Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

Troubleshooting
Research
Professional Opinions
Ask a Question
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE

troubleshooting Question

Report Server trying Anonymous Logon despite integrated security after upgrade 2005->2008 (double hop issue?)

Avatar of PowerToTheUsers
PowerToTheUsersFlag for Belgium asked on
Microsoft SQL Server 2005Microsoft SQL Server 2008SSRS
3 Comments1 Solution2160 ViewsLast Modified:
In our situation, we have multiple servers involved in this problem, let's call them W, S and R:
W = Server with Sql Server reporting services. This server has been upgraded from SQL Server 2005 (unknown SP) to SQL Server 2008 + SP1. Only the reporting services-part is installed, no local database.
S = SQL Server where the content-database is stored (let's call the database "Information"). SQL Server 2005 SP2 (9.0.3233)
R = SQL Server where the ReportServer- and ReportServerTempDB-databases are stored. SQL Server 2005 SP1 (9.0.2047)

Before the upgrade of the SQL Server Reporting services on server "W", the reports worked fine. During the upgrade, no errors appeared, everything went smoothly. But now the reports don't work anymore. When browsing to a report on a client-PC, we get the error:

An error has occurred during report processing. (rsProcessingAborted)
Cannot create a connection to data source 'Information'. (rsErrorOpeningConnection)
For more information about this error navigate to the report server on the local server machine, or enable remote errors

Surfing to the reportserver (W) locally gives the detailed error:

An error has occurred during report processing. (rsProcessingAborted)
Cannot create a connection to data source 'Information'. (rsErrorOpeningConnection)
Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'.

Looking in the application-eventlog of the SQL-server (S) gives this error:

Event Type:      Failure Audit
Event Source:      MSSQLSERVER
Event Category:      (4)
Event ID:      18456
Date:            17/02/2010
Time:            16:45:28
User:            NT AUTHORITY\ANONYMOUS LOGON
Computer:      S
Description:
Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'. [CLIENT: 10.201.20.40]

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Where 10.201.20.40 is the IP of the reporting server, W.
In the eventlog of the databaseserver holding the ReportServer-database (R), there's nothing to see.

Server W has been marked (already when it was still a SQL2005-reporting server) as "Trust this computer for delegation to any service (Kerberos only) " in active directory.

I have already done some searching on this problem, and it's often referred to as the "double hop"-issue. Most suggested solutions are set correctly, but some solutions involve SPN's, and I'm not familiar with that... Can you guide me to a correct "spn-setup"? What do I need to check, what do I need to add by using setspn?

The only thing changed (which broke the reports) is the upgrade of the reporting services on Server "W".

Thanks in advance!
ASKER CERTIFIED SOLUTION
Avatar of PowerToTheUsers
PowerToTheUsersFlag of Belgium image

Our community of experts have been thoroughly vetted for their expertise and industry experience.

Commented:
This problem has been solved!
Unlock 1 Answer and 3 Comments.
See Answers