Posted by exits funnel on 08/11/06 04:42

Hello,

I apologize if this question is a bit vague and slightly off topic but I
couldn't find an Analysis Services and/or ODBO specific newsgroup. In
any event, I'm trying to address an issue in some code I've inherited
from a colleague who is on vacation and unfortunately, it deals with
ODBO, COM and Analysis Services, three topics with which I'm pretty
unfamiliar. Having said that here is the situation as best I can explain
it: the code uses the C++/COM interface to ODBO to access MSAS. The code
works fine in general but there is a problem when accessing an MSAS
server located on a machine other than that on which the client is
running which deals with the security context under which the logged in
user functions. Our end users (optionally) pass us a set of credentials
(username/domain/password) which (when passed) they would like to serve
as the authenticating credentials for Analysis Server. In an effort to
address the original issue before leaving for vacation my colleague
added a call to LogonUser( ) followed by a call to
ImpersonateLoggedOnUser( ) before the call to CoCreateInstance or any of
the ODBO initialization calls. The two new calls are only made when
we're passed credentials by the end user. When I test the code with
passed credentials, neither call fails, but it seems that they don't
have the desired affect.

Here are my observations based on running my test code and then browsing
the security event log on the machine on which Anlaysis Services is running:

(1) If credentials aren't passed and LoginUser/ImpersonateLoggedOnUser
aren't therefore called, then the event log indicates two events, one
538, one 540 both corresponding to the user logged onto the client machine.

(2) If credentials are passed and as a result we make the calls to
LoginUser/ImpersonateLoggedOnUser, then the event log indicates an event
538 by user 'Ananymous Logon'.

A few questions then:

(1) Is there anyway to tell from the security log, which application
logged the events? I'd hate to think that I'm on a wild goose chase and
that these aren't Analysis Server events I'm looking at. On a related
note, is there anyway to view a history of who has logged on through one
of the MSAS management tools?

(2) Obvisouly, my real problem is scenario (2) above. What we've done
doens't seem to work, so the question is: is there some other way, given
a set of network credentials, to use them to authenticate through ODBO
against a remote Analysis Services server?

If anyone could shed any light on any of this, I'd really appreciate it.
Thanks in advance for any replies.

-exits

• Next in forum: Re: How to switch off automatic blanking of table views in enterprise manager ?
• Prev in forum: Re: Flattening Parent Child Hierarchy: Urgent please help
• Thread view: Trouble with Impersonate User, ODBO and Analysis Services

[Reply to this message]