locked
Sharepoint Web part problem RRS feed

  • Question

  • Hi experts

     

    I'm trying to use the Proclarity Viewer Web part for sharepoint and have installed and configured it as per the instructions.  It shows up in the list of available web parts and adds to a page fine.  However when we try to configure it and set the ProClarity Analytics Server option we are getting the message "Invalid Server Name" when we click login.  We have tried both authentication modes and various user names.  The same server address when entered in the address bar works perfectly

     

    The security is pretty tight here and there are numerous firewalls all over the place. We have also set up Kerberos successfully.

     

    Any suggestions greatly appreciated.  Can anyone advise which user is actually making the call when clicking the login button

     

    Thanks

     

    Monday, January 28, 2008 11:04 AM

Answers

  • It sounds like you're on the right track.  I'm not familiar with configuring SharePoint to use Kerberos, but since it is essentially IIS running against a database, it should be pretty straightforward.  I assume that if you are in a fairly secure environment that the SharePoint application pool would be running under a domain service account and an SPN would need to be set and the service account will need to be trusted for delegation.  On the other hand, if the application pool is running under a local (Network Service, Local Service, or Local System) account, then all you should have to do is enable the server's Active Directory account to be trusted for delegation.  One way to nail down whether or not the issue is related to Kerberos would be to configure PAS the PAS virtual directory for Basic only, then test the web part set for Basic and see what happens.  If that works, then it's a pretty safe bet that Kerberos is the problem.  I also found this blog, which seems to lay out the Kerberos configuration for MOSS in a readable manner and appears to be a little more complicated that what I implied above.  Good luck and let me know if there is anything else that I can do!

     

    http://blogs.msdn.com/martinkearn/archive/2007/04/23/configuring-kerberos-for-sharepoint-2007-part-1-base-configuration-for-sharepoint.aspx

     

    Thanks,

     

    -Bob

    Monday, January 28, 2008 8:46 PM

All replies

  • When you click login, the credentials that have been used to authenticate the user on the workstation/browser session are what is sent to the PAS instance for authentication.  Are you able to access the PAS view directly, outside of SharePoint, using the same credentials?  If so, I would suspect that Kerberos may not be configured properly.  Can you check the security log on the PAS server to see if there are any errors that may be related to user authentication from the SharePoint server and let me know what you find?

     

    -Bob

    Monday, January 28, 2008 5:00 PM
  • Hi Bob

     

    Thanks for the reply.  I can access PAS views no problem outside of sharepoint.  The error displays in the config pane for the web part before any books are available to select. 

     

    I'm happy with how Kerberos is configured in regards to Proclarity and Reporting Services as they are both working absolutely fine.  I haven't tried adding an spn for the sharepoint box yet - i guess that is my next step. 

     

    Nothing jumps out at me in the event logs either.  I don't believe the request is ever getting that far

     

    Thanks again

    Monday, January 28, 2008 6:03 PM
  • It sounds like you're on the right track.  I'm not familiar with configuring SharePoint to use Kerberos, but since it is essentially IIS running against a database, it should be pretty straightforward.  I assume that if you are in a fairly secure environment that the SharePoint application pool would be running under a domain service account and an SPN would need to be set and the service account will need to be trusted for delegation.  On the other hand, if the application pool is running under a local (Network Service, Local Service, or Local System) account, then all you should have to do is enable the server's Active Directory account to be trusted for delegation.  One way to nail down whether or not the issue is related to Kerberos would be to configure PAS the PAS virtual directory for Basic only, then test the web part set for Basic and see what happens.  If that works, then it's a pretty safe bet that Kerberos is the problem.  I also found this blog, which seems to lay out the Kerberos configuration for MOSS in a readable manner and appears to be a little more complicated that what I implied above.  Good luck and let me know if there is anything else that I can do!

     

    http://blogs.msdn.com/martinkearn/archive/2007/04/23/configuring-kerberos-for-sharepoint-2007-part-1-base-configuration-for-sharepoint.aspx

     

    Thanks,

     

    -Bob

    Monday, January 28, 2008 8:46 PM
  • Thanks Bob - you're input is much appreciated.  Looks like time for some more fun and games with Kerberos!

     

     

     

     

    Tuesday, January 29, 2008 9:46 AM