Establishing Your Security Rights

About this task

Your security identity is established upon connecting to the server. This occurs through the following steps:

Procedure

  1. Specifying a user name and password of an account.
    Upon connection, the system checks to see if you have a valid Windows 2003 account. If you have supplied a username and password (through the Excel Add-In for example), security checks that user. If username and password are not supplied and you are on a Windows 2003 or Windows 2008 machine or higher, security checks the currently logged in user.
    Note: If you do not pass a domain name the account will be checked locally in the same way a mapped drive attempt happens. You have to specify a username and password that exists on the server.
  2. Determining group membership of that account.
    Once the account is validated, the server determines group membership. For more information on the process and hierarchy of the groups, refer to the Security Checking Process diagram below.
  3. Caching membership profile.
    Once the group and tag membership are determined, it is cached for the connection and not looked up again. If users are added to or deleted from a group, the cache is not updated.
    Note: The cache information is per connection, and not per IP address. In other words, it is cached per application and not per system.
    Figure: Security Checking Process