Thursday, April 10, 2008

SharePoint V3: Business Data Catalog, Setting Up Application Definition

Business Data Catalog, Setting Up Application Definition (Not Creating Application Definitions)


Service Accounts

Microsoft Single Sign-On & SharePoint Single Sign-On Service Account
* Minimum:
-Domain account -Central Administration, Farm Administrators Group
-SQL Server, Security Administrators Role
-SQL Server, DB_Creator Role

Enterprise Appliction Administrator Account
* Minimum:
-Domain Account
-Central Administration, Read Permissions



Microsoft Single Sign-On

Control Panel > Administrative Tools > Computer Management > Services and Applications > Services
* Microsoft Single Sign-On Service > Properties
-General, Startup type: Automatic
-General, Service Status: Start
-Log On, This Account: SSO Service Account


SharePoint Single Sign-On

Central Administration > Operations > Security Configuration > Manage Settings for Single Sign-On
* Server Settings > Manage Server Settings
-Account Name: SSO Service Account

* Server Settings > Enterprise Application Definition Settings > Manage settings for enterprise applciation definitions
-Account: SSO Service Account


SSP Permissions

SSP Administration Site > Site Actions > Site Settings > Users and Permissions
* Site Collection Administrators
-Site Collection Administrators: SSP Service Account
* Advanced Permissions > New > Add Users
-Users/Groups: SSP Service Account
-Give Permission: Full Control



Business Data Catalog Permissions

SSP Administration Site > Business Data Catalog > Business Data Catalog Permissions
* Manage Permissions > Add Users/Groups
-Choose Users: SSP Service Account
-Choose Permissions: Edit, Execute, Select in Clients, Set Permissions

* Manage Permissions > Add Users/Groups
-Choose Users: (add users as needed)
-Choose Permissions: (use permissions below, as appropriate)


Permissions

Edit: Select this permission to enable users to import application definitions and add, edit, or delete application definitions, business data types, and data fields for business data types.

Execute:
Select this permission to enable users to change the properties of business data.

Select in Clients:
Select this permission to enable the user to refer to business data types and fields in SharePoint lists, Web Parts, sites, and client applications.

Set permissions:
Select this permission to enable the user to configure permissions for other users.

(Taken from Microsoft TechNet)



Register Enterprise Application Definitions

* Create application definition
* Import application definition
* Configure application definitino for Single Sign-On


SharePoint Single Sign-On for Application Definition

Central Administration > Operations > Security Configuration > Manage Settings for enterprise application definitions
* Server Settings > Enterprise Application Definition Settings > Manage account information enterprise applciation definitions
-Enterprise Application Definition, Account Information:
-Group Account Name: Group having Read Access to Application
-Enterprise Application Definition, Update account information: SSO Service Account


References:

Configure access to business data
http://technet2.microsoft.com/Office/en-us/library/a0d973ae-038d-491b-b76d-25dbf745d8931033.mspx

Configure single sign-on (Office SharePoint Server)
http://technet.microsoft.com/en-us/library/cc262932.aspx

Register business applications in the Business Data Catalog
http://technet2.microsoft.com/Office/en-us/library/97d1a614-84e7-45c2-9327-5749d5fc50111033.mspx

No comments:

Post a Comment