Focal Point
Security ON in Web Focus

This topic can be found at:
https://forums.informationbuilders.com/eve/forums/a/tpc/f/7971057331/m/8901043461

April 20, 2006, 06:10 AM
Karanth
Security ON in Web Focus
I have security ON in web focus and i have set some user ids into the various groups that are allowed. I need to restrict the usage in my Web Focus server to some specified NT logins. Now users which i have not added in the list of users also get access to PRocedures/Version in the WF console. How do i totally restrict this? There is no MRE here by the way. Just access to my reporting server.
April 20, 2006, 10:27 AM
TexasStingray
Rethink your security. What are you trying to do. Why are users using the Console. Normally the console is for Admin's and Some Developers. If you want help give a detail description and to what you are trying to accomplish as far as security. Don't worry about the console at this point.




Scott

April 24, 2006, 06:16 AM
Karanth
basically i turned security = PTH and gave user ids and passwords for ADMIN level but the password check simply doesnt happen. I am still able to login with any password. Also any user not configured also can access the admin console.
April 24, 2006, 11:57 AM
newtofocus
Karanth,

That is how the PTH mode which was WCPROTECT in the earlier releases is supposed to work. Even though every one can logon, they will not be able to do any thing except viewing the agents to see what is running under theire id.

How did you set the password for the user ids?.
You need to do it from the command level using edastart -change server_admin_id from the EDACONF/bin directory. At least this is how did it at the 5.2.5 level


WF7.1.4 Prod/Test, MRE, self serve, DM
April 25, 2006, 01:30 AM
Karanth
thanks but how do i do it from the command level??? can u give me the full command?
See basically i want to restrict anyone from logging into my console. I also want to enable security in which i have a reporting application which can be used only by specified NT logins. For this i have security ON and have a list of IDs in a database and my FEX checks that. But if i have it as PTH the application security will not be there right? I do not have MRE installed, so how do i do all of this? Do i need a separate security level and not do it at a WF level?

This message has been edited. Last edited by: Karanth,
April 25, 2006, 04:11 PM
newtofocus
how do i do it from the command level??
can u give me the full command?
https://forums.informationbuilders.com/groupee_common/platform_images/blank.gif
Go to your bin directory and type in
edastart -change server_admin_id.

It will prompt you for the user id and password to change.


See basically i want to restrict anyone from logging into my console. I also want to enable security in which i have a reporting application which can be used only by specified NT logins. For this i have security ON and have a list of IDs in a database and my FEX checks that.

But if i have it as PTH the application security will not be there right?
https://forums.informationbuilders.com/groupee_common/platform_images/blank.gif
Yes, you are right you cannot prevent people from logging on to your web console if you have it as PTH, but remember if they are not defined as server admins or application admins, they can view their agents.

I do not have MRE installed, so how do i do all of this? Do i need a separate security level and not do it at a WF level?
https://forums.informationbuilders.com/groupee_common/platform_images/blank.gif
Regard less of wether the server is ON or PTH, the NT logins on the box will be able to logon to the reporting server. Given this scenario I think PTH is the way to go that way you can atlest prevent them from killing their own agents.


WF7.1.4 Prod/Test, MRE, self serve, DM
May 03, 2006, 05:11 AM
Karanth
Hi,
I put security as PTH and did wat u said - from the command line changed the password but it did not work.
This worked when Security = ON but for PTH i can login with thid id without any password.