SuperbHosting.net have generously
sponsored
dedicated servers to ensure
a reliable and scalable dedicated hosting
solution for BigResource.com.
Report Server Authentication Errors (custom Security Authentication)
This has been plauging us for a year now and still haven't figured it out. We wrote a custom authentication extension based completely off the example code MS provided with SQL Server 2005. We upgraded to SP2 thinking it might fix the problem. Nope... here is what happens... you go to our server and there is a pause for about 5 seconds then the login page shows up I login with a user and pass then it just sits there with the loading icon spinning in IE. Eventually (this happens every time!) it comes back with
Code Block
"The report server is not responding. Verify that the report server is running and can be accessed from this computer. "
If you refresh that page it loads fine! ok seems odd... went ot the LogFiles folder and there is a minidump and a bunch of logs around the time that happened. Open ReportServerWebApp's log file and I get this
Code Block
Microsoft SQL Server Reporting Services Version 9.00.3161.00
en-US
Eastern Daylight Time
C:Program FilesMicrosoft SQL ServerMSSQL.3Reporting ServicesLogFilesReportServerWebApp__10_31_2007_13_49_48.log
NODEC
Microsoft Windows NT 5.2.3790 Service Pack 2
5.2.3790.131072
w3wp!library!1!10/31/2007-13:49:49:: i INFO: Initializing MaxActiveReqForOneUser to '20' requests(s) as specified in Configuration file.
w3wp!library!1!10/31/2007-13:49:49:: i INFO: Initializing MaxScheduleWait to default value of '1' second(s) because it was not specified in Configuration file.
w3wp!library!1!10/31/2007-13:49:49:: i INFO: Initializing DatabaseQueryTimeout to default value of '30' second(s) because it was not specified in Configuration file.
w3wp!library!1!10/31/2007-13:49:49:: i INFO: Initializing ProcessRecycleOptions to default value of '0' because it was not specified in Configuration file.
w3wp!library!1!10/31/2007-13:49:49:: i INFO: Initializing RunningRequestsScavengerCycle to default value of '30' second(s) because it was not specified in Configuration file.
w3wp!library!1!10/31/2007-13:49:49:: i INFO: Initializing RunningRequestsDbCycle to default value of '30' second(s) because it was not specified in Configuration file.
w3wp!library!1!10/31/2007-13:49:49:: i INFO: Initializing RunningRequestsAge to default value of '30' second(s) because it was not specified in Configuration file.
w3wp!library!1!10/31/2007-13:49:49:: i INFO: Initializing CleanupCycleMinutes to default value of '10' minute(s) because it was not specified in Configuration file.
w3wp!library!1!10/31/2007-13:49:49:: i INFO: Initializing DailyCleanupMinuteOfDay to default value of '120' minutes since midnight because it was not specified in Configuration file.
w3wp!library!1!10/31/2007-13:49:49:: i INFO: Initializing WatsonFlags to default value of '1064' because it was not specified in Configuration file.
w3wp!library!1!10/31/2007-13:49:49:: i INFO: Initializing WatsonDumpOnExceptions to default value of 'Microsoft.ReportingServices.Diagnostics.Utilities.InternalCatalogException,Microsoft.ReportingServices.Modeling.InternalModelingException' because it was not specified in Configuration file.
w3wp!library!1!10/31/2007-13:49:49:: i INFO: Initializing WatsonDumpExcludeIfContainsExceptions to default value of 'System.Data.SqlClient.SqlException,System.Threading.ThreadAbortException' because it was not specified in Configuration file.
w3wp!library!1!10/31/2007-13:49:49:: i INFO: Initializing SecureConnectionLevel to default value of '1' because it was not specified in Configuration file.
w3wp!library!1!10/31/2007-13:49:49:: i INFO: Initializing DisplayErrorLink to 'True' as specified in Configuration file.
w3wp!library!1!10/31/2007-13:49:49:: i INFO: Initializing WebServiceUseFileShareStorage to default value of 'False' because it was not specified in Configuration file.
w3wp!ui!1!10/31/2007-13:49:57:: e ERROR: The report server is not responding. Verify that the report server is running and can be accessed from this computer.
w3wp!ui!1!10/31/2007-13:49:57:: e ERROR: HTTP status code --> 500
-------Details--------
Microsoft.ReportingServices.UI.Global+RSWebServiceWrapper+CantCommunicateWithReportServerException: The report server is not responding. Verify that the report server is running and can be accessed from this computer.
at Microsoft.ReportingServices.UI.Global.RSWebServiceWrapper.GetSecureMethods()
at Microsoft.SqlServer.ReportingServices2005.RSConnection.IsSecureMethod(String methodname)
at Microsoft.SqlServer.ReportingServices2005.RSConnection.ValidateConnection()
at Microsoft.ReportingServices.UI.Global.SecureAllAPI()
at Microsoft.ReportingServices.UI.ReportingPage.EnsureHttpsLevel(HttpsLevel level)
at Microsoft.ReportingServices.UI.ReportingPage.ReportingPage_Init(Object sender, EventArgs args)
at System.EventHandler.Invoke(Object sender, EventArgs e)
at System.Web.UI.Control.OnInit(EventArgs e)
at System.Web.UI.Page.OnInit(EventArgs e)
at System.Web.UI.Control.InitRecursive(Control namingContainer)
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
w3wp!ui!1!10/31/2007-13:49:59:: e ERROR: Exception in ShowErrorPage: System.Threading.ThreadAbortException: Thread was being aborted.
at System.Threading.Thread.AbortInternal()
at System.Threading.Thread.Abort(Object stateInfo)
at System.Web.HttpResponse.End()
at Microsoft.ReportingServices.UI.ReportingPage.ShowErrorPage(String errMsg) at at System.Threading.Thread.AbortInternal()
at System.Threading.Thread.Abort(Object stateInfo)
at System.Web.HttpResponse.End()
at Microsoft.ReportingServices.UI.ReportingPage.ShowErrorPage(String errMsg)
Clearly showing there is an error that the server isn't responding... ok more log info on this in the SQLDmp log file that says
Code Block
Microsoft SQL Server Reporting Services Version 9.00.3161.00
en-US
Eastern Daylight Time
C:Program FilesMicrosoft SQL ServerMSSQL.3Reporting ServicesLogFilesReportServer__10_31_2007_13_53_27.log
NODEC
Microsoft Windows NT 5.2.3790 Service Pack 2
5.2.3790.131072
w3wp!webserver!6!10/31/2007-13:53:27:: i INFO: Reporting Web Server started
w3wp!library!6!10/31/2007-13:53:27:: i INFO: Initializing ConnectionType to '0' as specified in Configuration file.
w3wp!library!6!10/31/2007-13:53:27:: i INFO: Initializing IsSchedulingService to 'True' as specified in Configuration file.
w3wp!library!6!10/31/2007-13:53:27:: i INFO: Initializing IsNotificationService to 'True' as specified in Configuration file.
w3wp!library!6!10/31/2007-13:53:27:: i INFO: Initializing IsEventService to 'True' as specified in Configuration file.
w3wp!library!6!10/31/2007-13:53:27:: i INFO: Initializing PollingInterval to '10' second(s) as specified in Configuration file.
w3wp!library!6!10/31/2007-13:53:27:: i INFO: Initializing WindowsServiceUseFileShareStorage to 'False' as specified in Configuration file.
w3wp!library!6!10/31/2007-13:53:27:: i INFO: Initializing MemoryLimit to '60' percent as specified in Configuration file.
w3wp!library!6!10/31/2007-13:53:27:: i INFO: Initializing RecycleTime to '720' minute(s) as specified in Configuration file.
w3wp!library!6!10/31/2007-13:53:27:: i INFO: Initializing MaximumMemoryLimit to '80' percent as specified in Configuration file.
w3wp!library!6!10/31/2007-13:53:27:: i INFO: Initializing MaxAppDomainUnloadTime to '30' minute(s) as specified in Configuration file.
w3wp!library!6!10/31/2007-13:53:27:: i INFO: Initializing MaxQueueThreads to '0' thread(s) as specified in Configuration file.
w3wp!library!6!10/31/2007-13:53:27:: i INFO: Initializing IsWebServiceEnabled to 'True' as specified in Configuration file.
w3wp!library!6!10/31/2007-13:53:27:: i INFO: Initializing MaxActiveReqForOneUser to '20' requests(s) as specified in Configuration file.
w3wp!library!6!10/31/2007-13:53:27:: i INFO: Initializing MaxScheduleWait to '5' second(s) as specified in Configuration file.
w3wp!library!6!10/31/2007-13:53:27:: i INFO: Initializing DatabaseQueryTimeout to '120' second(s) as specified in Configuration file.
w3wp!library!6!10/31/2007-13:53:27:: i INFO: Initializing ProcessRecycleOptions to '0' as specified in Configuration file.
w3wp!library!6!10/31/2007-13:53:27:: i INFO: Initializing RunningRequestsScavengerCycle to '60' second(s) as specified in Configuration file.
w3wp!library!6!10/31/2007-13:53:27:: i INFO: Initializing RunningRequestsDbCycle to '60' second(s) as specified in Configuration file.
w3wp!library!6!10/31/2007-13:53:27:: i INFO: Initializing RunningRequestsAge to '30' second(s) as specified in Configuration file.
w3wp!library!6!10/31/2007-13:53:27:: i INFO: Initializing CleanupCycleMinutes to '10' minute(s) as specified in Configuration file.
w3wp!library!6!10/31/2007-13:53:27:: i INFO: Initializing DailyCleanupMinuteOfDay to default value of '120' minutes since midnight because it was not specified in Configuration file.
w3wp!library!6!10/31/2007-13:53:27:: i INFO: Initializing WatsonFlags to '1064' as specified in Configuration file.
w3wp!library!6!10/31/2007-13:53:27:: i INFO: Initializing WatsonDumpOnExceptions to 'Microsoft.ReportingServices.Diagnostics.Utilities.InternalCatalogException,Microsoft.ReportingServices.Modeling.InternalModelingException' as specified in Configuration file.
w3wp!library!6!10/31/2007-13:53:27:: i INFO: Initializing WatsonDumpExcludeIfContainsExceptions to 'System.Data.SqlClient.SqlException,System.Threading.ThreadAbortException' as specified in Configuration file.
w3wp!library!6!10/31/2007-13:53:27:: i INFO: Initializing SecureConnectionLevel to '0' as specified in Configuration file.
w3wp!library!6!10/31/2007-13:53:27:: i INFO: Initializing DisplayErrorLink to 'True' as specified in Configuration file.
w3wp!library!6!10/31/2007-13:53:27:: i INFO: Initializing WebServiceUseFileShareStorage to 'False' as specified in Configuration file.
w3wp!resourceutilities!6!10/31/2007-13:53:27:: i INFO: Reporting Services starting SKU: Standard
w3wp!resourceutilities!6!10/31/2007-13:53:27:: i INFO: Evaluation copy: 0 days left
w3wp!resourceutilities!6!10/31/2007-13:53:27:: i INFO: Running on 2 physical processors, 4 logical processors
w3wp!runningjobs!6!10/31/2007-13:53:27:: i INFO: Database Cleanup (Web Service) timer enabled: Next Event: 600 seconds. Cycle: 600 seconds
w3wp!runningjobs!6!10/31/2007-13:53:27:: i INFO: Running Requests Scavenger timer enabled: Next Event: 60 seconds. Cycle: 60 seconds
w3wp!runningjobs!6!10/31/2007-13:53:27:: i INFO: Running Requests DB timer enabled: Next Event: 60 seconds. Cycle: 60 seconds
w3wp!runningjobs!6!10/31/2007-13:53:27:: i INFO: Memory stats update timer enabled: Next Event: 60 seconds. Cycle: 60 seconds
w3wp!library!6!10/31/2007-13:53:27:: e ERROR: Throwing Microsoft.ReportingServices.Diagnostics.Utilities.InternalCatalogException: An internal error occurred on the report server. See the error log for more details., ;
Info: Microsoft.ReportingServices.Diagnostics.Utilities.InternalCatalogException: An internal error occurred on the report server. See the error log for more details. ---> System.NullReferenceException: Object reference not set to an instance of an object.
at Microsoft.ReportingServices.WebServer.WebServiceHelper.ConstructRSServiceObjectFromSecurityExtension()
at Microsoft.ReportingServices.WebServer.Global.ConstructRSServiceFromRequest(String item)
at Microsoft.ReportingServices.WebServer.Global.get_Service()
at Microsoft.ReportingServices.WebServer.Global.DispatchRequest(Boolean& transferedToViewerPage)
at Microsoft.ReportingServices.WebServer.Global.Application_AuthenticateRequest(Object sender, EventArgs e)
--- End of inner exception stack trace ---
says there is a ReportingServices.Diagnostics.Utilities.InternalCatalogException, well when I step through the code in the debugger this happens in a region I can not step through... and in my IIS logs I have this
Anyone have ANY idea of what is going on here? This is really a big problem for production code to lag and throw back timeout errors everytime someone wants to run a report. Thanks!
I wonder if it is possible to set forms authentication for report manager but leave report server "as it is". I need to authenticate users from external LDAP and can't use windows authentication for report manager, but I would also like to leave report server open for anonymous users. In that way authenticated administrators could create reports which anonymous users could read.
I tested the Security Extension Sample and got it working when I rewrote the authentication part with my own LDAP authentication.
If I have understood correctly, the report manager is just application inside report server so is it possible to use forms authentication with one application but still leave the report server with Windows authentication?
However, when it comes to Authorization, i'm unclear in a few areas and would appreciate if someone could help me out with the following questions. It should be noted that in the code I have granted an administrator user full access to all operations and permissions, and then tested against both an administrator user and a normal user.
"Returns the set of permissions granted a specific user for an item in the report server database."
Inparticular, the secDesc parameter is supposed to contain the security descriptor associated with the item.
However, with our extension this parameter is always null, even if I have already granted access for a user, which is confirmed through logging in CreateSecurityDescriptor.
Through the report manager or sql studio I can see that the permissions have been created, so I can't understand why I never see them in the GetPermissions method? This then (seems to) flow through to the various CheckAccess methods, where the users are authenticated, but are not authorized to perform any operations. i.e. in report manager a user has no folders or reports available.
Is RS authorization designed around the concept that the details will always be stored in it's own database?
Ideally, we'd like to have the various roles, users and function authorizations defined in our own security framework. This is working great for the authentication aspect of the extension, but unless there is a mechanism which exposes the details of the particular authorization process (e.g. the name of the folder being viewed or report being run), then I can't see a way we can implement it. Unless i'm missing something fundamental of course!
Using Report Builder as the Administrator user (or any other user), I can see no data models available, even though I have created them via Report Manager, and I get the following exception trying to open up the list of reports:
System.Web.Services.Protocols.SoapException: The permissions granted to user '' are insufficient for performing this operation. ---> Microsoft.ReportingServices.Diagnostics.Utilities.AccessDeniedException: The permissions granted to user '' are insufficient for performing this operation. at Microsoft.ReportingServices.Library.ListChildrenAction.PerformActionNow() at Microsoft.ReportingServices.Library.RSSoapAction.Execute() at Microsoft.ReportingServices.WebServer.ReportingService2005.ListChildren(String Item, Boolean Recursive, CatalogItem[]& CatalogItems)
I have implemented a report server proxy (inherited from ReportService2005) as per the example, to pass through the authorization cookie. Any clues as to what could be wrong?
Finally, I suspect part of my problem may be in assignment of users to System Roles ("System Administrator" and "System User"), I'm not sure if these are meant only for Windows Authentication? I can see no way of assigning these roles to any of my users using Forms Authentication.
We are using custom authentication to acess the report server.Users can access reports only through a .net application. Now we want to give the users the ability to deploy their reports trhough a .net client utility with out changing the anonymous security setting in IIS.
Can anyone point me in the right direction . Can we use rs.exe to deploy reports under forms authenticated mode...
In a nut shell "Is there a way to deploy report through forms authentication"/
Hey, I was just wondering if someone could point me in the right direction on an issue. I've got the authentication portion of a custom security extension working properly (while authorization is just sort of giving everyone a pass) and all of my Googling efforts seem to be bearing little fruit. Now that authentication is in place, whenever I try to deploy a report from Visual Studio, it comes up with an error.
The error is that it is getting the authentication html login page set in web.config (as I expected), while it was looking for an xml page. I'm a bit new to this side of things so I'm not really even sure where I should be looking to see what kind of xml page it wants and such.
I don't need anyone to bother explaining the entire thing to me as I should be able to figure it out once I can get a start, but as I said I just need a kick in the right direction because my Google-fu has failed
For using different services of SQL SERVER 2005 which is better... Windows Authentication or SQL Server Authentication? what are the advantages and disadvantages of both?
I have created an EndPoint in SQL Server 2005 as per the code below.
CREATE ENDPOINT OSTC_LMS_Endpoint
AUTHORIZATION LMSEndPointUsers
STATE = STARTED
AS HTTP(
PATH = '/ostc_sql_endpoint',
AUTHENTICATION = (BASIC),
PORTS = (SSL),
SITE = 'OSTC-DEV-001'
)
FOR SOAP (
WEBMETHOD 'ostc_SQLSoapTester'
(name='OSTC_LMS_06.dbo.ostc_SQLSoapTester',
FORMAT = ROWSETS_ONLY,
SCHEMA=STANDARD),
WSDL = DEFAULT,
LOGIN_TYPE = MIXED,
SCHEMA = STANDARD,
DATABASE = 'OSTC_LMS_06',
NAMESPACE = 'http://tempUri.org/'
)
GO
USE master
GRANT CONNECT ON ENDPOINT::OSTC_LMS_Endpoint
TO [LMSEndPointUsers]
GO
USE master
GRANT CONNECT ON ENDPOINT::OSTC_LMS_Endpoint
TO [ostc-dev-001endPointUsers]
GO
----------------------------------------------------------------------------------------------------------------- The SPROC being exposed as the webmethod: -
The computer in question is our dev server and is running as a workgroup machine with the following: - Win Server 2003 SQL Server 2005 .net Framework 2.0 No firewalls or Proxies are in the way.
The computer has to be as a workgroup machine to reflect our live server.
The user LMSEndPointUsers is a SQL Server Login The user ostc-dev-001endPointUsers is a machine login
We have employed the Security class as per the information given in the SQL Server documentation with the intention of using the WS-Security headers that apparently are to be used when trying to authenticate using a SQL Server login.
SQL Sever 2005 Express Move Windowns Authentication Choice To Mixed Authentication
I folks.I Have installed sql server 2005 express and choosed windowsauthentication on instalation, but i make a mistake and now i needmixed authentication, how can i modify this whithout uninstall andinstall again the application?thanks for the help.
Report Server Authentication Through Internet
We're trying to determine the best way to implement an authentication mechanism for our reporting services solution. Basically, we are exposing a web application to the internet, and allowing a forms authenticated user to access our report server somewhere within our intranet to view reports. I've browsed msdn and found that there are two approaches:
1. create a custom authentication extension for reporting services 2. create a restricted domain user that is allowed to access the report server
Going with approach 2 and assuming I'm using a ReportViewer control, in order to authenticate with the report server (using the one domain user created specifically for report server access), are we supposed to just provide an instance of an object implementing IReportServerCredential containing the domain user information to the Credentials property of the ReportViewer.ServerReport before accessing the report? Is this the correct way to implement approach 2? Also, if implementing approach 2 is so simple compared to approach 1, why would anyone choose to implement custom authentication extension if they don't need fine-grain access control on the report server level?
Custom Authentication Slower To Load?
I'm experiencing that Reporting Services takes a very long time to load the first time it's accessed (for a while). I am using custom authentication, and I think that this makes it quiet a bit slower to start, is that true?
I know about the 'Shutdown worker process after...' checkbox in IIS and i have turned it off. This however doesn't seem to help. When accessing RS after being idle for an hour or so, it takes about 10 seconds to show the first report.
So... does my custom authentication have something to do with performance? If it does, can I do something to speed it up?
I have to implement custom authentication for the reporting service to access from the web application. In this scenario I have my own user role and user name and password stored in one table. While calling reports (Reporting Service 2005) via web application I need form authentication instead of the windows authentication. If I use form authentication according to the Microsoft articles I have to make reporting service virtual folder in the IIS as anonymous access. Is it security and reliable? If it€™s not reliable then what is the alternative way.
Switching SQL 2005 Authentication Mode From Windows To SQL Authentication
Hi there,I have installed MS SQL Server 2005 on my machine with windows authentication. But now I want to switch the authentication mode to SQL Authentication. I am unable to switch, I can’t find the proper way to do so here in 2005.Could any one help me in doing this?Thank you,-Ahsan
I have a Report Server when i try to deploy my report on the same server and if i use the Fully Qualified Domain Name in my report path i get the below Error
Deploying A Website With User Authentication - Getting Errors
I have built a site that uses form-based authentication. Am I correct in assuming that the users and passwords will be stored in the SQLServer database in the aspnetdb.mdf file? The website works great and the authentication works how I want it to. However, I've tried to copy over the file onto a remote machine. The first page is a login screen and this is displayed without any problems but as soon as I attempt to log in I get an error message of:An error has occurred while establishing a connection to the server. When connecting to SQL Server 2005, this failure may be caused by the fact that under the default settings SQL Server does not allow remote connections. (provider: SQL Network Interfaces, error: 26 - Error Locating Server/Instance Specified)I'm wondering if this is something to do with the fact I installed SQLServer Express edition on the remote machine. The website works no problem on the local machine in debug mode of Visual Studio 2005 (Professional Edition). I followed instructions to enable remote connections on SQLServer Express from a Microsoft support doc. If anybody can point me in the right direction I'll be very grateful as I've hit a wall here.
Authentication Issues, Security Groups
Hi,Apologies for not knowing much around this subject, we currently run sqlserver 2000 for a database and have each user marked up on the database.We are moving to use a windows security group, so taking themanagement slightly away from the database server.What I would like to know is, will this effect functions such assuser_sname() by returning the group name instead of user id? I wouldassume not but it's worth checking!Also, I'm guessing if a user is marked on the database as their own idand as part of a security group, then all permissions are thrown in withdeny taking preference? How does this work with a database owner who isalso part of a security group that has limiting functionality?Thanks for your help,Chris
SQL Security Guidelines? (i.e. Authentication, Accounts)
We are about to change the sa password, currently all packages and jobs rely on this account. I imagine there is probably a better architecture that we could employ to ease this process. Any suggestions recommendations?
Also any caveats I should be aware of regarding places to look that might currently rely on the sa account so that we do not need to worry about existing processes from breaking?
I think we are going to create an NT account for DTS Packages and possibly use the same account for any DTSRun jobs, does this make sense? Or is there anything to gain by having these as separate accounts? Also should this be the same account used to run the MSSQLServer process?
I tried doing a search for this information here, thinking it was already covered, but could not find anything that informative, any resources that you could point me to would be appreciated, I will look on BOL as well as MSFT to see what I can dig up.
Error 3146 And Security/authentication
7.0 SP2, NT 4 SP 5A. I have ONE user of a VB application that can't get to the server now that we migrated over to 7.0 authentication.
I added his NT id to a local NT Group on the SQL Server. Others in that group whose NT ids are on the same domain as the SQL Server aren't having the problem. He's in a different domain than everyone else. His NT is on only one domain (checked this twice!). He can ping the SQL Server. It takes him 7 hops to get to the server whereas everyone else it takes 2.
He's using Windows 98 (using the same login and password for his pc as his NT id)whereas everyone else is using Windows NT.
The domain he is on is trusted to an "external" domain and the "external" domain is trusted to the domain SQL Server runs on.
Nothing shows up in the NT event logs or the SQL Server logs.
Any ideas on how I can analyze where the problem is? I can't find anything in Technet or in the archives here at Swynk. I'm stuck :{
Security/Authentication Issue Web ReportManager
Wa have a user that comes over to our BI department, on a test-pc he logs in with his domain account, goes to the /Reports url and sees the report we prepared for his usercode. The virtual directories have Windows Authentication in IIS.
When he goes to his desk, where he is running with the same account he can't see these reports ....
What could be the problem and where should i start looking ??
We want re-authenticate using standard NT logins against Active Directory (not a custom database or SSO.
This is trivial to configure using Basic Authentication, however I would like to use an ASP.NET login form. I would like to avoid writing a security extension as I do not want to perform custom authentication. I would like the web service to use it's built in authentication and authorisation mechanisms.
Is the above possible???
The following gives some more details about wht I've tried.
I have tried configuring the report server/manager with Forms authentication as in the sample but cannot get it to work with out implementing the security extensions.
I changed the web.config files and the policy files for permissioning my dll with FullTrust. I did not configure an extension as I want reporting services to use it's built in windows security mechanisms.
In the login page code behind I call the ReportingService2005.LogonUser() method which always throws the following exception: Client found response content type of 'text/html; charset=utf-8', but expected 'text/xml'. The request failed with the error message: --
Reporting Services Error
The report server has encountered a configuration error. See the report server log files for more information. (rsServerConfigurationError) Get Online Help
SQL Server Reporting Services --.
I check the log file and it has the following:
at System.Web.UI.Page.HandleError(Exception e) at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) at System.Web.UI.Page.ProcessRequest() at System.Web.UI.Page.ProcessRequestWithNoAssert(HttpContext context) at System.Web.UI.Page.ProcessRequest(HttpContext context) at ASP.logon_aspx.ProcessRequest(HttpContext context) at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) aspnet_wp!library!18!03/13/2007-11:38:23:: e ERROR: Throwing Microsoft.ReportingServices.Diagnostics.Utilities.InternalCatalogException: An internal error occurred on the report server. See the error log for more details., ; Info: Microsoft.ReportingServices.Diagnostics.Utilities.InternalCatalogException: An internal error occurred on the report server. See the error log for more details. ---> System.Web.HttpUnhandledException: Exception of type 'System.Web.HttpUnhandledException' was thrown. ---> System.FormatException: Input string was not in a correct format. at System.Text.StringBuilder.FormatError() at System.Text.StringBuilder.AppendFormat(IFormatProvider provider, String format, Object[] args) at System.String.Format(IFormatProvider provider, String format, Object[] args) at Microsoft.Samples.ReportingServices.CustomSecurity.Logon.ServerBtnLogon_Click(Object sender, EventArgs e) in C:Program FilesMicrosoft SQL Server90SamplesReporting ServicesExtension SamplesFormsAuthentication SamplecsFormsAuthenticationLogon.aspx.cs:line 130 at System.Web.UI.WebControls.Button.OnClick(EventArgs e) at System.Web.UI.WebControls.Button.RaisePostBackEvent(String eventArgument) at System.Web.UI.WebControls.Button.System.Web.UI.IPostBackEventHandler.RaisePostBackEvent(String eventArgument) at System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler sourceControl, String eventArgument) at System.Web.UI.Page.RaisePostBackEvent(NameValueCollection postData) at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) --- End of inner exception stack trace --- at System.Web.UI.Page.HandleError(Exception e) at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) at System.Web.UI.Page.ProcessRequest() at System.Web.UI.Page.ProcessRequestWithNoAssert(HttpContext context) at System.Web.UI.Page.ProcessRequest(HttpContext context) at ASP.logon_aspx.ProcessRequest(HttpContext context) at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) --- End of inner exception stack trace --- aspnet_wp!library!18!03/13/2007-11:38:24:: i INFO: Exception dumped to: c:Program FilesMicrosoft SQL ServerMSSQL.3Reporting ServicesLogFiles flags= ReferencedMemory, AllThreads, SendToWatson aspnet_wp!library!1!03/13/2007-11:39:11:: e ERROR: Throwing Microsoft.ReportingServices.Diagnostics.Utilities.ServerConfigurationErrorException: The report server has encountered a configuration error. See the report server log files for more information., Could not load Authentication extension; Info: Microsoft.ReportingServices.Diagnostics.Utilities.ServerConfigurationErrorException: The report server has encountered a configuration error. See the report server log files for more information.
Am I missing something? Is this even possible? If not, then why isn't it possible?
It feels like I've been going round in circles on something that shouold be pretty trivial to configure.
(Using win2k, sqlserver2k, framework 1.1) I have an fairly data-heavy application that uses Windows authentication (Trusted connection/aspnet account) to connect to Sql Server. The site uses IIS basic authentication.
On the dev server everything works fine but when I move to the live server things get strange and it starts to crawl along. (Pages load OK but then it just crawls as it loads the datagrids etc. Sometimes it brings back incomplete/incorrect data )
BUT When I use Sql Authentication to connect to Sql Server and there is no problem at all!
Ok, there is something obviously wrong with the live server (which is identical setup to dev)but I dont know where to start.
I've got two applications which both have a database on my MS SQL 2000 server. The problem is, one application must use Windows Integrated Authentication (which it is currently using and cannot be changed) whilst the other application which I'm trying to configure must use a SQL password.
Since the server has already been configured to use Windows Integrated Authentication for the existing database and application, how do I configure the other database to use the SQL password?
My work is using a shared application which accesses a MSSQL 2000 database. To access the application, the folder on the Windows 2003 Server is shared and users can access the folder through a shared drive.
For the application to access the database, it uses an ODBC connection to the MSSQL server which originally used the SA password.
We have recently switched to using Windows Integrated Authentication because we believe it offers a higher level of security. However the only way in which we have been able to enable this is to add the windows users to the SQL server.
The problem with this is that the application sets permissions for individual users on what records they can see within the database. We have found that by adding the windows users to the SQL Server, they can bypass the permissions the set by the application by simply using any application that can use an ODBC connection, such as Enterprise Manager, and see all the database.
One way around this would be to set up domains of users with access privileges to the tables which reflect the permissions set by the application, and configuring a view of the data so they may only see the records that they have permissions to. However to do this would require a high administrative cost to ensure that changes made in the application are reflected in the privileges of the SQL server.
Instead, is there a way the SQL server can authenticate that the ODBC connection is coming from the correct application using Windows Integrated Authentication?
This would allow the applcation to determine security, and stop users from connecting to the SQL server using other applications.
Alternatively, can the SQL server, using Windows Integrated Authentication, also ask the application to supply a username and password?
Any help with this matter would be greatly appreciated.
Sorry for the long post but I'll try to give a maximum of information.
I've tried to implement Form Authentication for Reporting Services. Right now, just about everything works as I would hope for, i.e.:
When I try to access http://<server>/ReportServer$SQLSERVER_2005, I am redirected to the authentication form. When successfully authenticated, I can access the report I can display reports throught the ReportViewer Web control by passing the authentication cookie. Etc.
(Note: My implementation of Form Authentication was inspired by http://www.devx.com/dotnet/Article/26759/0/page/1 which seems similar to Microsoft Sample)
(The $SQLSERVER_2005 suffix is because SQL Server 2000 is also installed on the server, but I don't think Reporting Services 2000 is installed)
There is one thing which does not work however and it is the Report Manager.
When I try to access http://<server>/Reports$SQLSERVER_2005, I would expect to be redirected to the /Pages/UILogon.aspx page. Instead, I get an error page with the following message:
"The report server is not responding. Verify that the report server is running and can be accessed from this computer."
Both ReportServer and Reports are on the same server, both have the same security on the folder and in IIS (6.0), both have Anonymous security access "checked".
If I revert to the old .config files (prior to my modifications for Form Authentication) and remove Anonymous from IIS for both sites, everything works fine (like it did after the installation).
Here are excerpts from the config files I've modified in ReportManager:
<CodeGroup class="FirstMatchCodeGroup" version="1" PermissionSetName="FullTrust" Description="This code group grants MyComputer code Execution permission. "> <IMembershipCondition class="ZoneMembershipCondition" version="1" Zone="MyComputer" />
Web.config:
<identity impersonate="false" />
Here is the content of the log ReportServerWebApp_*.log (see error in bold):
<Header> <Product>Microsoft SQL Server Reporting Services Version 9.00.1399.00</Product> <Locale>en-US</Locale> <TimeZone>Eastern Standard Time</TimeZone> <Path>C:Program FilesMicrosoft SQL ServerMSSQL.3Reporting ServicesLogFilesReportServerWebApp__11_10_2006_08_32_34.log</Path> <SystemName>MSCAPP02</SystemName> <OSName>Microsoft Windows NT 5.2.3790 Service Pack 1</OSName> <OSVersion>5.2.3790.65536</OSVersion> </Header> w3wp!library!5!11/10/2006-08:32:35:: i INFO: Initializing MaxActiveReqForOneUser to '20' requests(s) as specified in Configuration file. w3wp!library!5!11/10/2006-08:32:35:: i INFO: Initializing MaxScheduleWait to default value of '1' second(s) because it was not specified in Configuration file. w3wp!library!5!11/10/2006-08:32:35:: i INFO: Initializing DatabaseQueryTimeout to default value of '30' second(s) because it was not specified in Configuration file. w3wp!library!5!11/10/2006-08:32:35:: i INFO: Initializing ProcessRecycleOptions to default value of '0' because it was not specified in Configuration file. w3wp!library!5!11/10/2006-08:32:35:: i INFO: Initializing RunningRequestsScavengerCycle to default value of '30' second(s) because it was not specified in Configuration file. w3wp!library!5!11/10/2006-08:32:35:: i INFO: Initializing RunningRequestsDbCycle to default value of '30' second(s) because it was not specified in Configuration file. w3wp!library!5!11/10/2006-08:32:35:: i INFO: Initializing RunningRequestsAge to default value of '30' second(s) because it was not specified in Configuration file. w3wp!library!5!11/10/2006-08:32:35:: i INFO: Initializing CleanupCycleMinutes to default value of '10' minute(s) because it was not specified in Configuration file. w3wp!library!5!11/10/2006-08:32:35:: i INFO: Initializing DailyCleanupMinuteOfDay to default value of '120' minutes since midnight because it was not specified in Configuration file. w3wp!library!5!11/10/2006-08:32:35:: i INFO: Initializing WatsonFlags to default value of '1064' because it was not specified in Configuration file. w3wp!library!5!11/10/2006-08:32:35:: i INFO: Initializing WatsonDumpOnExceptions to default value of 'Microsoft.ReportingServices.Diagnostics.Utilities.InternalCatalogException,Microsoft.ReportingServices.Modeling.InternalModelingException' because it was not specified in Configuration file. w3wp!library!5!11/10/2006-08:32:35:: i INFO: Initializing WatsonDumpExcludeIfContainsExceptions to default value of 'System.Data.SqlClient.SqlException,System.Threading.ThreadAbortException' because it was not specified in Configuration file. w3wp!library!5!11/10/2006-08:32:35:: i INFO: Initializing SecureConnectionLevel to default value of '1' because it was not specified in Configuration file. w3wp!library!5!11/10/2006-08:32:35:: i INFO: Initializing DisplayErrorLink to 'True' as specified in Configuration file. w3wp!library!5!11/10/2006-08:32:35:: i INFO: Initializing WebServiceUseFileShareStorage to default value of 'False' because it was not specified in Configuration file. w3wp!ui!5!11/10/2006-08:32:39:: e ERROR: The report server is not responding. Verify that the report server is running and can be accessed from this computer. w3wp!ui!5!11/10/2006-08:32:39:: e ERROR: HTTP status code --> 500 -------Details-------- Microsoft.ReportingServices.UI.Global+RSWebServiceWrapper+CantCommunicateWithReportServerException: The report server is not responding. Verify that the report server is running and can be accessed from this computer.
at Microsoft.ReportingServices.UI.Global.RSWebServiceWrapper.GetSecureMethods()
at Microsoft.SqlServer.ReportingServices2005.RSConnection.IsSecureMethod(String methodname)
at Microsoft.SqlServer.ReportingServices2005.RSConnection.ValidateConnection()
at Microsoft.ReportingServices.UI.ReportingPage.EnsureHttpsLevel(HttpsLevel level)
at Microsoft.ReportingServices.UI.ReportingPage.ReportingPage_Init(Object sender, EventArgs args)
at System.EventHandler.Invoke(Object sender, EventArgs e)
at System.Web.UI.Control.OnInit(EventArgs e)
at System.Web.UI.Page.OnInit(EventArgs e)
at System.Web.UI.Control.InitRecursive(Control namingContainer)
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) w3wp!ui!5!11/10/2006-08:32:40:: e ERROR: Exception in ShowErrorPage: System.Threading.ThreadAbortException: Thread was being aborted. at System.Threading.Thread.AbortInternal() at System.Threading.Thread.Abort(Object stateInfo) at System.Web.HttpResponse.End() at System.Web.HttpServerUtility.Transfer(String path, Boolean preserveForm) at Microsoft.ReportingServices.UI.ReportingPage.ShowErrorPage(String errMsg) at at System.Threading.Thread.AbortInternal() at System.Threading.Thread.Abort(Object stateInfo) at System.Web.HttpResponse.End() at System.Web.HttpServerUtility.Transfer(String path, Boolean preserveForm) at Microsoft.ReportingServices.UI.ReportingPage.ShowErrorPage(String errMsg)
So that's it. Thanks for any help you can provide.
I'm trying to deploy Reporting Services on an Internet-facing web server using a custom security extension (forms authentication). We will be putting Report Manager on the Web Server outside of the firewall, and Report Server on another machine inside the firewall. When testing the solution in a development environment with Report Manager and Report Server on the same box, the solution works fine.
When testing it using the Internet-facing environment described above, it almost works but there seems to be an issue with the authentication cookie that is generated. Here's what happens:
1. User enters credentials on UILogon.aspx and submits form. 2. In the code-behind, LogonUser() is called through a web service proxy and the authentication cookie is returned successfully. The code used here to set the cookie is the same code used in the Forms Authentication sample that ships with RS2005. 3. The user is redirected to Folder.aspx, and the request hangs for a while, and eventually kicks you back out to UILogon.aspx, as if it lost the authentication cookie. When doing a trace on the HTTP header, the cookie is still there.
Is there anything special I need to do to make the Report Server "see" the cookie when I have Report Manager and Report Server on different machines?
Reporting Services Custom Authentication And Web Reportviewer - Familiar Question
This is a subject that has been brought up before but I have not seen a definitive answer/solution. We have implemented a custom authentication extension (forms authentication) for reporting services and it has been working just fine under "normal" conditions; "normal" being users logging in, viewing reports, and then moving on. Recently some reports were created by our report group and they contain Dundas gauge controls for "dashboard" style reports. These reports are meant to be up all day and they post back every few seconds because the data they present is mission critical. This of course exposed the inability of the reportviewer control to stay in the context of Report Manager when it comes to the cookie exchange and authentication thus resulting in the following error: <html><head><title>Object moved</title></head><body> <h2>Object moved to <a href="/ReportServer/logon.aspx?ReturnUrl=%2freportserver%2fReportExecution2005.asmx">here</a>.</h2> </body></html>
I created a quick ASP.NET web application and added the reportviewer to it, implemented IReportServerCredentials and the report came up as expected but behaved the same way as it did in Report Manager. Same with a Windows Forms application.
Increasing the cookie timeout in the forms authentication tag is an option, but not an attractive one. Extending the reportviewer control is also an option, but I don't know if that is a good candidate right now because I don't see anything extensible yet.
Is this just the nature of RS with custom authentication or is there a viable solution out there right now?
Any and all answers are much appreciated and I thank you in advance.
I need to figure out what kind of Authentication , I need to use for following applicaiton
Product : -
1 ) It resides on a its Domain and has access to Database on that Domain. 2 ) We have a application level login , n based on application login id display specific pages.
The question that bother me is this
Q ) If i use NT authentication , then a user will be required to
a ) Login to domain (with userid and password) first and then
b ) Then i would require to again login to applicaiton with application level login and password.(different levels of login as there) Based on the application level login i will display only specific asp pages. They have different access rights..and roles.
Requirment is to login only once..and it should authenticate to application display specific pages and authenticate to SQl server database also..
Is there any way thru which i can map my application level login to SQl server.. and what authentication should i use..
Basic Authentication Vs Security Extension For Internet/Xtranet RS Access
does anybody know why MS doesnt consider Basic Authentication a viable solution for Inter/Xtra net access to RS? I'm re reading the documentation at http://msdn2.microsoft.com/en-us/library/bb283249.aspx but so far am not getting what the Security Extension options accomplish that can't be accomplished with much less effort using some form of Basic Authentication.
Switching From SQL Authentication To Integrated Authentication?
Hi,I'm using SQL Server 2005. My Connection String looks like that at the moment: <add name="LocalSqlServer" connectionString="Data Source=xx;Initial Catalog=xx;Persist Security Info=True;User ID=xx;Password=xx" providerName="System.Data.SqlClient"/> Now I'd like to change this kind of authentication to Integrated Windows AuthenticationI added the WorkerProcess IIS_WPG to the permitted Users but it didn't help.Changed the Connection String to this:connectionString="Server=xx;Database=xx;Trusted_Connection=True;"All I'm getting is that my NetworkService is not permitted to access DB when I try to connect to the DB in ASP.NET.How can I properly configure that? Thanks!
Say, I have configured my SQL to use Mixed Authentication. Now, I have a applicaiton which uses my SQL Server. The application just creates a database in SQL Server and uses the database to store its information.
This application also has a SYSTEM DSN under ODBC through which it accesses the database. For the application to access this database, should I only use SA (as my SQL instance is configured to use Mixed Authentication) or can I use Windows Authentcation too...
If I should only use SA, do we have a documentation which talks about this.
We are trying to install a report server webfarm for our company. The goals are as follows.
1. Provide scalable environment
2. Integrate reporting services into existing web applications
3. Eliminate multiple prompts for user's credentials when trying to access a report through the URL to report server.
I was able to get the custom security extensions to work in a sandbox environment. However, when I try to deploy the security extensions to a testing server and integrate it with an existing ReportServer database, it works fine when using Basic authentication on the new server.
If I apply custom security extensions and forms based authentication, the following happens.
1. When the users login to report manager, a blank homepage with no folder or reports.
2. When I debug the security extension, the ACL is null in this case while on the sandbox it is a populated byte array of almost 8421 bytes.
This is on a critical path and any help would be greatly appreciated.
Custom Data Extension - Security Error On Report Server
I have written CDE to retrieve and process data before generating the report. It works very well inside VS.Net. However, when deployed to the report server I get the following error
An error has occurred during report processing. Cannot create a connection to data source 'CallsTaken'. Request for the permission of type 'System.Security.Permissions.SecurityPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.
I have added appropriate CAS entry in rssrvpolicy.config file as following
<CodeGroup
class="UnionCodeGroup"
version="1"
Name="CustomDataExtensionCodeGroup"
Description="Code group for the Custom Data Extension"
I have a report losing authentication if the report takes more than two minutes to render.
The server is set up with SQL Server 2000 SP3. The report is launched from an ASP.NET 1.1 application. This application sets up parameters and calls the report and renders it in a ReportViewer component.
This report can be up to 300+ pages.
If I call the report with parameters limiting the number of pages it runs fine. If I call the report without limiting, after about two minutes, the report is asking the user to authenticate on the Report Server. Even if the user successfully authenticates, the report ends up failing with a 401.2 error.
Does anyone have an idea how to go about resolving this issue ?
After implementing custom security extension for forms authentication, the report server works fine with Report Manager and web application. However, there is a problem with Report Builder.
It gives SecurityException "That assembly does not allow partially trusted callers.". Its becos I am using my own security assembly for authentication. I resolved this issue by using the following in my assemblyinfo.cs
However, now when I login to Report Builder it gives me error System.IO.FileNotFoundException. Its not able to find my security assembly.
I also tried giving FullTrust to the assembly using Framework 2.0 Configuration. I read somewhere that the ClickOnce application caches its last called settings in the manifest file and you have to delete the manifest and manually alter the security in the application settings(properties).
Is this true? Is there any solution to this issue? Is this really an issue with clickonce application?
'Credentials stored securely in the report server' specifying a service account that has permissions to access the database appropriately.
and
'Use as Windows credentials when connecting to the data source' checked
However, when a user creates a report using Report Builder (which they can do without any issues) they cannot view the report as the get : 'rsAccessDenied' for the users account.
The users account does not have access to the database, however I expected the service account details to be used, not the users account.
Does anyone have a solution to stop the users account from overriding the service account set up in the data source? It seems overkill to introduce a bespoke authentication method?
Image Authentication In The Report Viewer
I'm doing some performance tuning of our reports and when watching the HTTP traffic that is generated between the client and the reporting web server, I'm seeing a lot of 401 Authentication codes on images that are part of the report viewer, but are served up via dynamic content and not being recognized as images by IIS.
I have changed the configuration of IIS for the images to not authenticate images, and to use caching but for these files those settings are ignored because they're being interpreted as text files.
Example of one of the response codes from the test...
/Reports/Reserved.ReportViewerWebControl.axd?OpType=Resource&Version=9.00.3042.00&Name=Microsoft.Reporting.WebForms.Icons.ChevronUp.gif 1,656 text/html No Caching
1,656
text/html
No Caching
What do I need to change in the configuration of the reports server or IIS to recognize this as an image and not have to authenticate it every trip?
Report Viewer Connection/Authentication Problem?
We have an ASP.NET 2.0 Web App running on a W2K3 Server in a Windows Workgroup and we want to use 2005 Reporting Services running on a W2K3 Server in the Domain.
I implemented the IReportServerCredentials code to impersonate a domain user:
Export Report To PDF Programmatically (forms Authentication)
I use ReportExecutionService class to export a SQL reporting services report to a PDF file. It seems not work, and failed at method €œLoadReport€?. The error message said: Object moved to <ReportServer Login Page>.
I think, it€™s an authentication problem. The report server is set to form authentication, and I wrote a custom security DLL, and share the auth cookie with ASP.NET Web application. It works fine with ReportViewer.
I set ReportExecutionService.Credentials = System.Net.CredentialCache.DefaultCredentials. It looks like my network login windows account (MyDomainNameMyUserName), and of course it is failed. I read the ReportExecutionService class members, and can not find way to pass auth cookie, or some kind of forms authentication object into ReportExecutionService class.
Does anyone render report into PDF (HTML) file successfully by ASP.NET code for forms authentication?
I search the sample code over internet. The sample code only uses CredentialCache.DefaultCredentials, and it looks a windows authentication credential. Am I wrong?
Forms Authentication Breaks Report Designer?
I have implemented forms authentication via a custom security extension in RS2005 as described in a relevant sample. I am asked for credentials when accessing the Report Manager and the Report Builder, however I can no longer connect to the report server in SQL Server Management Studio (I get HTML code as the error message) and the Preview tab in the Report Designer now fails with User Not Authorized.
I can live with the first problem, but the Report Designer needs to work. When I debug the extension, I can see that LogonUser method is being passed empty strings. This makes sense, since the Report Designer has not asked me for the credentials. Do I need to modify any the of the Designer configs to have it pop up the username/password window (similar to Report Builder) or is the only solution to use Windows Authentication on development machines and Forms Authentication in production?
Deploying Report In Windows Authentication Mode
Hi, I installed sql server express edition 2005 in my system and configured with windows authentication mode. I designed report using Business Intelligence Development Studio and i got preview of report well. But while deploying it asking for Username and Password. I tried with Domain username and password in which i logged in.
I tried in another way also. Through report manager (http://localhost/reportserver) i uploaded data connection and report. uploaded successfully and viewed report in report manager. but when i am connecting report through report viewer, i am getting error message that HTTP Status 404 : Not Found.
Could any one help me in solving this problem.
i also changed credentials to windows authentication mode, service mode in report server configuration...but no use..
Log-shipping Monitor Instance Authentication &&"By Proxy&&" Results In Errors
We have set-up log shipping in both our development and production environments. The difference between the two is that development is using SQL 2005 Developer Edition SP2 and production is using SQL 2005 Enterprise Edition SP2. As well, the production environment runs using 64-bit 3-node failover cluster set-up for the source, whereas the development source server environment is 32-bit and not clustered. Also, our development environment destination/monitor instance is located within the same geographic location mapped to the same domain controller. The production environment destination/monitor instance is located off-site, and although is part of the same domain, uses a different domain controller which is synched-up with the primary domain controller used for the source server and entire development environment. Other than that, both environments run using Windows 2003 Server Enterprise Edition SP1.
Originally, both environments were configured to use Monitor connections "By impersonating the proxy account of the job (usually the SQL Server Agent service account of the server instance where the job runs)". This presented no problems in the development environment, but in the production environment, this results in the following error whenever the source server tries to update the monitor instance with the backup alert status:
Error: 18456, Severity: 14, State: 11. Login failed for user 'NT AUTHORITYANONYMOUS LOGON'. [CLIENT: XXX.XX.XX.XX]
This also results in the log-ship alert job falsely reporting that backup jobs are "out-of-synch", since the source server cannot write log information to the log ship tables on the destination/monitor instance.
Now, according to BOL, when choosing to impersonate the proxy account, this is supposed to default to the SQL Server Agent Service account, which in our systems (both development and production), is a Windows domain account with full administrator priviledges and a SQL system adminstrator on both source and destination/monitor instances.
Upon trying to open a case with Microsoft originally when we were running on SQL 2005 SP1, and spending several hours ensuring there were no duplicate SPNs and linked servers were properly configured, they had come to the conclusion that this was the result of a known SP1 issue (http://support.microsoft.com/kb/925843), and would be solved by applying SP2. We are now running SP2 + hotfix (9.0.3152), but are still receiving this error.
The only way I have currently of fixing this issue is by changing the Monitor connection from authenticating via proxy account to using a SQL Server login account which has system admin priviledges.
I have limited knowledge of how security is applied across different domain controllers within the same domain. Any help would be greatly appreciated.
Sql Authentication Vs. Windows Authentication
I am in the process of rolling out a sql server 2005 enterprise install and had a question regarding authentication. We will be providing sql hosting for a number of groups on our campus, many who are not using our campus-wide active directory, though they all have an AD account.
Windows authentication via the management studio appears to use your AD authentication tokens and will not allow them to enter a username/password combo. Is there any way to configure this?
I would like to use our campus AD for obvious reasons but if there is a requirement for passing tokens this isn't going to work right? It's also going to make database mirroring more of a challenge.
I have an SSRS 2000 report that contains 2 datasets. Each dataset holds the results of a basic MDX query (the queries come back almost instantaneously in the sample MDX app). The report also contains a dataset holding results from a very simple stored procedure call which returns only 1 row of data.
Our problem is that the report is taking about 45 seconds to render, which seems ridiculous for the small amount and simplicity of data beign returned.
Looking at the log files it seems that it is taking 15 seconds to be authenticated per olap dataset.
The data source is a shared data source. Credentials are stored securely in Report Server and we have the 'Use as windows Credentials when connecting to the data source' option checked.
We have tried carrying out an oledb connection test in C# to see if opening the connection takes the same time and it does e.g.
OleDbConnection ole = new OleDbConnection("Provider=MSOLAP.2;Initial Catalog=Mycatalog;Data Source=MyServer"); ole.Open();
We do not think it is a hardware issue as the server has 16GB of Ram and 8 processors. The version of RS is Enterprise. RS is on a different server to the Olap cubes. I am unsure of the service packs that have been applied to RS and SQL server.
My question is therefore, is there anything in the connection string or data source setup that we can change to speed up authentication, or any config setting we can change to make authentication faster?
I'm working on a web project that will display the reports in an iframe to the user. When I was using windows security It worked perfectly.
Now my boss wants me to use form based authentication instead that can authenticate against our current Active Directory. This is working perfectly and does authenticate correctly. The only problem is that when I load a report in the iframe http://myserver/reportserver/myreport-blah reporting services prompts the user to enter in windows credentials. Is there anyway to pass my form credentials to the report server so that the user doesn't have to log in again.
Both the report server and the web app are on the same server BUT in different virtual directories.
PS: I tried using the reportviewer control but it does not display things correctly. For example, I have use a multi select dropdown on the reports and it messes up the drop down when the user only has 1 selection (hiding the selection). If the user has more than one selection the drop down uses scroll bars. I would use the reportviewer control if it displayed exactly like it does when using alternate URL method.
Hi, I would like to know how to call a report from a report viewer control in a web application. The reporting services is forms authenticated. I've done this authentication using the sample solution given by microsoft (adding custom security extension). Now am able to view the reports from Report manager and Report server URL. But i dont know how to authenticate the user from my web application and pass the credentials to the report server to view the report in report viewer control. Can somebody help in this? its bit urgent. Thanks in advance
Can anyone tell me, if reference to an external assembly in custom security extension for authentication of user accessing Report Builder works ?
We tried to do this, but it always gives an error "That assembly does not allow partially trusted callers". When we give fulltrust to the assembly in Report ServerBin folder using .NET Framework 2.0 Configuration, Report Builder cannot find the assembly (gives FileNotFoundException). Even tried re-compiling custom security dll.
Observation: we moved the source code of the 1st function call from this assembly to custom security dll and re-compiled the dll. Now the error moves to the point at 2nd function call.
Is it ture that, without changing settings or properties of any clickonce application, you cannot reference to external assembly ?
When I run my report from within visual studio 2005 it generates just fine.
However, when I run the report from the reporting services local web site I get the following error. What do I need to do to fix this (temporarily turning off .net security uusing caspol didn't work).
An error occurred while executing OnInit: Request for the permission of type 'System.Security.Permissions.EnvironmentPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed
we have no problem login into report manager or report server.
when we try to use the report viewer control in our web apps to access reports, we get the following error message.
Error : System.Net.WebException was unhandled by user code Message="The request failed with the error message: -- <html><head><title>Object moved</title></head><body> <h2>Object moved to <a href="/ReportServer/logon.aspx?ReturnUrl=%2fReportServer%2fReportExecution2005.asmx">here</a>.</h2> </body></html>
the code in our web apps. looks like :
Dim sReportServerURL1 As String = "http://servername/ReportServer" ' Report server location
'Dim sReportServerpath As String '= "/Reports_directory/report_name" ' Path of report on the server
ReportViewer1.EnableViewState = True
ReportViewer1.ServerReport.ReportServerCredentials = New ReportViewerCredentials("username", "password", "")
Public Function GetFormsCredentials(ByRef authCookie As System.Net.Cookie, ByRef userName As String, ByRef password As String, ByRef authority As String) As Boolean Implements Microsoft.Reporting.WebForms.IReportServerCredentials.GetFormsCredentials
userName = password = authority = Nothing
Dim cookie As HttpCookie = HttpContext.Current.Request.Cookies("sqlAuthCookie")
TRACKER
