Is there a credential which translates to "the user that I am currently logged on to my local machine with"? If not, can there be? I want to share a document full of objects amongst my team, with the credentials pre-populated and saved. Some connections are legitimately using shared credentials (and these are saved in the document), but many of the connections should be logged into as the individual team member's Windows login. I don't want to share a document which hard-codes my Windows login, and I don't necessarily want to mandate that everyone keep a common-named credential in their own personal document (but this is my immediate workaround). I would like to store a credential in the shared document, but for that shared credential to resolve to the current user principal. (Note that I'm not suggesting that you should attempt to extract/store the password for the current principal; just that you should attempt to do the basic Windows/SSPI authentication as the logged-in user...) Hopefully I make it clear enough what I am asking for. (I also note that this forum software is eating my newlines and spacing, so apologies if this comes out as a big wall of unbroken text).
Thank you for posting the details of your workflow. Off the top of my head I can offer the following solutions:
* to prevent users from accidentally storing their creds in the shared document you can put it on a share where only the doc owner has write permissions.
* alternatively you can leverage the lockdown feature and make the doc read only for the users:
Note that there may be some restrictions when using lockdown.
* if it's always the same credential a user logs on to all systems, you can also use the Overrides feature to apply the user specific credentials to the connections:
Let me know if one of these solutions are helpful.
Perhaps what is needed is a per-document option to restrict credential objects being created in a given document? It would, of course, need to be overridable by the document owner.
Storing a connection by name is already the current workaround, as mentioned when I said...
"...and I don't necessarily want to mandate that everyone keep a common-named credential in their own personal document (but this is my immediate workaround)."
The workflow of the by-name credential for any new user of my shared document isn't ideal, which is why I was hoping to avoid it. Consider...
we have actually a quite powerful system to make connection sharing easy and secure. The way you setup your credential configuration in your connection is to refer to credentials "by name" and let each user have their own (personal) document open at the same time with a credential using that exact name. You can find out more about that feature here:
Let me know if this helps.