The directions in this topic apply to administrators who wish to enable Analytic Services to use external authentication of users in a Windows NT LAN Manager (NTLM) domain. This topic contains the following sections:
To enable use of the NT LAN Manager provider, certain access rights are required of the Windows NT user account on which the Analytic Server or client runs.
Note: Make sure you set up these rights on the machine on which Analytic Services runs, rather than on the NT domain machine.
Additionally, certain access rights are required for end users. The following access rights are required for external authentication to work with an NT LAN Manager provider:
Setting Up User Rights on Windows NT
Setting Up User Rights on Windows 2000
The users or groups who have the selected policy setting are shown in the Grant To list box. If the appropriate user is shown in this list box, click Cancel and skip to step 6.
The users or groups who have the selected policy setting are shown in the Grant To list box. If the appropriate user is shown in the Grant To list box, click Cancel and skip the rest of this procedure.
The Local Security Settings dialog box is displayed.
The Local Security Policy Setting dialog box for the Access this computer from the network policy is displayed.
The Local Security Policy Setting dialog box for the Act as part of the operating system policy is displayed.
If you are implementing external authentication with an NT LAN Manager provider and wish to support the use of a UNIX machine for the client application, you must also ensure that the Hyperion Remote Authentication Module is installed on a Windows NT/2000 server. The installation program is available on the Hyperion Download Center. Download and read the installation and setup instructions provided with the Hyperion Remote Authentication Module on the Hyperion Download Center.
In addition to UNIX application support, the Hyperion Remote Authentication Module also enables a Hyperion application to authenticate users belonging to other domains that are not trusted by the domain on which the Hyperion application is installed. This removes the necessity to establish trust relationships between the domains.
Therefore, installing the Hyperion Remote Authentication Module can be useful to both of the following groups:
To provide support for NTLM authentication using multiple Windows domains, install the Hyperion Remote Authentication Module. The installation program is available on the Hyperion Download Center. Download and read the installation and setup instructions provided on the Hyperion Download Center.
©2004 Hyperion Solutions Corporation. All Rights Reserved. http://www.hyperion.com |