    Also, in Report Settings uncheck all Verify options then it will not try to pass a blank password.

    Don

    Add comment
    10|10000 characters needed characters exceeded