Re: Connecting to AS 2005 using a specified user

Hi Akshai,

Your point 1: specifying MSOLAP.2 in the connection string has no effect
when connecting from Excel. You need to change the HKCR\MSOLAP keys in the
registry.
Please refer to Dave Wickert, I emailed him the test scenario. This is not
workable in a production environment.

Your point 2: Having to re-submit the credentials means that you've
submitted the credentials to IIS ( = basic auth), and then you need to submit
them again, as if you hadn't authentified. The point of authentifying is to
give you access to the application, having to authentify several times during
a session is not acceptable.

Have you been able to authentify to an AS2005 server through HTTP from
Excel? Please make sure you're not in the same domain as the server (Internet
scenario for instance), and verify that the userID making the connection to
AS2005 is the same userID specified in the HTTP connection string, and not
the windows user logged in at the client. (You need to use the profiler on
AS2005 to check who connected)
If you're able to achieve this from Excel, please post the method you used.
Several MS PSS engineers have tried it before without success.

>Other than these two issues, is there something else that is blocking you?

To sum it up, users need to enter their credentials several times every time
they open an Excel ***, and they lose access to their existing AS2000
applications, since modifying the registry on demand is not an option.



"Akshai Mirchandani [MS]" wrote:

> Just to clarify -- as far as I know there are currently only two issues
> related to Basic authentication and HTTP on AS 2005:
>
> 1. If you use MSOLAP.3 to connect to an AS 2000 server over HTTP, it will
> not pass the userid/password correctly. This can be easily worked around by
> specifying Provider=MSOLAP.2 on the connection string of your application.
>
> 2. If you are inside Internet Explorer and browse to a web page and specify
> Basic authentication credentials. Then the web page inside IE tries to
> connect to an AS server over HTTP in the same "realm" -- for AS 2000, this
> would work without demanding the basic authentication credentials again. But
> in AS 2005, you are required to re-submit the credentials a second time.
> There is a good technical explanation for this which I won't go into, but
> the AS 2000 way was a little unsafe and it's probably a good thing that this
> doesn't work today...
>
> Other than these two issues, is there something else that is blocking you?
> Because in general Basic authentication over HTTP should work against AS
> 2005 and I'm not aware of any further issues there...
>
> I'm also missing some context in the statement below -- could you please
> expand on it?
>
> > The problem is that the new OLEDB 9 driver prevents the authentication
> > information to be passed from IIS to AS2005, so you have no way to
> > authenticate to AS2005, unless you connect directly to it the way I
> > indicated.
>
> Thanks,
> Akshai
> --
> This posting is provided "AS IS" with no warranties, and confers no rights
> Please do not send email directly to this alias. This alias is for newsgroup
> purposes only.
>
> "John Lee" <John Lee@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
> news:41F30399-D2CC-4B8A-BDF9-DC4587AE67A8@xxxxxxxxxxxxxxxx
> > I'd like to know which one among Pat's two problems is a bug. Basic auth
> > issue or OLE 9 driver issue?
> >
> > Regards,
> > From John Lee
> >
> > "Dave Wickert [MSFT]" wrote:
> >
> >> Do you have a case# for this incident? I'd like to look it up.
> >> This is certainly is not our intention for this feature.
> >> It is a bug and I want to make sure it is being treated as such
> >> internally.
> >> You can just email it to me directly.
> >> --
> >> Dave Wickert [MSFT]
> >> dwickert@xxxxxxxxxxxxxxxxxxxx
> >> Program Manager
> >> BI Systems Team
> >> SQL BI Product Unit (Analysis Services)
> >> --
> >> This posting is provided "AS IS" with no warranties, and confers no
> >> rights.
> >>
> >>
> >> "Pat" <pat@xxxxxxxxxxxxx> wrote in message
> >> news:A5950AD0-DE8B-4EC6-8113-E0AE8567A608@xxxxxxxxxxxxxxxx
> >> >I have opened a support call with PSS and after 2 weeks of hard work,
> >> >the
> >> > conclusion of the escalation engineer is that you cannot use http and
> >> > basic
> >> > authentication on AS2005, which worked on AS2000.
> >> > People on this newsgroup tend to be connected to the server through a
> >> > Windows network and use windows authentication (or have the same user
> >> > on
> >> > the
> >> > client and the server, which is not workable in a production
> >> > environment).
> >> >
> >> > The problem is that the new OLEDB 9 driver prevents the authentication
> >> > information to be passed from IIS to AS2005, so you have no way to
> >> > authenticate to AS2005, unless you connect directly to it the way I
> >> > indicated.
> >> >
> >> > The next problem is that once you have installed OLEDB 9 on your
> >> > clients
> >> > machines, they cannot access AS2000 through http any more in the
> >> > following
> >> > scenario: connect to an AS2000 cube with OWC, click "Export to Excel",
> >> > then
> >> > try to refresh in Excel. This fails with OLEDB 9, works with OLEDB 8.
> >> > So
> >> > their existing application is broken.
> >> >
> >> > Basically, you don't want to go for AS2005 if you don't have all of
> >> > your
> >> > users and the server in one single Windows domain, or in trusted
> >> > domains.
> >> >
> >>
> >>
> >>
>
>
>
.