i'm working on a SharePoint 2013 site, i have 2 type of registration: (Win Authentication and FBA).
I'm trying to use a solution (WSP) from the old portal (SP 2010), this WSP use a dll named 'Microsoft.Practices.EnterpriseLibrary.Data' which isn't existed in SP 2013 environment.
So to resolve that i installed the Microsoft Enterprise Library 5.0 from Microsoft, then i copied this dll to the bin folder under inetpub\wwwroot\wss\VirtualDirectories\80\
Now when i logged in to site using windows authentication mode the WebPart appear but when logged as FBA User the an error appeared:
System.InvalidOperationException: Cannot open log for source 'Microsoft.Practices.EnterpriseLibrary.Data'. You may not have write access. ---> System.ComponentModel.Win32Exception: Access is denied
--- End of inner exception stack trace ---
at System.Diagnostics.EventLogInternal.OpenForWrite(String currentMachineName)
at System.Diagnostics.EventLogInternal.InternalWriteEvent(UInt32 eventID, UInt16 category, EventLogEntryType type, String[] strings, Byte[] rawData, String currentMachineName)
at System.Diagnostics.EventLogInternal.WriteEntry(String message, EventLogEntryType type, Int32 eventID, Int16 category, Byte[] rawData)
at System.Diagnostics.EventLog.WriteEntry(String source, String message, EventLogEntryType type, Int32 eventID, Int16 category, Byte[] rawData)
at System.Diagnostics.EventLog.WriteEntry(String source, String message, EventLogEntryType type)
at ProjectName.Internet.EventViewerLogService.LogEvent(String source, String message, EventLogEntryType type)
at ProjectName.Internet.ExceptionHandler.Handle(Exception exception)
at ProjectName.Internet.SQLHelper.GetVolunteerInfo(String VolunteerId)
at ProjectName.Internet.Profiles.Volunteer.GetVolunteer(String VolunteerId)
at ProjectName.Internet.Accessibility.Accessibility.AccessibilityUserControl.Page_Load(Object sender, EventArgs e)
Note: i tried to give permission to "Security" into the registry HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Security to the 'Authenticated Users group' because i had an error in the beginning
Error: The source was not found, but some or all event logs could not be searched. Inaccessible logs: Security.
PS: This is a follow up to this . I followed the given answers but to no avail.
I guess this is due to some configuration issue on server?
The error is related to permission issue, when i logged in with FBA User i missed the permission to write into new event Sources.
By default, any authenticated user is able to write to application event log. However only administrators can create new event Sources.
I resolve it by run the CreateEventSource method with elevated Privileges, like the below:
SPSecurity.RunWithElevatedPrivileges(delegate()
{
if (!EventLog.SourceExists(eSource))
{
EventLog.CreateEventSource(eSource, eLog);
}
EventLog.WriteEntry(eSource, ex.ToString(), EventLogEntryType.Error);
});
I have a simple SSIS Package, which has
a Excute SQL Task control on the Control Flow, which fetches some value from the database
In the DataFlow, am using a Script Component, which based on values given by 'Excute SQL Task', does this:
public override void CreateNewOutputRows()
{
try
{
string loginURL = "http://maps.googleapis.com/maps/api/geocode/xml?address=" + Variables.ProjectAddress + "&sensor=true";
WebClient client = new WebClient();
string downloadString = client.DownloadString(loginURL);
XmlDocument xml = new XmlDocument();
xml.LoadXml(downloadString);
///// setting output buffer variables
}
catch(Exception ex)
{
}
}
so basically am requesting a web service for latitude and longitude inside the package.
The retrieved values are then updated into the database:
Everything works fine, when I run the package from the Visual Studio SSIS project console.
But when I try to run the package through a SQL Server 2008 R2 Job, nothing happens. Job Executes successfully but no rows are updated(or inserted).
I tried importing the package into SQL MSDB and setting the protection level to all the items in the dropdown one by one as given here
...and then running this imported package from SQL Job. Still...nothing happened.
Does anyone know whats wrong?? How do I deal with following facts:
It has to do with permission of the sql user to make a web service request. How do I configure that out?
2.it has to do with the configuration file of imported ssis package. What should I look for?
Help me out please:
I hope I have given all the required info to look into the problem
is the job on an SQL Server Instance on your computer? I ask because it may be firewall or permission issues from the SQL Server to the computer you have the web service.
Also I advise removing that try catch and enabling package configurations so you can see if it is trowing an error
Regarding protection level, if you are using EncryptSensitiveWithUserKey the package wont load the database sensitive information (login and password) unless it is on the computer you developed it. Same thing applies to EncryptAllWithUserKey but in this case it wont even open the package
I have a web service that is called from my ssis.
Used to work fine in test mode, when moved to live environment I get the error :
[Web Service Task] Error: An error occurred with the following error message: "Microsoft.SqlServer.Dts.Tasks.WebServiceTask.WebserviceTaskException: Could not execute the Web method. The error is: Object reference not set to an instance of an object.. at Microsoft.SqlServer.Dts.Tasks.WebServiceTask.WebMethodInvokerProxy.InvokeMethod(DTSWebMethodInfo methodInfo, String serviceName, Object connection) at Microsoft.SqlServer.Dts.Tasks.WebServiceTask.WebServiceTaskUtil.Invoke(DTSWebMethodInfo methodInfo, String serviceName, Object connection, VariableDispenser taskVariableDispenser) at Microsoft.SqlServer.Dts.Tasks.WebServiceTask.WebServiceTask.executeThread()".
We are using a proxy to access the web. Could this be a proxy problem. how to solve ?
Thanks
It was simple proxy issue.
Don't forget to configure the proxy tab in your Http Connection Manager
To help diagnose this, you might try using a script task and adding a Service Reference or Web Reference to the web service. Call the service within a try/catch block and log ex.ToString() if you get an exception. That way, you'll be sure to have all the details, and you can post them here in an edit to your question.
It's also worth noting that SSIS cannot invoke services with spaces in the names. See the following for details:
http://connect.microsoft.com/SQLServer/feedback/details/368606/ssis-web-service-task-cannot-call-services-with-a-space-in-the-name
This answer would have saved me time so I'm adding it in the hope it saves someone else some time.
I had the same problem, except my cause was that I was attempting to pass an integer (Int32) as a web service parameter. It looks like web service parameters in SSIS should always be strings.
I'm using SSIS 2017 and none of the solutions worked for me. But, after changing the SQL Server used by the project, from 2017 to 2016 (or whatever version of SQL is installed), I was able to run the WebService task successfully.
Hope will help somebody.
I created a report model using SSRS (2005) and published to the local server. But when I tried to run the report for the model I published using report builder I get the following error.
Report execution error:The permissions granted to user are insufficient for performing this operation. (rsAccessDenied)
It's because of lack of privilege for the user you are running the report builder, just give that user or a group a privilege to run report builder.
Please visit this article
Or for shortcut:
Start Internet Explorer using "Run as Administrator"
Open http://localhost/reports
Go to properties tab (SSRS 2008)
Security->New Role Assignment
Add DOMAIN/USERNAME or DOMAIN/USERGROUP
Check Report builder
I know it's for a long time ago but you (or any other new comers) can resolve this issue by
Add the [Domain\User] to Administrator, IISUser, SQLReportingUser groups
Delete Encryption Key in SSRS configuration tools
ReRun the Database Change in SSRS configuration tools
Open WebServiceUrl from SSRS configuration tools (http://localhost/reportserver)
creating Reports Folder manually
go to Properties of created folder and add these roles to security (builtin\users , builtin\Administrator, domain\user)
Deploy your reports and your problem resolved
Right Click Microsoft BI -> Click Run as Administrator -> either open your existing SSRS report or create your new SSRS report and then deploy your report after that complied you will be received one web URL for to view your report. Copy that URL and paste to web browser(Run as Administrator) and you will get your report view.
You could use Internet Explorer, which would be essential for web service
If it is wrong means,Please forgive me since i did like this so that i just written.
Make sure you have access configured to the URL http://localhost/reports using the SQL Reporting Services Configuration. To do this:
Open Reporting Services Configuration Manager -> then connect to the report server instance -> then click on Report Manager URL.
In the Report Manager URL page, click the Advanced button -> then in the Multiple Identities for Report Manager, click Add.
In the Add a Report Manager HTTP URL popup box, select Host Header and type in: localhost
Click OK to save your changes.
Now start/ run Internet Explorer using Run as Administator...
(NOTE: If you don't see the 'Site Settings' link in the top left corner while at http://localhost/reports it is probably because you aren't running IE as an Administator or you haven't assigned your computers 'domain\username' to the reporting services roles, see how to do this in the next few steps.)
Then go to: http://localhost/reports (you may have to login with your Computer's username and password)
You should now be directed to the Home page of SQL Server Reporting Services here: http://localhost/Reports/Pages/Folder.aspx
From the Home page, click the Properties tab, then click New Role Assignment
In the Group or user name textbox, add the 'domain\username' which was in the error message (in my case, I added: DOUGDELL3-PC\DOUGDELL3 for the 'domain\username', in your case you can find the domain\username for your computer in the rsAccessDenied error message).
Now check all the checkboxes; Browser, Content Manager, My Reports, Publisher, Report Builder, and then click OK.
You're domain\username should now be assigned to the Roles that will give you access to deploy your reports to the Report Server. If you're using Visual Studio or SQL Server Business Intelligence Development Studio to deploy your reports to your local reports server, you should now be able to.
Hopefully, that helps you solve your Reports Server rsAccessDenied error message...
Just to let you know this tutorial was done on a Windows 7 computer with SQL Server Reporting Services 2008.
Reference Article: http://techasp.blogspot.co.uk/2013/06/how-to-fix-reporting-services.html
You can also make sure that the Identity in your Application Pool has the right permissions.
Go to IIS Manager
Click Application pools
Identify the application pool of the site you are deploying reports on
Check that the identity is set to some service account or user account that has admin permissions
You can change the identity by stopping the pool, right clicking it, and selecting Advanced Settings...
Under Process Model is the Identity field
I have used following steps and it is working for me.
Open Reporting Services Configuration Manager -> then connect to the report server instance -> then click on Report Manager URL.
In the Report Manager URL page, click the Advanced button -> then in the Multiple Identities for Report Manager, click Add.
In the Add a Report Manager HTTP URL popup box, select Host Header and type in: localhost
Click OK to save your changes.
Then:
copied the report server URL
Run Google chrome/Internet Explorer as administrator
Paste URL in address bar and press enter.
it is working fine for me on Internet Explorer and Google Chrome but not for mozilla Firefox.
In case of Firefox asking for username and Password I am providing it but it is not working. I am admin and have full right.
I have done 1 more change set "User Account Control Settings" to never notify.
If you are getting such type of exception while deploying this report from Visual Studio then do the following things:
Open Google chrome/Internet Explorer with administrator right.
open report server URL in it.
3.Click on "New Role Assignment" add the then enter the user name and select the Roles
.
click ok.
Now deploy the report from Visual studio it will work and deploy the reports at specified server.
under Site setting in Reports manager >Configure system-level role definitions > check ExecuteReport Defination option
then
Create a System UserGroup, Give the access to that group at
Connect to your reporting Services Data base in server properties and add a group and permite the access as System User... It should work
I have SQL2008 / Windows 2008 Enterprise and this is what I had to do to correct the rs.accessdenied, 404, 401 and 503 errors:
Added NT Users to SQL Report Server Users and IIS_USR Group
I changed SQL Reporting Service to Local account (it was Domain with Local Admin)
I deleted encryption key in Reporting Services Configuration (last tab on the list)
and THEN it worked.
Open internet explorer as administrator.
Open the reports url http://machinename/reportservername
then in 'folder settings' give permission to required user-groups.
Old but relevant issue. I solved for 2012 by logging in to the reporting server and:
browse to http://localhost/reports/
Click 'Site Settings' in the top-right (was only available when logging in to the report server)
Go to the 'Security' tab and click 'New Role Assignment'
Added my DOMAIN\USERNAME as a System Administrator
Can't say that I'm comfortable with this solution, but I needed something that worked and it worked. Hope this helps someone else.
After setting up SSRS 2016, I RDP'd into the server (Windows Server 2012 R2), navigated to the reports URL (https://reports.fakeserver.net/Reports/browse/) and created a folder title FakeFolder; everything appeared to be working fine. I then disconnected from the server, browsed to the same URL, logged in as the same user, and encountered the error below.
The permissions granted to user 'fakeserver\mitchs' are insufficient
for performing this operation.
Confused, I tried pretty much every solution suggested on this page and still could not create the same behavior both locally and externally when navigating to the URL and authenticating. I then clicked the ellipsis of FakeFolder, clicked Manage, clicked Security (on the left hand side of the screen), and added myself as a user with full permissions. After disconnecting from the server, I browsed to https://reports.fakeserver.net/Reports/browse/FakeFolder, and was able to view the folder's contents without encountering the permissions error. However, when I clicked home I received the permissions error.
For my purposes, this was good enough as no on else will ever need to browse to the root URL, so I just made a mental note whenever I need to make changes in SSRS to first connect to the server and then browse to the Reports URL.
Problem:
Error rsAccessDenied : The permissions granted to user 'User\User' are insufficient for performing this operation.
Solution:
Click "Folder Setting" > "New Role Assignment"
Then type "User\User" in the 'Group or user name text box'.
Check the Roles check boxes that you would want the user to have.
What Worked for me was:
Open localhost/reports
Go to properties tab (SSRS 2008)
Security->New Role Assignment
Add DOMAIN/USERNAME or DOMAIN/USERGROUP
Check Report builder
This worked for me-
-go to the report manager, check site settings-> Security -> New Role Assignment-> add the user
-Also, go to Datasets in report manager -> your report dataset -> Security -> New Role Assignment -> add the user with the required role.
Thanks!
I know it's for a long time ago but may be helpful to any other new comers,
I decided to pass user name,password and domain while requesting SSRS reports, so I created one class which implements IReportServerCredentials.
public class ReportServerCredentials : IReportServerCredentials
{
#region Class Members
private string username;
private string password;
private string domain;
#endregion
#region Constructor
public ReportServerCredentials()
{}
public ReportServerCredentials(string username)
{
this.Username = username;
}
public ReportServerCredentials(string username, string password)
{
this.Username = username;
this.Password = password;
}
public ReportServerCredentials(string username, string password, string domain)
{
this.Username = username;
this.Password = password;
this.Domain = domain;
}
#endregion
#region Properties
public string Username
{
get { return this.username; }
set { this.username = value; }
}
public string Password
{
get { return this.password; }
set { this.password = value; }
}
public string Domain
{
get { return this.domain; }
set { this.domain = value; }
}
public WindowsIdentity ImpersonationUser
{
get { return null; }
}
public ICredentials NetworkCredentials
{
get
{
return new NetworkCredential(Username, Password, Domain);
}
}
#endregion
bool IReportServerCredentials.GetFormsCredentials(out System.Net.Cookie authCookie, out string userName, out string password, out string authority)
{
authCookie = null;
userName = password = authority = null;
return false;
}
}
while calling SSRS Reprots, put following piece of code
ReportViewer rptViewer = new ReportViewer();
string RptUserName = Convert.ToString(ConfigurationManager.AppSettings["SSRSReportUser"]);
string RptUserPassword = Convert.ToString(ConfigurationManager.AppSettings["SSRSReportUserPassword"]);
string RptUserDomain = Convert.ToString(ConfigurationManager.AppSettings["SSRSReportUserDomain"]);
string SSRSReportURL = Convert.ToString(ConfigurationManager.AppSettings["SSRSReportURL"]);
string SSRSReportFolder = Convert.ToString(ConfigurationManager.AppSettings["SSRSReportFolder"]);
IReportServerCredentials reportCredentials = new ReportServerCredentials(RptUserName, RptUserPassword, RptUserDomain);
rptViewer.ServerReport.ReportServerCredentials = reportCredentials;
rptViewer.ServerReport.ReportServerUrl = new Uri(SSRSReportURL);
SSRSReportUser,SSRSReportUserPassword,SSRSReportUserDomain,SSRSReportFolder are defined in web.config files.
The report might want to access a DataSource or DataView where the AD user (or AD group) has insuficcient access rights.
Make sure you check out the following URLs:
http://REPORTSERVERNAME/Reports/Pages/Folder.aspx?ItemPath=%2fDataSources
http://REPORTSERVERNAME/Reports/Pages/Folder.aspx?ItemPath=%2fDataSets
Then choose Folder Settings
(or the appropriate individual DataSource or DataSet) and select Security. The user group needs to have the Browser permission.
What worked for me was:
Go to Site Setting
Click on "Configure site-wide security"
Click "New Role Assignment" button in top bar
Give the new role the following name "Everyone"
Of the available roles, grant it "System User" only
Click "Apply"
That should do it,
Good luck!
Just like Nasser, I know this was a while ago but I wanted to post my solution for anyone who has this problem in the future.
I had my report setup so that it would use a data connection in a Data Connection library hosted on SharePoint. My issue was that I did not have the data connection 'approved' so that it was usable by other users.
Another thing to look for would to make sure that the permissions on that Data Connection library also allows read to the select users.
Hope this helps someone sooner or later!
For SQL Reporting Services 2012 - SP1 and SharePoint 2013.
I got the same issue:
The permissions granted to user '[AppPoolAccount]' are insufficient for performing this operation.
I went into the service application settings, clicked Key Management, then Change key and had it regenerate the key.
Thanks for Sharing. After struggling for 1.5 days, noticed that Report Server was configured with wrong domain IP. It was configured with backup domain IP which is offline. I have identified this in the user group configuration where Domain name was not listed. Changed IP and reboot the Report server. Issue resolved.
Run BIDS as administrator despite of existing membership of Administrators group.