February 1, 2011 at 8:01 pm
I have SSRS 2008 installed on a SQL server. Users are attempting to get to the reports on this server via: http://<ServerName>/Reports_<InstanceName>. All users are prompted to enter a login/password.
How do you avoid this login prompt and have it use the domain account that the user is logged in with?
Wayne
Microsoft Certified Master: SQL Server 2008
Author - SQL Server T-SQL Recipes
February 2, 2011 at 6:31 am
Wayne, it depends on what is prompting for the credentials? Is it the dataset or IIS itself, or more precisely is it the credentials to your database or the page security in IIS?
If IIS itself, you need to allow the user login information to be passed by IE. It's one of the last options in the custom security sections of IE settigns "automatic logon with current username and password". If your SSRS server is on your local intranet it should already be set by default unless your security admins have cranked it down a bit. If not on your local intranet and/or if your security policy doesn't allow this, you could add the SSRS server to your trusted sites lis. By default that setting is set to enable for trusted sites as well.
-Luke.
February 2, 2011 at 10:13 am
Luke,
SSRS 2008 doesn't use IIS, so it's not that.
The login prompt comes up before even getting to the page (before selecting a report), so it's not a dataset.
I'll check that IE setting, as it sounds like a possibility. I've already added the server to the internal trusted sites list, but this didn't make a difference.
Wayne
Microsoft Certified Master: SQL Server 2008
Author - SQL Server T-SQL Recipes
February 2, 2011 at 10:48 am
WayneS (2/2/2011)
Luke,SSRS 2008 doesn't use IIS, so it's not that.
The login prompt comes up before even getting to the page (before selecting a report), so it's not a dataset.
I'll check that IE setting, as it sounds like a possibility. I've already added the server to the internal trusted sites list, but this didn't make a difference.
Yeah, by IIS I generalized a bit... I know that 2008 doesn't use it... I meant that it seemed to be a web security not a dataset/datasource security issue, sorry abotu the confusion.
From your expanded description it does seem that IE is not passing the user credentials as it should be, since you are prompted prior to even running a report. From what I understand FF and Chrome do not have this ability so it will only work with IE. From the security tab of the Internet Options in IE make certain which site the server is in either intranet or Trusted Sites and check for the setting as appropriate. They've changed the wording a bit in different version, but it should be the last option under User Authentication when you click on the Custom level button for the appropriate site. Again depending on the Site either "Automatic logon only in Intranet zone" or "Automatic logon with current user name and password" should do it for you. It sounds like it's currently set to the last option of "Prompt for user name and password" or it's passing anonymous credentials which the SSRS server is kicking back. If that is the case and depending on how you have your auditing setup, you may see that in the server's security log.
-Luke.
March 10, 2011 at 2:39 am
I am having the same issue with the web security using IE, is this change required on the client side or just on the server?
March 10, 2011 at 6:45 am
If it is the problem where the client is not automatically passing credentials and you want that to happen, the issue is on the client side. It can be set via a group policy or a number of other means. you need to know a few things, first you need to know what zone (Internet, Intranet, Trusted Sites, Restricted Sites) the SSRS server exists in, and then you need to make the appropriate change in the appropriate tab based on the zone in which the server exists.
-Luke.
Viewing 6 posts - 1 through 5 (of 5 total)
You must be logged in to reply to this topic. Login to reply