none
SSRS and SharePoint Integration Authentication Issue

    Pertanyaan

  • We recently turned on SSRS for our SharePoint 2010 Test Environment.  We are using an account that has rights to SharePoint as a site collection administrator, the feature is enabled on the site collection and site level, it has access to the SQL instance to pull the reports.  The report config file specifies NTLM authentication.  It acts as if it will configure and goes through the SP Central Administration steps successfully.  When I try to deploy a report, I receive the following error:

    Exception encountered for SOAP method GetSystemProperties: System.Net.WebException: The request failed with HTTP status 401: Unauthorized.     at Microsoft.SqlServer.ReportingServices2010.RSConnection2010.SetConnectionProtocol()     at Microsoft.SqlServer.ReportingServices2010.RSConnection2010.SoapMethodWrapper`1.ExecuteMethod(Boolean setConnectionProtocol) 1afe9dfd-9846-4194-bddf-fcb0ded634be
    06/14/2012 15:37:43.03  w3wp.exe (0x1E78)                        0x1754 SQL Server Reporting Services  SOAP Client Proxy              0000 High     Exception encountered for SOAP method GetSystemProperties: System.Net.WebException: The request failed with HTTP status 401: Unauthorized.     at Microsoft.SqlServer.ReportingServices2010.RSConnection2010.SetCo

    If I turn on trusted accounts, it works, but then it argues when the report loads because our reports use windows integrated authentication.  We would prefer to have windows integrated authentication to control who can see reports by their login name.  Any ideas?  I feel like I have exhausted options.

    14 Juni 2012 19:59

Jawaban

  • We aren't using kerberos authentication and do not want to use Kerberos so this is not a solution for us.  I resolved this by using a trusted account and using a SQL account in the report data connection to reference the data, we then lock down the reports as needed.
    19 Juni 2012 14:42

Semua Balasan

  • Hi,

    If you need Windows Integrated authentication and you have your Data Sources in another server, maybe you are in the doble hop issue.

    If you have all your SharePoint, DAtabase and Data Source at same computer you could have access to your sources if your current user (witch access to sharepoint) can connect.

    Regards!



    José Quinto Zamora
    SharePoint and Search Specialist at SolidQ(http://www.solidq.com)
    MCITP and MCPD in SharePoint 2010
    http://blogs.solidq.com/sharepoint

    14 Juni 2012 23:17
  • How would you recommend fixing this double hop issue?  We definitely have our datasources on a different server.  The architecture is 2 WFE's (one hosting central admin), a report server that also has sharepoint installed and is attached to the farm, an index server, and a sqldev server hosting the content dbs. 
    15 Juni 2012 15:12
  • Hi,

    In order to solve double hop issue you should configure Kerberos authentication.

    You have this complete guide: http://www.microsoft.com/en-us/download/details.aspx?id=23176

    Regards!



    José Quinto Zamora
    SharePoint and Search Specialist at SolidQ(http://www.solidq.com)
    MCITP and MCPD in SharePoint 2010
    http://blogs.solidq.com/sharepoint

    19 Juni 2012 7:33
  • We aren't using kerberos authentication and do not want to use Kerberos so this is not a solution for us.  I resolved this by using a trusted account and using a SQL account in the report data connection to reference the data, we then lock down the reports as needed.
    19 Juni 2012 14:42
  • Ok, i didn't understand you.

    If you don't use Kerberos then you lose Windows Integrated authentication through external sources.

    If you don't use Kerberos you could also use SSS (Secure Storage Service) in order to configure one Managed Account to access to your external data sources.

    Regards!



    José Quinto Zamora
    SharePoint and Search Specialist at SolidQ(http://www.solidq.com)
    MCITP and MCPD in SharePoint 2010
    http://blogs.solidq.com/sharepoint

    19 Juni 2012 14:46