Spotfire Ideas Portal
We are in the process of upgrading from Spotfire 7.0.1 to Spotfire 7.7. One of the issues we found is that Automation Services, in this new architecture, does not support delegation unless we have Kerberos as our SSO. The only way it works is with this internal account ' SPOTFIRESYSTEM\automationservices.' In our case, we have NTLM. NTLM is an old technology and we understand that. However, NTLM is very easy to set up and configure and is pretty much standard with all our applications. So, for us, and I imagine for a lot of your clients, this is a major project. It would be nice if we can get NTLM back and have Automation Services delegate the account it is working under to the app server and then we can, with that same account, use row security in the information links. That is an architecture we have been using for years now and that I think is common in other companies.
Why do you insist on NTLM? Are aware that Kerberos can work on Windows XP all the way up Windows 10 and even with AD domains based on 2003 Domain Controllers by using the rc4-hmac-nt crypto? Kerberos is a lot easier to setup than what you think.
We are working on adding the possibility to use a custom account for Automation Services and Scheduled Updates.