cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Best Practices for Creating OLAP Connection (BICS) in IDT

Go to solution
Former Member

on ‎08-31-2012 3:39 PM

0 Kudos

I have created several OLAP Connections (via BICS) for a Crystal Report I am building.  I don't have any issues creating the connection, rather a question regarding best practices when creating the connection, specifically the supplied userID and password.  We are using SAP authentication and do not have SSO configured.  When I first started creating my connections, I was supplying my own BW userID password and everything was fine.  My concern is that if my ID becomes locked, or my password must be changed, there will be issues (most likely errors) due to the fact that my own BW credentials have been supplied in the connection information.  I would have to go into each connection and change the credentials to the new PW.  To get around this issue we created a system user ID in BW (system ID's pw's don't expire) and then I changed my connections to use this ID instead of mine.  The issue here is I can't connect to the BW data with this user ID.

Has anyone run into this issue, and if so any ideas on how to remedy?

Thank you.


Josh Dunlap

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Henry_Banks
Product and Topic Expert
Product and Topic Expert
‎09-14-2012 11:11 AM
0 Kudos

Hi,

I believe it has to be a BW dialogue user.

The BI4 Administrators guide will also outline the roles required.

by the way, this can't be considered a best-practice, because data will be secured according to the credentials of this hardcoded login. it's OK for development, but wouldn't be adequate for Production data security.

Regards,

H

Show replies
Show replies
Former Member
‎09-17-2012 3:34 PM
0 Kudos

Hi Henry,

Thanks for the info.  What is SAP's recommendation for securing these connections (and the underlying data) in a production environment?  If we must supply a userID and password for each connection, what other options do we have besides what we are doing right now (creating a separate userID and password strictly for connection creation purposes)?

Thanks,

Josh

MariannevL
Advisor
Advisor
‎09-21-2012 9:03 AM
0 Kudos

Hi Josh,

The best practise for when you are using BI40 on top of BW is to use SSO to BW (not SSO to BI40, that is not needed).

You use SAP BW as entitlement system (SAP authentication) and connect the other security with the BW roles. So all authorization is handled from within BW.

Then you set up the connections to use sso and log into BI40 with SAP authentication.

It will then be able log on to BW without further checks, using the BI40 userid, because the authentication was already done during the login to BI40.

Hope this helps,

Marianne

Note that the BW users have to have the rights to run the bex queries through the web to able to use the corresponding connection.

It would be nice if your security model made sure they only 'see' connections they can actually use

Former Member
‎09-24-2012 5:46 PM
0 Kudos

Hi Marianne,


Thank you for the info.  I agree with you that SSO is probably the best approach.  I hadn't tried that yet but just created a connection using SSO and it was pretty seamless. 

Thanks again!

Josh Dunlap

Answers (1)

Answers (1)

jyothirmayee_s
Active Contributor
‎09-06-2012 8:50 PM
0 Kudos

Hi,

Do you have the new user id assigned in BO?. and assign rights

Thanks,

Jothi

Show replies
Show replies
Ask a Question