Table of Contents
Advertisement
Setting up HTTP access to the CUBE
This chapter describes how to configure a Windows 2008 Server running SQL Server 2008 so that
users may connect to the Analytics Extension CUBE without providing AD credentials. This makes it
easier to connect to the CUBE for clients residing in an AD domain beyond the data warehouse
server, or clients outside your network.
This solution uses HTTP for data access, taking advantage of IIS 7 as a middleware component to
enable access to the CUBE. A small IIS web application – commonly known as an "HTTP pump" – will
be set up on the data warehouse Windows server (which may or may not be identical to the TMS
server, depending on your setup). This application acts as a "pump" that receives requests,
authenticates them, and creates a security context for the requests before forwarding them to Analysis
Services. After Analysis Services has executed the request, the pump will in a similar fashion pass the
response back to the client.
This approach may also be used in scenarios where IIS and Analysis Services run on different
computers. However, Windows does not by default allow AD delegation (remote impersonation by a
server of other clients). If using an IIS separate from the Analysis Services server, you must set up
Kerberos authentication and configure the domain to allow delegation before proceeding.
Installing IIS
Make sure that IIS is installed on the Windows server you want to set the HTTP pump set up on,
normally the data warehouse server.
1. Open Start > Administrative Tools > Server Manager
2. Check if Web Server IIS is mentioned on the Roles Summary pane. If IIS is not already installed,
click Add Roles and follow the installation wizard.
IIS needs the ISAPI Extensions role service installed, as well as an Authentication component. This
document assumes that Basic authentication is installed. However, this authentication method
transmits passwords using an easily decrypted algorithm, and should not be used if you are sending
sensitive data over the public internet (unless you are also using SSL). It should however, be sufficient
for internal networks.
To check if these components are installed:
1. Use the tree view in Server Manager and go to the Roles node.
2. Open the Web Server (IIS) pane, and if ISAPI Extensions and Basic Authentication (or the
authentication method of your choice) have their status set to Installed, it is not necessary to
install them. If they are not installed, install them by clicking Add Role Services and follow the
installation wizard.
Copying the pump binaries
You must now manually copy binary files from Analysis Services to the directory that you want to use
as the basis for your HTTP pump web application.
In a default 32bit installation of SQL Server 2008, the required files are located in C:\Program
Files\Microsoft SQL server\MSAS10.MSSQLSERVER\OLAP\bin\isapi. Copy all of the files
and subdirectories of this folder to a subdirectory of C:\inetpub\wwwroot, for example to
C:\inetpub\wwwroot\analytics-pump. Do not use a path that contains spaces.
Creating an IIS application pool
1. Open Server Manager
2. Locate the Server Manager > Roles > Web Server (IIS) > Internet Information Services (IIS)
Manager node.
3. In the "Connections" tree view that opens, right-click Application Pools and choose "Add
Application Pool..."
4. Give the new application pool a suitable name (for example "Analytics-pump"), and set Managed
pipeline mode to Classic (Figure 9).
TANDBERG Analytics Extension Admin guide
Setting up HTTP access to the CUBE
21
Advertisement
Table of Contents
