PolicyPak: Manage SAP CrystalReports using Group Policy, SCCM or your own management utility

You depend on Crystal Reports to turn information from just about any information source into sophisticated reports. Your users expect a predictive experience every time they use Crystal Reports. But if your users are calling the helpdesk because they misconfigured its configuration settings, you’re losing money every second.

That’s where PolicyPak comes in. Make certain your SAP Crystal Report settings are dictated and ensured using PolicyPak with Group Policy. Check out this video to see how it’s done.

Lockdown SAP Crystal Reports with Group Policy video transcript

Hi, this is Jeremy Moskowitz, Group Policy MVP and Founder of PolicyPak Software.  In this video, we’re going to learn how to manage and lockdownSAP Crystal Reportsusing PolicyPak.

I’ve already got Crystal Reports installed on my computer, and I’m just a regular user here.  As you can see, I’m logged on as a guy called “eastsalesuser4.”  If we open up this application from the start menu and go to File| Optionswe see a number of settings here for us to configure.

I have three key tab groupings of key configuration settings here.  The most important is “Database” where I have many settings that correlate with my information source itself.  “Reporting” has settings that govern the saving of my users’ reports and data.  Finally, in “Dependency Checker” I have important settings that govern the compiling of data and report options.

Let’s see how we can ensure compliance and perform desktop management of settings quickly using PolicyPak.  I’ll go ahead and switch over to my Management Station computer.

We’ll go ahead and right click over our “East Sales Users”, “Create a GPO” and we’re going to call it “Lockdown Crystal Reports.”  So this GPO is now associated with the “East Sales Users.” I’ll right click over it.  I’ll click “Edit…” I’ll dive down under “User Configuration,” “PolicyPak/Applications/New/Application.” There it is, “PolicyPak for SAP Crystal Reports 2011” along with other applications like “Java,” “Flash” “Firefox,” “Skype” and lots of other important desktop applications that your users utilize every day (and you want to make more secure.).

Let’s start with “Dependency Checker” where I want to make sure that all of these settings for Report Checking Options are enabled.  I’m going to enable each setting such as “Compile Formulas” and “Verify Database.”  Notice how these settings became underlined as soon as the checkbox values changed.  This means that these setting valuesare going to be delivered through PolicyPak. Now to make sure that the two particular settings I mentioned never becomeunchecked I am going to right click on them and select “Hide corresponding control in target application” so my users won’t even know these settings even exist.

Next I’ll go to “Database.”  I want to make sure that “Database Server is Case-Insensitive” and “Automatic Smart Linking” is enabled.  Then I’m going to protect all of the settings within this critical tab grouping by right clicking on this tab and selecting “Disable whole tab in target application.

Finally, I’ll go to “Reporting” where I want enable “Update Enterprise Report Properties on Save” and “Save Data with Report.”  Now I will enact the unique “ACL Lockdown” feature that only PolicyPak delivers.  This will absolutely lock down these settings and stop the user from altering these settings, even if they attempt to alter them in the registry itself.

Now I will go back to my client machine, we’ll get a command prompt and run “gpupdate.”  Now you could envision the user logging on for the very first time, using a Terminal Services or Citrix machine, using a VDI session, changing job roles, or getting a new computer.   I just happen to be using gupdate.

Now that that’s done, let’s go ahead and reopen the application.  We can see that our desired settings for “Dependency Checker” have been delivered and are hidden from view.  Notice too that I can no longer access the Database tab at all.   On the Reporting tab we see that the setting we were concerned about are enabled.

Now let’s pretend that this user is registry savvy and attempts to modify the setting on this tab through the registry.  I have saved the registry location of one of these settings and as you can see here, ACL Lockdown even thwarts the best efforts of this user within the registry as well.

And we are done.  That is how incredibly easy it is for you to use PolicyPak to manage and lockdown Crystal Reports as well as tons of other desktop applications.

If you’re looking for a trial of PolicyPak, just click on the “Webinar / Download” button on the right.

Thanks so much for watching, and get in touch with us if you’re looking to get started. Talk to you soon.

Back