July 20, 2004 at 10:29 am
Hello -
I have several reporting solutions connected to several different databases. I have been creating reports and testing using a single machine.
Last week, I finally rolled out a report for some internal people to view. No body could view the report without entering their username (including domain) and password - that didn't fly.
I found a thread that said to give the iusr_computername account anonymous access in IIS - reportserver and reports websites. Wow! this worked like a charm - all reports are now visable to everyone without having to type in their password.
Today, I tried to deploy another report.
I get the following error:
"c:\documents and settings\username\my documents\pbfamily-newweb\pbfamilyreports\rBirthdaysByMonth3.rdl The permissions granted to user 'computername\IUSR_computername' are insufficient for performing this operation."
I get the same error from any solution.
I know it's a permission issue, but I'm not sure what to change.
The iuser account was a guest. I tried making it a power user and then an admin, just to see if that would solve the problem and it didn't. I gave the iusr account modify rights to the c:\documents and settings\username\my documents folder and that didn't help.
I'm afraid the error is that I selected the "let IIS control this password" checkbox in IIS and I don't know how to revert this decision.
Any suggestions would be great!
Thanks, Megan
July 21, 2004 at 8:18 am
Report Manager is accessed by going to, if you used the defaults on the install, http://Server/Reports. At the top level on the properties tab you can set security. By default BuiltIn\Adminstrators is the only group set up. You can add Windows Groups or Individuals at each level from home all the way down to individual reports.
I hope this was helpful
Jack Corbett
Consultant - Straight Path Solutions
Check out these links on how to get faster and more accurate answers:
Forum Etiquette: How to post data/code on a forum to get the best help
Need an Answer? Actually, No ... You Need a Question
July 21, 2004 at 10:14 am
Thanks for the reply.
I tried setting up role-based security before I implemented anonymous access, but it doesn't seem to work. Using report manager, I gave the security group (I previously set up in active directory) "Browser" access to the reports I wanted them to have access to.
When they browse to the report manager, they have the option to click on the report, but after the report is clicked on, they get the following error:
"An error has occurred during report processing. (rsProcessingAborted) Get Online Help
Cannot create a connection to data source 'SDB'. (rsErrorOpeningConnection) Get Online Help Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'. "
I am logged on as the user in question and integrated security is implemented.
What am I missing?
Thanks in advance,
Megan
July 21, 2004 at 11:17 am
That could be 2 issues:
Jack Corbett
Consultant - Straight Path Solutions
Check out these links on how to get faster and more accurate answers:
Forum Etiquette: How to post data/code on a forum to get the best help
Need an Answer? Actually, No ... You Need a Question
July 21, 2004 at 12:58 pm
The users definitely have access to the database.
This is how I am granting access via the report manager:
Go to report manager
Click on a folder
Click on Properties
Click on Security
Click Add New Assignment
In the group or user name, I enter the domain\group - eg: pbtf\pbfamily access
I select the role - "Browser" and Apply
I have restarted the reporting server and IIS.
I still get the error above.
The only way I have gotten around this is to add the reportservercomputername\iusr_reportservercomputername account in as the anonymous access account into the reports and reportserver websites in IIS, but then I am unable to deploy new reports.
catch-22. Obviously, I have something messed up...
Thanks for your help.
August 24, 2005 at 10:13 am
mvee,
Did you ever come up with a solution. I'm having exactly the same problem. The only way I can deploy reports is to turn off anonymous access, deploy the report, then turn anonymous access again. If I don't turn anonymous access on, nobody can get to my reports.
Thanks,
Frank
August 25, 2005 at 10:01 am
Frank -
Honestly, I gave up for a while because nothing was making sense to me - and when I came back to it, everything started working as it should. I'm not sure if it was a Microsoft Auto-update, patch, upgrade, reboot, or what, but this is how I have things set and everything is a-ok.
IIS permissions:
Both Report and ReportServer websites are set to Integrated Windows Authentication. Anonymous access is NOT checked.
Report Server permissions:
http://servername/reports - properties - security
added [domain]\[ad group with access to database] as browsers for each group of reports
http://servername/reports/reportfolder - properties - security
added [domain]\[ad group with access to database] as browsers (for that group of reports)
Also - site settings - site-wide security
I added [domain]\domain users so everybody can at least see the folders to reports. I don't know if this is necessary or not, but it works. And if a user isn't in one of AD groups with access to the report groups, they can't run the reports.
ReportServer Service permissions:
ReportServer Service is set to logon using the system account
Sorry if this was even more confusing. Good luck.
-Megan
January 18, 2006 at 7:03 pm
Hi all,
i have also encountered some problems with deploying the reports. Ok here goes the scenario:
1. Created a local computer account in SQL server called "rptuser" with user right.
3. Problem : Public web users able to view the report without the login challenge pop up window.
January 19, 2006 at 3:30 pm
I'm not sure how to fix the problem.
You can try disabling anonymous access in IIS and adding the domain users or a active directory security group to the report folder on the server.
?
Good luck!
January 21, 2006 at 5:02 am
Not sure if it will help but I think the guys at ssw had some instructions/ideas for setting up a public and private (admin) sites for managing the RS server. I can't seem to hit their site tonight but from google the address could be:
http://www.ssw.com.au/ssw/Standards/Rules/RulesToBetterSQLReportingServices.aspx
Steve.
February 9, 2006 at 1:48 am
Hi Steve,
Thanks for the link. Have tried it out... it works. Thanks !
September 18, 2008 at 7:17 am
Hi,
I ur solution, i read this
------------------------------------
Report Server permissions:
http://servername/reports - properties - security
added [domain]\[ad group with access to database] as browsers for each group of reports
http://servername/reports/reportfolder - properties - security
added [domain]\[ad group with access to database] as browsers (for that group of reports)
Also - site settings - site-wide security
I added [domain]\domain users so everybody can at least see the folders to reports. I don't know if this is necessary or not, but it works. And if a user isn't in one of AD groups with access to the report groups, they can't run the reports.
ReportServer Service permissions:
ReportServer Service is set to logon using the system account
----------------------------
I am using Windows XP sp2, SQL server express 2005, Visual Studio 2005.
Can u help me with this solution step by step?
Like
how to do this?
Report Server permissions:
http://servername/reports - properties - security
i am fighting with this since 10 days.
Please help
September 19, 2008 at 6:01 am
U r a life saver.
This solution worked fantastic. i was about to give up the whole 10 days r&d work on reporting services.
Thanks a lot
Viewing 13 posts - 1 through 12 (of 12 total)
You must be logged in to reply to this topic. Login to reply