Microsoft Office Tutorials and References
In Depth Information
Use global settings to configure the security model, session management, load balancing of ECS sessions, memory
utilization, workbook cache, and external data (Figure 5-5 ).
Figure 5-5. Excel Services global settings
Excel Services allows you to control various security related configurations such as file access method, encryption
and cross domain access from Central Administration web site. You can configure these based on your organization’s
security constraints. Here are the various options available:
File Access Method: Set the authentication method either to impersonate or to use
the process account that ECS will use for all non-SharePoint trusted file locations. Use
impersonation when you want ECS to authorize users when they try to access workbooks
stored in UNC and HTTP locations. Impersonation also allows a thread to run in a different
security context from the context in which the process that owns the thread runs. (Note
that this setting doesn’t have any impact on the workbooks that are stored in a SharePoint
Server 2013 database.) Use a process account when users can’t be impersonated and
the ECS application server opens UNC shares or HTTP web sites. A process account is
technically a local Windows account that has permissions on the shared folder where the
workbook files are stored.
■ the use of a process account in combination with anonymous access to Sharepoint Foundation presents the
risk that information may be disclosed. For more information on best practices, follow the recommendations at msdn.
Search JabSto ::