Solved

401: Unauthorized then DCOM error when trying to browse SSRS on MyServer/Reports

Posted on 2007-03-24
15
816 Views
Last Modified: 2008-01-09
Hi, we are running W2K3 SBS and SQL Server 2005 Std.  We loaded SSRS and it appeared that it installed okay but when we try to browse the default page at http://MyServer/reports we get in the browser:

The request failed with HTTP status 401: Unauthorized.

and this in the Event Log:
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {BA126AD1-2166-11D1-B1D0-00805FC1270E} to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20). This security permission can be modified using the Component Services administrative tool.

I've read a bit and all workarounds suggest either:
1) Adding myself to the Admin group (already in it)
2) Making sure the Network Service has adequate permissions on two SSRS paths. (already has).

Please advise.  Thanks,. Keith
0
Comment
Question by:rowek
  • 10
  • 5
15 Comments
 
LVL 9

Expert Comment

by:sguinn100
ID: 18786185
Do a search on your registry for BA126AD1-2166-11D1-B1D0-00805FC1270E and see what application it is associated with. Most likely it will be the Network Connection Manager. If that is correct, go Start>Administrative Tools>Componant Services>Computers>My Computer>DCOM Config. Look for "netman", right click>Properties and then Security Tab. Click on Edit box in Launch and Actiivation. Add Network Service to the lst with the same permissions that the other objects have. Then apply/save that.
0
 

Author Comment

by:rowek
ID: 18786189
Will give it a try.  Thanks for answering.
0
 

Author Comment

by:rowek
ID: 18786213
You were 100% correct about the process...found netman no problem but I am still getting the 401 in my browser and this in the event log...I think its basically saying I am getting the same error but he is not telling me about it because it happenend so recently.  I changed it to 200 seconds and will retest to see if I get the same message.

Event Type:      Information
Event Source:      COM+
Event Category:      None
Event ID:      781
Date:            3/24/2007
Time:            4:34:08 PM
User:            N/A
Computer:      CSS-SVR-2
Description:
The COM+ sub system is suppressing duplicate event log entries for a duration of 86400 seconds.  The suppression timeout can be controlled by a REG_DWORD value named SuppressDuplicateDuration under the following registry key: HKLM\Software\Microsoft\COM3\Eventlog.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
0
 

Author Comment

by:rowek
ID: 18786252
"The request failed with HTTP status 401: Unauthorized"
0
 

Author Comment

by:rowek
ID: 18786275
Okay, here is the major hack: I went to the Reports and ReportServer virtual directories and allows ANONYMOUS access and it work.  I do not want this to be the soluiton.  What must I do to get Windows Integrated security to work? Does SSRS require ANONYMOUS access and then try to manage roles and users on its own?  I vaguely remember the FPSE needing the same rights at the root and then it kicked in.  I don't want to manage file & folder permissions for every user.

Many thanks!
0
 
LVL 9

Expert Comment

by:sguinn100
ID: 18786348
Report Server is a Net 2.0 product. Did you create a seperate AppPool for it? You cannot run it in the default AppPool.
0
 

Author Comment

by:rowek
ID: 18786361
Yes, it created it for me...named ReportServer.  I learned about trying to run 2.0 in a 1.1 pool a while back.  Pretty orange screen.  

Hey, if you can answer that question about ANONYMOUS I will award points because of your effort.  Does SSRS need ANONYMOUS on both Virtual Dirs to run?  If the answer is yes then I guess that is all we can do.
0
Backup Your Microsoft Windows Server®

Backup all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

 
LVL 9

Expert Comment

by:sguinn100
ID: 18786462
No, I have neither Report Server Service nor Report Server set for Anonymous access. You really need to go back an look at Start>Programs> MicroSoft SQL Server 2005>Configuration Tools>Reporting Server Configuration. Then look at Web Server Identity and see what is set in there for the AppPool.
0
 

Author Comment

by:rowek
ID: 18788009
Will do.  Thanks so far.  We will figure it out.
0
 

Author Comment

by:rowek
ID: 18788015
ASP.NET service account: NT Authority\NetworkService
Report Server App Pool: ReportServer
Report Mgr App Pool: ReportServer
0
 
LVL 9

Expert Comment

by:sguinn100
ID: 18789980
Are you using an http:// or an https:// ? Check Report Server Configuration again and look at the Report Server Virtual Directory node and see if there is a checkmark in Require SSL.

When you look at the Configure Report Server screen are all the nodes on the left hand side marked with a green checkmark?
0
 

Author Comment

by:rowek
ID: 18792045
Yes to all questions except for Execution Account.  I did not specify and execution account so it tells me that some functionality will be limited, but it should not blow and write severe errors to the Event Log.

I think that the install did not go 100% correct even though it told me "Success".  What if I uninstall just SSRS and reinstall it.  I will check the event log & install log very closely for errors.  I did not before since I got a "Success".

I do continue to get these errors and I think the reinstall may be our best path forward:  
Event Type:      Error
Event Source:      .NET Runtime Optimization Service
Event Category:      None
Event ID:      1101
Date:            3/25/2007
Time:            10:06:38 AM
User:            N/A
Computer:      CSS-SVR-2
Description:
.NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Failed to compile: Microsoft.ReportingServices.QueryDesigners, Version=9.0.242.0, Culture=neutral, PublicKeyToken=89845dcd8080cc91 . Error code = 0x80070002

Thanks for hanging in there with me.

Keith

0
 

Author Comment

by:rowek
ID: 18818476
sguin100, I have the solution courtesy of MS Engineer Wei Lu.  I have applied his first suggestion and it worked like a champ. Will look into the DCOM issue later, my big issue is SOLVED.  PS,  I will award you points since you hung in there with me, hope that is acceptable.
Keith


From your description, my understand of this issue is that you could not
access the Report Manager and you get the 401: Unauthorized. error.

In the Event log, you also get the following error message:
<deleted for brevity>

Based on my research, the HTTP 401 Unauthorized error is not related with
the DCOM error in the event log.

To resolve the HTTP 401 Unauthorized error, please follow this article

You receive error 401.1 when you browse a Web site that uses Integrated
Authentication and is hosted on IIS 5.1 or IIS 6
http://support.microsoft.com/?id=896861

Please let me know if this could resolve the Unauthorized error.

As for the DCOM error message, it has been reported as a bug of the
product. Actually what it did is just as we manually run NGEN
Microsoft.ReportingServices.QueryDesigners.dll. The NGEN will raise the
same error.

Fortunately this error does not affect the end users. Although the assembly
cannot be ngen'ed, there is no failure visible to the end user.

Anyway, due to numerous complains from users, this bug has been
re-activated and the developers are currently having a second look at it
and check whether they can fix this, which may possibly improve the
performance. However there's no fix yet.
0
 

Author Comment

by:rowek
ID: 18818506
Please do a simple post from your account that points to the solution above this message.  I want to make sure I don't put "Accept" on your earlier stuff as to mislead the next guy faced with this issue.  I will award points to your next post.  You can even copy and paste from my post above....or you can just paste this in.  

You receive error 401.1 when you browse a Web site that uses Integrated
Authentication and is hosted on IIS 5.1 or IIS 6
http://support.microsoft.com/?id=896861
0
 
LVL 9

Accepted Solution

by:
sguinn100 earned 500 total points
ID: 18818609
Thanx for the help, but you really don't need to give me points of I didn't solve your issue. I read the link you gave me and I can see how I was off the mark. I am glad to hear that ~

You receive error 401.1 when you browse a Web site that uses Integrated
Authentication and is hosted on IIS 5.1 or IIS 6
http://support.microsoft.com/?id=896861

Fixed your problem and that you are up and running.
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

by Mark Wills Attending one of Rob Farley's seminars the other day, I heard the phrase "The Accidental DBA" and fell in love with it. It got me thinking about the plight of the newcomer to SQL Server...  So if you are the accidental DBA, or, simp…
If you are a user of the discontinued Microsoft Office Accounting 2008 (MSOA) and have to move to a new computer running Windows 8, you will be unhappy to discover that it won't install.  In particular, Microsoft SQL Server 2005 Express Edition (SSE…
Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now