Business Data Catalog, Setting Up Application Definition (Not Creating Application Definitions)
Service Accounts
Microsoft Single Sign-On & SharePoint Single Sign-On Service Account
* Minimum:
-Domain account -Central Administration, Farm Administrators Group
-SQL Server, Security Administrators Role
-SQL Server, DB_Creator Role
Enterprise Appliction Administrator Account
* Minimum:
-Domain Account
-Central Administration, Read Permissions
Microsoft Single Sign-On
Control Panel > Administrative Tools > Computer Management > Services and Applications > Services
* Microsoft Single Sign-On Service > Properties
-General, Startup type: Automatic
-General, Service Status: Start
-Log On, This Account: SSO Service Account
SharePoint Single Sign-On
Central Administration > Operations > Security Configuration > Manage Settings for Single Sign-On
* Server Settings > Manage Server Settings
-Account Name: SSO Service Account
* Server Settings > Enterprise Application Definition Settings > Manage settings for enterprise applciation definitions
-Account: SSO Service Account
SSP Permissions
SSP Administration Site > Site Actions > Site Settings > Users and Permissions
* Site Collection Administrators
-Site Collection Administrators: SSP Service Account
* Advanced Permissions > New > Add Users
-Users/Groups: SSP Service Account
-Give Permission: Full Control
Business Data Catalog Permissions
SSP Administration Site > Business Data Catalog > Business Data Catalog Permissions
* Manage Permissions > Add Users/Groups
-Choose Users: SSP Service Account
-Choose Permissions: Edit, Execute, Select in Clients, Set Permissions
* Manage Permissions > Add Users/Groups
-Choose Users: (add users as needed)
-Choose Permissions: (use permissions below, as appropriate)
Permissions
Edit: Select this permission to enable users to import application definitions and add, edit, or delete application definitions, business data types, and data fields for business data types.
Execute: Select this permission to enable users to change the properties of business data.
Select in Clients: Select this permission to enable the user to refer to business data types and fields in SharePoint lists, Web Parts, sites, and client applications.
Set permissions: Select this permission to enable the user to configure permissions for other users.
(Taken from Microsoft TechNet)
Register Enterprise Application Definitions
* Create application definition
* Import application definition
* Configure application definitino for Single Sign-On
SharePoint Single Sign-On for Application Definition
Central Administration > Operations > Security Configuration > Manage Settings for enterprise application definitions
* Server Settings > Enterprise Application Definition Settings > Manage account information enterprise applciation definitions
-Enterprise Application Definition, Account Information:
-Group Account Name: Group having Read Access to Application
-Enterprise Application Definition, Update account information: SSO Service Account
References:
Configure access to business data
http://technet2.microsoft.com/Office/en-us/library/a0d973ae-038d-491b-b76d-25dbf745d8931033.mspx
Configure single sign-on (Office SharePoint Server)
http://technet.microsoft.com/en-us/library/cc262932.aspx
Register business applications in the Business Data Catalog
http://technet2.microsoft.com/Office/en-us/library/97d1a614-84e7-45c2-9327-5749d5fc50111033.mspx
No comments:
Post a Comment