Security Problem With SQLServer and Crystal Reports

From: Tim Burda (timburda_at_hotmail.com)
Date: 11/05/04

  • Next message: Bob: "sp_changedbowner on master"
    Date: 5 Nov 2004 08:15:51 -0800
    
    

    We recently converted a server from Windows NT 4.0 To Windows 2000 (No
    comments about the technology please :-) )

    We have a web-based application that uses Crystal Reports 8.5 against
    a SQLServer 2000 database to produce reports.

    In the course of moving to the Windows 2000 enviroment, the reports
    stopped working. We are getting an error that states "Server has not
    yet been opened" --- based on searches here and at Crystal's website,
    this seems like the default error for a database connection failure.

    Additional information:

    The report will execute properly if it is executed from within the
    Crystal Report Editor on the new Windows 2000 web server. It (the
    report) only fails when it is executed from within the web
    application.

    We have the SQLServer database setup to accept both Windows-based
    authtentication and SQLServer authentication. In addition, we have
    auditting turned on (on the SQLServer machine) to capture successful /
    failed logons. And for some reason, we are capturing NT logon attempts
    in both scenarios - web vs. standalone Crystal. I don't understand why
    this is happening, because the NT authentication doesn't need to take
    place at all because of the SQLServer authentication.

    When running from the Crystal Report Editor, the user login
    successfully occurs as the domain account that I am using to login in
    to the machine with. When running from the web application, the user
    login fails as "IWAM_USER".

    Anyone have any thoughts on what's going on and what I need to to fix
    this???

    Thanks -

    Tim Burda


  • Next message: Bob: "sp_changedbowner on master"