Accessing SQL Server Reporting Services 2008 from ASP .NET via URL String

  • I am using a URL string to access a Reporting Services 2008 report from an ASP .NET/VB 2005 Intranet Web Page. I have Built-in Admin. rights on the SQL Server and when using my IE browser I HAVE NO PROBLEM accessing the report. When a user with LESS privileges tries to access the report with their IE Browser they receive a LOGIN prompt. When a specific user tested, I was present and we were able to access the report typing in my WORKGROUP/DOMAIN username and password for the Login Prompt.

    I am a user/admin. on all of the Servers, which are in a WORKGROUP, but I also use this same username to access the DOMAIN which is on the same network. Coincidentally, all the Servers (Web & Db) are in a WORKGROUP on the same Network but are not part of the domain.

    We utilize one username (i.e NetUser to access the application and Db) and all users pass this same username for the majority of our Intranet Web pages/SQL Server and are not prompted for username and password.

    I have added the NetUser account to the SQL Server Db and SQL Server Reporting Services.

    I have also added the NetUser using the Reporting Services Console and granted BROWSER privileges. The user is still prompted for a password.

    The Intranet Web ASP .NET application accesses this Report Server from other ASP .NET pages without difficulty when running NON-Reporting Services SQL Server related reports. Also, the Network Services account was utilized when configuring the Reporting Services 2008. Does anyone have any suggestions or solutions to this LOGIN prompt problem! Preferably, NetUser will go directly to the Reporting Services report without prompt.

    THANK YOU IN ADVANCE,

    The Wall

    The Wall

  • In an intranet you have to go into IE tools option security and click on intranet Lan setting and exclude the SQL Server IP address. Tell all your users to do the same exclude the SQL Server IP address. If that does not work then you can add the SSRS url to your list of trusted sites.

    If your users are in Vista then you may also have to disable protected mode, I actually have protected mode disabled for internet browsing. Post again if you still need help.

    Kind regards,
    Gift Peddie

  • There are over 1200 Users. Is there another solution that requires changing only one setting somewhere?

    The Wall

  • Allowing anonymous user is the only other solution I know but you still have to define each user permissions to execute reports in Report Manager.

    Kind regards,
    Gift Peddie

  • NetUser is our only user because of the WORKGROUP set-up for our servers. We are not part of the domain, so the asp .net pages access using NetUser.

    I have also read where I can pass a username and password from the asp .net page.

    Thank you

    The Wall

  • I am not sure I understand the permissions you are explaining but it is not that simple because the link below shows IIS6 default folder permisisons. The other option is to go into the SSRS web.config and add all your users in the authorization section.

    http://support.microsoft.com/kb/812614

    Kind regards,
    Gift Peddie

  • Here is the post regarding the passing of the username and password:

    http://www.xtremevbtalk.com/archive/index.php/t-298559.html

    The Wall

  • That is a lot of code for a no code required task because that code is defining an authorization section which is what I told you to do.

    Netuser

    Kind regards,
    Gift Peddie

  • Thank you again. I will try the code below in the Web.Config:

    Netuser

    NetUser will be the only user hitting this report for now. I will work on this Monday and see how it goes.

    Enjoy the weekend,

    The Wall

    The Wall

  • SSRS require Windows authentication there is no work needed because what you are allowed to do is very limited authorization section uses ACL(access control list) that hack may introduce issues.

    Kind regards,
    Gift Peddie

  • Security is important, but our network is very secure. A hack would probably come from within and very few know the NetUser username, which is as you might guess not really the username. The user group is also not that sophisticated or so we think.

    I will look at more options as well, but getting these 1200 users to make browser changes would be next to impossible. They are scattered all across the US.

    Thanks again.

    The Wall

  • The Wall (9/12/2009)


    Security is important, but our network is very secure. A hack would probably come from within and very few know the NetUser username, which is as you might guess not really the username. The user group is also not that sophisticated or so we think.

    I will look at more options as well, but getting these 1200 users to make browser changes would be next to impossible. They are scattered all across the US.

    Thanks again.

    Let me explain that authorization section will resolve all your users because you are using SSRS which is Windows authentication dependent. If all your users are the same level of permission then create a group in your work group and add all the users to that group in Windows security and add that group in the web.config section of both SSRS and Asp.net it is that simple. There is no reason to alter all the users IE because I am using ACL(access control list) to do what that long code will do for you. SSRS uses a lot of resources running code not needed is not good practice.

    Kind regards,
    Gift Peddie

  • Our users will not even need to be placed in a group, because the servers are not on the Domain. All users access the Web Application using the fictitious "NetUser", so this user is the group and I will do exactly as you suggested. I appreciate your help and this is turning out to be less trouble than I thought it would be.

    Thanks Again,

    The Wall

  • I tried placing:

    in both the asp .net Web.config

    and the ReportsServer Web.config!

    I still get the windows login prompt for the server where Reports Server resides.

    NetUser is the anonymus user on the server, but still login info is not getting accross.

    ANY IDEAS??

    The Wall

  • in both the asp .net Web.config

    and the ReportsServer Web.config!

    I still get the windows login prompt for the server where Reports Server resides.

    NetUser is the anonymus user on the server, but still login info is not getting accross.

    ANY IDEAS??

    Check Configuration Manager and you will see that the account used is Asp.net to run SSRS when you are in IIS mode so you need to make sure that account runs with enough permissions. Then you have to make sure Netuser have enough permissions I have covered the rest of all possible solutions to this problem in the middle of thread below. That means adding the user into ReportServerDB and ReportServerTempDB and the datasource database.

    http://www.sqlservercentral.com/Forums/Topic719964-150-1.aspx

    Kind regards,
    Gift Peddie

Viewing 15 posts - 1 through 15 (of 20 total)

You must be logged in to reply to this topic. Login to reply