Automated Process Scheduler

In relation to system security, the APS performs a number of important tasks. The majority of these tasks rely upon the database that the APS uses to keep track of Crystal Enterprise system data. This data includes security information, such as user accounts, group memberships, and object rights that define user and group privileges.

When you first set up your system, the APS allows you to create user accounts and groups within Crystal Enterprise. And, with its third-party security plug-ins, the APS allows you to reuse existing user accounts and groups that are stored in a third-party system (a Windows NT user database or an LDAP directory server). The APS supports third-party authentication, so users can log on to Crystal Enterprise with their current Windows NT or LDAP credentials.

When users log on, the APS coordinates the authentication process with its security plug-ins; the APS then grants the user a logon token and an active session on the system. The APS also responds to authorization requests made by the rest of the system. When a user requests a list of reports in a particular folder, the APS authorizes the request only when it has verified that the user's account or group membership provides sufficient privileges.

For details about the APS and how it calculates a user's effective rights to an object, see Calculating a user's effective rights.

For more information about the APS and the APS database, see Automated Process Scheduler.