Microsoft KB Archive/324040

= INF: Connect to Analysis Services By Using &quot;SSPI = Anonymous&quot; on Windows XP =

Article ID: 324040

Article Last Modified on 11/21/2006

-

APPLIES TO


 * Microsoft SQL Server 2000 Analysis Services
 * Microsoft Windows XP Professional

-



This article was previously published under Q324040



SUMMARY
This article describes how to enable an Anonymous Logon group (NT AUTHORITY\ANONYMOUS) to access Microsoft SQL Server 2000 Analysis Services when it is installed on a computer that is running Windows XP.

In Windows XP local security policy, the Anonymous Logon group is no longer a member of the Everyone group. Although the Everyone group has permissions to access the Analysis Services OLAP database, the anonymous users cannot connect to Analysis Services when it is installed on a computer that is running Windows XP.



MORE INFORMATION
Although the Everyone group has permissions to connect to Analysis Services when it is installed on a computer that is running Windows XP, the client application cannot obtain metadata or query Analysis Services cubes when the SSPI=anonymous parameter is used in the connection string.

To enable an anonymous user to access Analysis Services, use either of the following methods.

Method 1
Explicitly add the NT AUTHORITY\ANONYMOUS LOGON account to an OLAP database role. To do so, follow these steps:
 * 1) In the Analysis Manager tree pane, right-click the database, and then click Manage Roles.
 * 2) In the Database Role Manager dialog box, select the that you want to change, and then click Edit.
 * 3) In the Edit a Database Role dialog box, click Add.
 * 4) In the Add Users and Groups dialog box, type NT AUTHORITY\ANONYMOUS LOGON in the Add Names box, and then click OK.
 * 5) In the Edit a Database Role dialog box, click OK.
 * 6) In the Database Role Manager dialog box, click Close.

Note Use this work around if you want to grant separate sets of permissions to anonymous users and to the local Everyone group.

Method 2
Enable the &quot;Network Access: Let Everyone permissions apply to anonymous users&quot; local security policy. To do so, follow these steps:
 * 1) Click Start, and then click Control Panel.
 * 2) In Control Panel, click Performance and Maintenance, click Administrative Tools, and then double-click Local Security Policy.
 * 3) Under Local Policies\Security Options, and then double-click Network Access: Let Everyone permissions apply to anonymous users.
 * 4) Click Enabled, and then click OK.

Keywords: kbsecurity kbinfo KB324040

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.