I have a 2012 SSRS report with the following requirements:
When accessed (run), it must prompt for Windows (AD) credentials because users will be launching it from "group workstations" where the current username is "NurseStationNorth" (so I can't use integrated security).
I'd prefer to hard-code the data-source credentials to ensure that the database connection has all the rights/permissions needed for the report.
Because the report displays user-specific data, I need to pass the authenticated username (e.g. MyDomain\CoolUser) as a parameter to the report. I attempted to use the User!UserId global variable but it seemed to reflect the workstation username and not the credentials entered upon running the report.
I understand how to "Manage" the deployed SSRS report via SQL Server Reporting Services "Home" webpage, to configure the Data Source to always prompt for Windows credentials, but I'm not sure this is the behavior I'm seeking.
Any insight is appreciated.
Thanks,
Mike
Related
I deploy a report into my SSRS report server and defined my domain username and password.
when I copy report server address in domain like(http://MyreportServerIp/Reports) I can see the reports but I can not select any parameter and also view Report button does not work.
beside with my user deploy my project and my user has the admin role and also I test deploying my project with sql server authentication which is sysadmin as well but no success.
I've got an ssrs report server setup and the data sources are set to use the user's windows login. However when I try to setup a subscription it says it can't because the credentials aren't stored in the data source. Is there no way to have a subscription that uses a generic account but when run interactively it uses Windows username
I use a database account for running all of the reports. You'll have to set this up in each database. Then I have report folder permissions associated to Active Directory groups. I also use a domain service account for deploying the reports and setting up the subscriptions. That way if a member of the BI team leaves the company and their account is deactivated the subscription will still run.
Data Source Example:
I'm trying to wrap my head around the SSRS login. Here is my test setup.
SSRS 2016 installed on hostname: Testrs16
ReportServer Database installed on hostname: Server2
I'm launching ReportBuilder on Server2 and trying to connect and login to the report server (see screenshot). What login it typically used in this case? Thanks!
ssrs login
Authentication to your Report Server database is configured via the Report Server Configuration Manager. This will be the same for all users connecting to the Report Server.
Note: This is not the source of your data in your reports, but is where SSRS stores catalog information, user settings, and other internal components
Authentication Types for users connecting to the portal, web api, or soap endpoints are defined in your RSReportServer.config file as either RSWindowsNTLM (default), RSWindowsNegotiate, RSWindowsBasic, or Custom.
Once the user is authenticated (who are they?), then the authorization (what can they do) is defined in the folder management for catalog item security by assigning roles to users or groups.
The other authentication that is required for rendering a report is authenticating to your report's data source. This is defined in either the Report's Data Source or in a Shared Data Source. Either of these can be configured in the data source management page on the portal.
I'm trying to configure the data source for an SSRS 2012 report using the "Credentials stored securely in the report server" option. I specified an AD ID and password, and checked the "Use as Windows Credentials when connecting to the data source" option. I click the Test Connection button and I get "Login failed for user ad1\myuserid". I know the password is correct since I am using it for other things. The MSDN doc on this says it should work.
Does anyone else use an AD ID and password with stored credentials for SSRS 2012? Is there a trick to it?
It turns out the "log on locally" post was incorrect. You simply need to select the option to use credentials stored on the reporting server, provide the credentials, then check the "Use as Windows credentials when connecting to the data source" option. Test the connection, Apply the change and you're all set.
I have a problem about the credential in reporting service..
When I choose option windows authentication for a report in SQL Server Reporting Services, only the administrator can view the report. The other users can't view the report. But when I set credential stored securely in the report server and enter the username and password, all users can view the report but some data of the report is not showing.
For your information, I have created the user in SQL Server and I have set the role and user mapping.
What should i do?
Based off of what you are saying I would guess that you have not added the users windows credentials to the proper group on the reporting server. The admin would have access as by default that role is already given permission in the proper groups.
Here is an article from Microsoft that explains this process.
http://msdn.microsoft.com/en-us/library/aa274425%28SQL.80%29.aspx
This is a good article on setting up role based security.
http://odetocode.com/articles/215.aspx
If I understand your question properly, you want to use your end-users' windows credentials from end-to-end with your reports. You do not want to specify a specify set of windows or SQL credentials to connect to your data source, you want to use the end users' credentials instead.
In order to accomplish this, you will need to grant the end-users rights to access your reports in SSRS as well as granting them rights to run the needed SQL on the underlying database.
Finally, if your SSRS instance is not running on the same server as your database, you may run into security delegation issues. You can read more about this topic by visiting http://support.microsoft.com/default.aspx?scid=kb;en-us;810572