Authentication methods

Contents[Hide]

1. Overview

This article explains the available authentication methods you can use to connect to a data source.

2. Authentication methods

Some data providers have an Authentication field, which you can set to a method such as Specified Windows credentials. For example:

  • Access and DBF
  • Excel / Flat / XML files
  • ODBC generic
  • SharePoint Lists / Excel Services
  • SQL Server
  • SQL Server Analysis Services
  • Teradata

Set the authentication method for the SQL Server provider
Set the authentication method for the SQL Server provider

The available methods are explained below but note that some of the methods are applicable to certain providers only.

2.1. Server Windows credentials

The Server Windows credentials authentication method lets you connect to a data source using the Windows identity that is running the Dundas BI IIS application pool.

Use this method when the IIS application pool user/identity already has access to the data source (for example, when the data source does not contain any sensitive information).

2.2. SQL Server authentication

This authentication method is applicable to the SQL Server data provider only. It lets you connect to a SQL Server data source using login credentials that are created and managed by SQL Server. These login credentials are not based on Windows user accounts.

SQL Server authentication method
SQL Server authentication method

See also: https://docs.microsoft.com/en-us/sql/relational-databases/security/choose-an-authentication-mode

2.3. Specified Windows credentials

The Specified Windows credentials authentication method lets you enter the credentials that will be used to establish the Windows identity for connecting to the data source.

Use this method when the IIS application pool identity does not have sufficient access to the data source. Generally, all users viewing dashboards based on this data connector will see the same data (because the same specified credentials are being used).

The method requires the following information:

  • Domain - The domain to which the Windows account belongs.
  • Username - The Windows account name.
  • Password - The account's password.
  • Relay Credentials - For connections to remote servers. If enabled, the specified credentials will be sent to the remote server and authenticated there. If unchecked, the specified credentials will be authenticated by the server where the Dundas BI application is running. Use this option if the Dundas BI server is not able to reach a domain controller for the specified domain. Do not enable this option if the data source is on the same server as the Dundas BI application.

Specified Windows credentials method
Specified Windows credentials method

2.4. Impersonated Windows credentials

If you are logged on to Dundas BI with a Windows account, the Impersonated Windows credentials method will use the corresponding identity to connect to the data source.

Use this method when the data source returns different data depending on the Windows account that is connected.

Note
Impersonated Windows credentials allow for a Double-Hop issue. To avoid this, make sure the data source and the application database are on the same computer, or enable Kerberos delegation. You can read more on this from Microsoft here or here.

2.5. Azure Active Directory

When creating a Microsoft SQL Server data connector, additional authentication methods Active Directory Password and Active Directory Integrated are available for when connecting to Azure SQL using Azure Active Directory.

2.6. Online credentials

This authentication method is applicable when you are connecting to SharePoint Lists and Excel Services using SharePoint Online (e.g., Office 365) instead of an on-premises server.

3. See also

Dundas Data Visualization, Inc.
400-15 Gervais Drive
Toronto, ON, Canada
M3C 1Y8

North America: 1.800.463.1492
International: 1.416.467.5100

Dundas Support Hours:
Phone: 9am-6pm, ET, Mon-Fri
Email: 7am-6pm, ET, Mon-Fri