(877) 456-7632 prospero@msxgroup.com

FRx Security – FRx Users vs Windows Authentication

Assume you are using AD and adding Windows Users in FRx. You have generated a bunch of reports to the Webport where security is used at the tree level and Windows users have been incorporated. If a Windows password is then changed for the user, which password is applied to the FRx reports that have been previously generated and are stored in the FRx WebPort?

Email from Jeff Cutting 12/15/09: If you’re using Windows authentication, the whole point is that you’re NOT storing a password at all – you’re authenticating based solely on the Windows user being logged on. For example, if you use Windows authentication in FRx (including Designer, DDV, and WebPort), we’re validating only that the SID (Security IDentifier) of the logged on Windows user exists in FRx (or the FRD file). The same is true for Management Reporter (or any other app that authenticates with Windows auth). The password never enters the equation – if you’re logged on to Windows, you’re good, no password is ever stored.

So, speaking about DDV and WebPort specifically (though this applies to any Windows auth app), password changes are never an issue if you’re using Windows auth users in FRx. If you’re using app auth, password changes are a problem (as they’ve always been due to the offline nature of .FRD files).