I am using SSRS reporting service in my MVC application. I am using some reports and accessed these reports from web application by specifying URL like this
and passing username, password and domain as credential.
When I use this code on local it's working fine but when I use same code on the live environment its giving a
401 unauthorised error.
Can anyone help me what I am doing wrong? One thing to mention that when I am using this locally both the database and the deployed code are in same domain but on live environment both database and code are on different domains.
Any help would be appreciated.
Related
I have searched google and stack overflow before making this post, but i might have missed the answer to my issue.
I have an SSRS report server installed on a server hosting MS SQL server as well. The 2 services is working together just fine and I can do what i expect to do.
The issue is that when my colleagues are trying to connect to the report server URL through Report Builder, they cannot get access. They receive 401 unauthorized error. If they use my login on their machine, they still get no access.
If i use their login on my machine, it works fine.
My conclusion is that its not their logins that is causing this error, and it is not the server configuration either as i can login just fine (i am admin and in the admin AD group, but so is 1 of my colleagues who cant get access).
It must be something on their machine, but i just dont know what or where to look.
Thank you in regards.
You would need to navigate to your SSRS website and assign Report Builder to your colleague's domain\user account.
See here https://learn.microsoft.com/en-us/sql/reporting-services/report-server/configure-report-builder-access?view=sql-server-ver15#:~:text=Click%20the%20gear%20icon%20on,Otherwise%2C%20click%20New%20Role%20Assignment.
I am accessing SSRS reports (SQL Server 2016) through URL to embed them in my application in an iFrame. When I access SSRS reports remotely, i.e from different computer I can authenticate and display the reports.
In my iFrame source I put:
http://example.com:4000/path_to_ReportServer/report_name
And that works fine when I deploy my app to stage server. All the SSRS reports load with no problem at all.
However I develop on the same PC as my SSRS report server resides, and when I am on it I have to change all the links in iFrames to:
http://computername:4000/path_to_ReportServer/report_name
edit: originally I wrote here that I use localhost, but actual I meant computer name.
If I try to run my app from VS on my dev machine and I do not change the domain to computer name I wont be able to authenticate at all. It just keeps asking me for the same credentials over and over again.
I've checked the ReportServerService log, and I see this as a last line when I try to log in:
library!DefaultDomain!3bd0!11/21/2016-12:52:36:: e ERROR: Throwing Microsoft.ReportingServices.Diagnostics.Utilities.ServerConfigurationErrorException: Invalid PBI Configuration, Microsoft.ReportingServices.Diagnostics.Utilities.ServerConfigurationErrorException: The report server has encountered a configuration error. ;
I looked for this problem extensively, and I only find MS configuration tutorial but no one having similar issue to mine.
I have checked the usual culprits like firewall or port conflicts (but if I had any of those I would not be able to access the SSRS from any other PC, yet I can and the link doesn't work only on local machine.)
I am very new to SSRS in general so please kindly be patient with me. Thanks!
A few things you can try:
In SSRS Configuration and ensure that the Report Service and Report Management endpoints are valid (Copy the url in the hyperlink and make sure it opens on your local host.)
In SSRS Configuration and ensure that the Report Service Database has been properly deployed.
Remove any custom modules/assemblies you have applied to the default behavior from the ssrs web config (Custom Security).
I think you have applied changes to ssrs's web config in order to have it load assemblies for your custom security, custom datasourse/dataset, custom render format and fat fingered the config somehow.
You're probably running into a same-origin-policy error, which wikipedia states as under the policy, a web browser permits scripts contained in a first web page to access data in a second web page, but only if both web pages have the same origin.
The fix is to implement the X-Frame-Options metatag, like so:
X-Frame-Options: ALLOW-FROM https://example.com/
I added a report project to my existing solution in VS2015, built some reports and now I am trying to deploy the project to a report server. I have gotten the URL from the config manager ( http://MyServer/ReportServer_SQLEXPRESS ) and put that in the report project properties as the target server URL.
When I click Deploy I get an error saying "The specified report server http://localhost/reportserver could ot be found.
I have no idea where it is getting this localhost reportserver URL from, that is not what is saved in the properties. The Report project is inside a solution with an MVC project. Do I need to change something at the Solution level?
Turned out I had to run VS as an administrator, I assume because of the permission on the remote server.
I have deployed a couple of reports in SSRS2012, the report uses the user's windows token to do some verification. When testing the report in VS I successfully read the windows token but when I deploy to SSRS token is empty.
I did configure all data sources to use windows authentication and to impersonate the user.
any ideas?
Thanks
I'm a little unclear on the specifics here, but I'm thinking the problem is with the authentication method you're using in IIS.
Check out this other question:
Why does Windows/Integrated Authentication in IIS not pass user credentials to SSRS and SQL?
The versions are a bit different (SSRS 2005) but I think the issues here are the same. I won't get into it too much, because the answer in that link explains it better than I could, but essentially, it works from Visual Studio because your Windows Token is the one making all the requests. When you deploy to IIS, however, without explicitly configuring Windows Authentication and Identity Impersonation, the requests are being executed as the App Pool User, not the user using your web app. I hope this helps!
I am working on setting up my report server to use a web service as an XML datasource. I seem to be having authentication issues between the web service and the report with I choose to use Integrated security. Here's what I have:
1) I have a website w/ an exposed service. This website is configured to run ONLY on Integrated Security. This means that we have all other modes turned off AND Enabled anonymous access turned off under directory security.
2) Within the Web.config of the website, I have the authentication mode set to Windows.
3) I have the report datasource set to being an XML data source. I have the correct URL to the service and have it set to Windows Integrated Security. Since I am making a hop from the Browser to the Reporting Server to the Web Service, I wonder if I am having an issue w/ Kerberos, but I am not sure.
When I try to access the service, I get a 401 error.
Here are the IIS logs that I am generating:
2011-01-07 14:52:12 W3SVC IP_ADDY POST /URL.asmx - 80 - IP_ADDY - 401 1 0
2011-01-07 14:52:12 W3SVC IP_ADDY POST /URL.asmx - 80 - IP_ADDY - 401 1 5
Has anyone worked out this issue before? Thanks!
It does sound like you are experiencing the "double hop" issue. Is it possible to create an account on your web service that the reporting server uses explicitly instead of passing through the users credentials?
There's a simpler solution if you dont want to muck around with Kerberos... although the user experience is less desirable.
On the Data Source...If you check the "Credentials supplied by the user running the report" and the "Use as Windows credentials when connecting to the data source" then the user will be promoted to log in when they run the report. Since the credentials are being supplied to the SSRS server it's only a single hop from SSRS to the webservice... thus avoiding the double-hop NTLM authentication problem.
It's less user-friendly, though, since you have to log in to run the report.