Tag Archives: kerberos

Solving the ‘double hop’ issue using Secure Store


[Image via Fabian Williams]

Last week I was working on some ASP.NET web forms that generated internal reports against MS CRM using ExcelWriter and I wanted to port the application to one of our SharePoint instances. Though it seemed simple at first, I ran into a few issues. One of the issues happened to be authentication related. It was a typical ‘double hop’ problem where this SharePoint instance was using integrated Windows NTLM authentication and my code was trying to access the CRM SQL Server database. By nature, NTLM is unable to pass the credentials to the database thus producing access errors. (You can find more information on the NTLM issue and using Kerberos as a solution here.)

Since we don’t have Kerberos configured on this environment, our best solution was Secure Store. This service allows a user to authenticate with domain credentials and then use an account established in Secure Store to access the database. In our case, this was the read-only CRM account. This also enables easy to use and convenient access control using AD groups. Continue reading Solving the ‘double hop’ issue using Secure Store

Things Learned at SPTechCon

[Striking a pose with the Hillbilly. Pre clog-off.]

1. The lack of readily available caffeine was kind of a problem,

2. A lot of the attendees we met were about to take the SharePoint plunge, and we salute your courage. But also, learning your way around won’t be that difficult – it only appears that way.

3. Dux was so right when he said we need to stop thinking about SharePoint as a solution and start thinking about it as a platform. (Upon which anything is possible. Almost.)

4. People are totally willing to fill out a survey if you ply them with SD cards

5. The SharePoint Hillbilly is just as nice in person as he seems on his blog. Actually, sometimes he seems cranky on his blog—but then again, when we met him, he’d just won an iPad.

6. Planking has nothing to do with SharePoint. But a lot to do with SharePints.

7. You don’t have to watch Jersey Shore to see a staged fight. Continue reading Things Learned at SPTechCon