SSRS cannot login to SQL Server database - reporting-services

I deployed my report to the report server. This report has some DB connection which uses Windows Authentication.
When I run the report from the same server works fine, but when I try this from a remote sever I errors saying EXECUTE permission denied on the stored procedure.
The EXECUTE permission was denied on the object 'sp_xxx', database
'DB', schema 'dbo'.
I did further analysis and found that when the report try to connect to the DB is uses NT AUTHORITY\ANONYMOUS LOGON login.
And the report server is running under NT Authority\NetworkServices.
p.s: Also the remote server and the report server is in the same domain.
What am I doing wrong which is not passing my Windows authentication?
Please help...

If you have access to the server you should define a ReportUser user that has access to ssrs and mssql since you are using windows auth. When you deploy, the dataset credentials should be set to the same user above. This would be akin to going into ssrs and setting the configuration of the dataset of the report to a known user account with sufficient privileges to run the report and query the database.

I'll try to walk you through, I hope I haven't forgot something
Can you connect to your server remotely using management studio and your admin credentials? (Check TCP/IP is enabled under SQL Server configuration manager)
Have you assigned enough permissions to the security role? have you assigned the user to the role?(check this out - Grant execute permission for a user on all stored procedures in database?)
Can you successfully connect with your data source? (Check username and password are working)

Related

SQL Server 2008: New Domain user rights issue

I have a SQL Server 2008 installed on Windows Server.
The problem I am facing is when I create a new user in windows, and then add that user in SQL Server Logins [Domain\Username] with Windows authentication, and give access to one database [inventory].
When the user logs in into SSMS, and when s/he expands the object explorer, he get an error message:
The server principal "Domain\User" is not able to access the database "Payments" under the current security context.
(Microsoft SQL Server, Error: 916)
If I give access to the Payments database, the user is able to see the database list in the object browser.
I do not want to give access to the Payments database.
Please help.
Mansoor

SQL Server SA Password for SQL Server Authentication?

I am working on SQL Server 2008 and currently I am using my local server with windows authentication. Can i set SA password for SQL Server Authentication? What are the steps and also I want to know what is the difference between Windows and SQL Server Authentication?
Window Authentication: If you are authorized user to window and you have proper right to access sql server. you are all done to access sql server, you don't need any username/password to access sql server.
SQL Server Authentication: You need to create new user to access sql server (a part from window user). You need username & password of newly created user to access sql server.
You can create new SQL Server Authentication user by: Object Explorer >> Security >> Login >> New Login. Again, you need required right for the window user through which currently you are accessing sql server.

SQL server ODBC connection for Active Directory user who doesn't log in to the windows

Do you think it is possible to create a SQL server ODBC Connection for an active directory user who doesn't log in into the windows.
Ideally this type of users will be used in the batch process. So, Another person logs in and creates a batch process and runs it with another user.
Note: I dont want to create a SQL server authentication. Instead would like to use active directory.
Thanks.
You can't save alternate windows authentication credentials into an ODBC connection for SQL Server. You can only save credentials into the ODBC setting if you use SQL Server authentication.
There are other options though.
You can create a windows authentication ODBC connection to SQL server even if the account you create the connection with doesn't have database access. You just have to untick the "Connect to SQL Server to obtain default settings for the additional configuration options" and you can't use the "Test connection" feature. You just have to create the connection on faith.
With that connection, it will only work if your batch process or application is running as a different account to the logged-in user. Services that run as system accounts do this sort of thing. If you create an application that can be run as a service then you can change the account it runs under.
You can also run as another account manually. Using explorer you can [shift] + right-click on an application and choose "Run As different user" and then enter the other account credentials. Then when the process or application uses the ODBC connection, it will be the correct credentials and work.
There's also "ShellRunAs" https://technet.microsoft.com/en-us/sysinternals/shellrunas.aspx

Cannot to connect to SQL server 2008?

I have been trying all kinds of tricks - from enabling TCP/IP, adding exception to firewalls to poking bill gates vodoo doll. But nothing seems to work for me. Is it really that difficult to connect to sql server 2008 via management studio ? Maybe, robbing a bank would be easier.
While i figure out which bank to rob, can you help me to fix the problem ?
When I try to login to sql server 2008, this is the error i get-
A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: Named Pipes Provider, error: 40 - Could not open a connection to SQL Server) (Microsoft SQL Server, Error: 2)
The links i tried so far -
blog.sqlauthority.com/2009/05/21/sql-server-fix-error-provider-named-pipes-provider-error-40-could-not-open-a-connection-to-sql-server-microsoft-sql-server-error/
and some more random links on the net.
When you installed SQLServer, there are several options that may affect the way SQLServer runs and how you have to connect to it. The link you included in your question that points to the sqlauthority blog has an additional thread posted by Vince. Be sure to follow those instructions so that SQLServer will be set to listen on port 1433 and not a dynamic port.
Also, when you log-in, if it tells you that the login fails (e.g., for xxx\yyy), then you probably missed the option in the install to add the current user as an authorized users. In that case, you will have to log in through SSMS using SQL Server Authentication, and provide sa as the username and the password that you set during the install.
After you log in, you can add your Windows user account to the list of authorized users by expanding the root Security folder in the SSMS object explorer, right-click Logins and select New Login. From there you can search for your user account and add a Windows authentication user. That will make it possible for you to log in using Windows Authentication so you won't have to type your password every time you launch SSMS.

connecting to sql server from classic asp

I have a sql server 2008R2 express running in windows authentication mode. I created a login and a user for a database in sql server based on a windows account. I can connect to sql server database via(run as the user) SSMS and browse my database just fine.
Now i am trying to connect via a 3rd party asp application
set loginDB = Server.CreateObject("ADODB.Connection")
'For Windows Server 2008 / SQL 2008 users, please use the following line for the DB connection
loginDB.Open "Provider=SQLNCLI10; Server=(local)\SQLServerName; Database=dbname;Uid="myuser" Pwd="pwd""
I am getting an error saying login failed for user myuser
Also the site is running on an app pool which i have set it to run as the windows user myuser.
Where am i going wrong???
Thanks.
If you are passing username and password that's SQL Server Authentication not windows, so if it's authentication mode is Windows only, it won't have it.
Take them out and replace with Integrated Security = SSPI