iis security: This is a little off topic but I am finding security in a non domain
environment totally mystifying

Can anyone help me. I work in a workgroup environment as opposed to domain
controlled. The minute I do anything with reporting services or analysis
services that is between machines I get problems.

Can anyone give me an overview of how credentials are passed in a non domain
environment.

I am using a reportviewer control to access reporting services and I can
access the remote server by passing network credentials but my report fails
if it is using Analysis Services.

I can't deploy to SSAS or SSRS from my machine unless I log into my machine
with a username and account that is the same as the machine being deployed
to. How do I tell BIDS what credentials to use.

Security is inherently based on trust, and workgroup environment
consists of ad-hoc trust. I'd expect it to be mystifying because it is
ad-hoc.

Imagine each machine is a single-machine domain with no trust
established to any other domain/machine. The security isn't really as
mystifying as much as it's just non-established, so you're hacking
trust together by hand without telling the computer. And that's where
the problem lies -- because a human's notion of trust is inherently
weaker than a computer's, so any descrepancy looks mystifying to the
human.

And some of the security protocols used by products are not exactly
happy to be hand-hacked together because that is guaranteed to be
insecure.

I understand that you just want to do something and have it work. But
there are minimum security requirements for Enterprise-class software
that you want to use.


//David
http://w3-4u.blogspot.com
http://blogs.msdn.com/David.Wang
//




[quoted text, click to view]