If you configure the Planning Analytics database to use Integrated Login, the SecurityPackageName parameter defines the security package that authenticates your user name and password in Microsoft Windows.
Parameter type: optional, static
Valid values are:
When runningPlanning Analytics locally, set
SecurityPackageName=Negotiate in Planning Analytics database configuration.
Negotiate selects Kerberos unless it cannot be used by one of the systems involved
in the authentication. If
Negotiate is set and Kerberos is not available, NTLM is
used, and if NTLM is not configured TM1 will error out.
The behavior of
SecurityPackageName when using Integrated Login to authenticate
via the TM1 REST API is slightly different.
SecurityPackageName=Negotiate, the TM1 REST API supports both Kerberos and NTLM.
SecurityPackageName=NTLM, but your environment also supports Kerberos, the TM1 REST API will allow access to users with Kerberos or NTLM. The reason is that NTLM has been superseded by Kerberos, so the TM1 REST API will behave as if
SecurityPackageNamewas set to
SecurityPackageName=Kerberos, but your environment also supports NTLM, the TM1 REST API will reject NTLM users and allow access only to Kerberos users.