09-03-2015 03:59 AM
I have deployed a number of Thick Clients to different workstations. Some of these clients ask: "Password Verification: Enter administrator password", and give the error "Database [253] Access Denied" after logging into the OnBase using ODBC. Some installations work just fine, they have their workstation name registered as login when the installation was done manually. Now when the client is deployed automatically, workstations are not added into the users-list in the SQL DB, and seems not to work. This is just my theory, but how can I fix this and the deployment? I have not altered HSI's rights in config or in DB. However, deployed application is different: it's just a shortcut to the .exe whereas all client files were put into the workstation when installed manually.
09-04-2015 05:07 AM
Hi Matti,
There is an alternative.
In OnBase Configuration, under Users > Global Client Settings, on the Security tab, you can check the box labeled "Disable workstation account creation."
When this is checked, the HSI account is used for SQL Server logon instead of workstation-specific logons.
Per the System Administration MRG:
When this option is selected, the hsi user will not be able to create workstation accounts.
Instead, the hsi account itself will be used to log in to the database.
I've never used this option personally, but I think it may address your need.
One caveat: I am not sure if HSI requires the SecurityAdmin role for anything else, but since the documentation states that it is a requirement, for a long-term solution, I would suggest migrating the OnBase database to a separate instance, where HSI can be given the required roles.
Kind regards,
-Scott
09-03-2015 04:11 AM
Hi Matti,
While I would recommend contacting your first line of support, here are some questions which may help narrow down your issue:
On an impacted machine, can you navigate directly to the obclnt32.exe and launch it, select your ODBC and login without issue?
Are there any Command Line Switches you've added to the shortcut you are pushing out automatically which other machines do not have?
I assume when this issue is happening, the other machines previously deployed can still login without issue?
Have you checked the ODBC connection you've deployed to ensure you're hitting your same DB Server, Instance and DB as the working machines?
09-03-2015 05:23 AM
09-03-2015 05:35 AM
Try adding the securityadmin role to the HSI login on SQL server.
This is the role used to automatically add the workstation logins on SQL server.
Per the database reference guide:
The minimum permission required for the HSI server login is the securityadmin role. If the HSI login is not assigned this role, and if the sa password is not blank or the same as the HSI default password, then a user logging on to OnBase from a workstation for the first time will receive the message "Enter Administrator Password"
09-04-2015 02:52 AM
Find what you came for
We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.