Let me first describe the actual situation: We want to build a new SQL Server enviroment based on SQL Server 2016. AS you may know, in SQL Server 2016 the mobile reports from Datazen are integrated. So far so good. The Problem: In our current Enviroment, there is one internal Datazen Server and one external server. The external Datazen server exists only to read data from the internal one. So there is no direct Data Access (to Data Sources), the administration part is disabled and only the needed Services (to read from internal server) are installed. We want to build that same archtiecture in SQL Server 2016 Reporting Services. Do you know any way to do that?
I thought the best solution was a second SQL Server with Reporting Services but only read access on the other SQL Server (didn't found any setting like this).
We don't want the internal server to be accessible over the web beacause of security.
interesting question, but not sure i understand correctly ;) what do you mean with "the external datazen Server exists only to read data from the internal one"? How does this configuration look like? Do you have a sale out Deployment where the external Servers hosts "Web Application" and "Share Cache Instance" while internal Server hosts "Data Acquisition" and the same roles as the external Server?
In SSRS you can also Scale out web frontends, but all Servers will act as "data acquisition server" to stay in datazen terminology. Do you have security concerns with this topology? Whats the difference to have the data "read only" in DMZ or connect from DMZ/external Server to internal datasources? One Option would be to do a secure Application Publishing of internal SSRS Server with a Firewall like Microsoft ISA Server
Related
We are planning to deploy reporting service using Microsoft Reporting Server 2012. As I understand it, there will be three components;
Database (SQL Server)
SSRS (Reporting Server)
IIS (Web front end) - SharePoint (alternate Front end)
In setting up the Proof-of-Concept, the dev installed SSRS and SQL Server on same box (let's call it the DB server) and is redirecting client browser to a URL on DB Server from web front end.
Is it possible to architect the solution so that the web front end is the only destination for client browsers, SSRS lives on its own dedicated server separate from both the Web server and the DB Server?
How will authentication work in this scenario? We are using integrated authentication using Enterprise AD.
Configurations I have used in the past are these:
SQL Server on one server; SSRS native on another server. Users accessed reports via the SSRS Report Manager web UI that comes with SSRS.
SQL Server on one server; SSRS install in SharePoint Hosting mode on another server. Users accessed reports via SharePoint.
I am not 100% sure what you mean by “web front end is the only destination for client browsers”. If you mean that the end user only hits a web server, and not the database server to get reports, then either one of the above will work. If you have an existing intranet site that you want to host reports in, you can do so via web parts, if you are using MS technologies. You will still need SSRS setup somewhere so you can deploy reports, and the web part would read from it. Or, you can continue the redirect to either Report Manager or SharePoint if you go that route.
As far as authentication: the authentication between SSRS and SQL Server is usually done via an AD (Active Directory) user/service account that SSRS runs under, and also has access to the databases is uses on the SQL Server.
The authentication that allows users to browse and execute reports is usually done via AD as well. You can add all users to a central AD group and give that group Browser permissions on the SSRS server. This authentication would still apply if you use web parts to host reports outside of SSRS Report Manager.
The authentication that SSRS uses to pull the data that ends up showing in reports is usually SQL Server authentication, or whatever authentication that your data source supports where you can send a user name and password (which is stored within a shares data source on SSRS).
More Info
I'm running SQL Server 2012, and I'm trying to configure Reporting Services. I've confirmed that the service is running on my system, but when I start up Reporting Services Configuration Manager, there is no server listed in the start up screen, where it asks to Connect to a Server. When I type in the name of the server, I get a pop up saying,
Cannot Find <Server Name>
That's as far as I get, and I cannot understand why it would not automatically populate the server name or, even less clear, why it wouldn't be able to find the Server once I entered the name in manually.
I wish I could give more information but that's really as far as I get. Are there some basic configurations I can check to see why it's not "aware" of itself as a SQL server?
In my case SSRS was installed but not correctly configured.
I had to use Reporting Services Configuration Manager to create a database (Database panel) and then enable the web services using the 'Web Service URL' panel.
Once both these steps had been completed, I was able to connect via SSMS.
If there's no reporting service instance name displayed in Reporting Services Configuration Manager, it means the Reporting Services instance is not installed properly. You can try to re-add feature(SSRS) to existing SQL instance. Please troubleshooting the installation for SSRS.
https://msdn.microsoft.com/en-us/library/ms144289(v=sql.110).aspx
Also make sure you start SSRS administration tool for right SQL instance.
I am looking for a solution to the following problem:
I have a web application that exposes a Data Warehouse using Views written in my MS-SQL DB
I let the clients of my application use Report Builder to create RDL files against these Views
My application then uploads the RDL files to the SSRS server and makes the required modifications to allow users displaying these reports in different places in my Application.
The problem:
As long as the client's machine has access to the MS SQL server using port 1433 i have no problems with the described scenario.
One of the clients has strict security polices and will not open port 1433 to the SQL server and because of that all the solution I have with reporting will not work.
Can you suggest a workaround or a different approach that will no have to use port 1433 ?
Event if it will require to install some additional software or expose the Views in a different way I'm looking for something that can help me create the same solution without the requirement of port 1433.
Only thing I can think of is an RDP to another server or like a citrix published app or virtualized application where the host server it is running off of would have access
I have a SQL 2008 developer edition with SSRS and the report manager is only available from the local machine. If I try to access it from any other machine I get challenged for my domain u/name and pwd 3 times and then the screen stays blank.
I have made changes to some config files (originals copied out) in order to get a 3rd party application to run but that is now uninstalled and the config files are all back to vanilla (originals copied back in)
I feel its something to do with authentication but am stuck ...
any suggestions welcomed
Jonathan
I have just stumbled on the answer.
I changed the Report Server Service Account to use the built-in Local System account and its all accessible from remote browsers.
Anyone any ideas why?
You may need to change the SSRS Configuration (through the GUI) (Start - Microsoft SQL Server 2008 - Configuration Tools - Reporting Services Configuration Manager) and set it to allow connections from outside the box it is on.
Also don't forget that it's using domain credentials / local machine credentials, so if you're not on a domain, you'll have to provide credentials to log onto that machine (i.e. MACHINE1 where SSRS is installed, from MACHINE2, log on with MACHINE1\username and password for MACHINE1).
Or you may need to open up your SQL Server instance to permit connections from other boxes.
In SQL 2005 Reporting services we were able to spoof a user when calling a report. This doesn't seem to work in 2008 and the technet articles that appear relevant seem to be implying that you need to create a seperate security extension( Technet Article )if you're wanting to expose reports to the internet. Is this what people are using in production? Or is this simpler than I'm makint it out to be?
Not sure what you mean by "spoof a user".
Every version of SSRS to date has used Windows Authentication as the default (and in fact the only "out of the box") authentication scheme. If you wanted to do Forms Authentication you have always had to write your own Custom Authentication Module.
I have done both in Production environments depending on the situation, and their sample is a very good place to start building your own custom auth module
Simple Solution
in the rsreportserver.config add in the the Windows Basic Authentication:
Install apache >= 2.2 in the same machine (use other port than 80 for ReportServer) or on a other machine
activate mod_prox_http
Create a Browser User for Reporting service (for example "reportusr" with password "this#yourMachinepassw0rd")
define in http.conf
ProxyPass http:///ReportServer
ProxyPassReverse http:///ReportServer
AuthBasicFake reportusr this#yourMachinepassw0rd
Order deny allow
Allow from all
Now you can access the reportserver and all Reports over the apache Webserver with no authentication, because always the AuthBasicFake user connects to the reportServer with BasicAuthentication