jw1741
asked on
SSRS 2005 Permissions Problem
I am running SQL Server 2005 Developer Edition on a Windows 7 Laptop.
I am unable to deploy an RS solution. It builds fine but when trying to deploy, I get the following error message: "Error The permissions granted to user 'SERVER\User' are insufficient for performing this operation."
If I try to go directly to the URL (http://localhost/Reports/Pages/Folder.aspx), I get this error: "The request failed with HTTP status 401: Unauthorized"
RS Configuration Settings are as follows:
Windows Service Identity: LocalSystem
Web Service Identity: NT Authority\LocalService
Database Setup: Credentials Type: Service Credentials
In IIS, for both the Reports and ReportServer, the followingAuthentication methods are enabled:
Anonymous
ASP.NET Impersonation
Windowa Authentication
I have spent many hours on this and I am not getting anywhere. Help.
I am unable to deploy an RS solution. It builds fine but when trying to deploy, I get the following error message: "Error The permissions granted to user 'SERVER\User' are insufficient for performing this operation."
If I try to go directly to the URL (http://localhost/Reports/Pages/Folder.aspx), I get this error: "The request failed with HTTP status 401: Unauthorized"
RS Configuration Settings are as follows:
Windows Service Identity: LocalSystem
Web Service Identity: NT Authority\LocalService
Database Setup: Credentials Type: Service Credentials
In IIS, for both the Reports and ReportServer, the followingAuthentication methods are enabled:
Anonymous
ASP.NET Impersonation
Windowa Authentication
I have spent many hours on this and I am not getting anywhere. Help.
Hi,
By the way, from my previous post, the report manager should be http://localhost/Reports/Pages/Folder.aspx
For "The request failed with HTTP status 401: Unauthorized" error by the way, untick Anonymous Access in the Authentication Methods and you should have this in web.config -> <identity impersonate = "true" />
By the way, from my previous post, the report manager should be http://localhost/Reports/Pages/Folder.aspx
For "The request failed with HTTP status 401: Unauthorized" error by the way, untick Anonymous Access in the Authentication Methods and you should have this in web.config -> <identity impersonate = "true" />
Oh, I didn't noticed that you allow Anonymous Access, just don't untick the checkbox for Anonymous Access. However, if you want to remove anonymous access and you use forms authentication you should untick that checkbox and have this in web.config.
<authorization>
<deny users="?"/>
</authorization>
I hope this helps.
<authorization>
<deny users="?"/>
</authorization>
I hope this helps.
ASKER
I tried the suggestions - now when I try to go to the Report Manager (http://localhost/Reports/Pages/Folder.aspx), I get the following error message:
HTTP Error 401.3 - Unauthorized
You do not have permission to view this directory or page because of the access control list (ACL) configuration or encryption settings for this resource on the Web server. Detailed Error Information
Module IsapiModule
Notification ExecuteRequestHandler
Handler PageHandlerFactory-ISAPI-2 .0
Error Code 0x80070005
Requested URL http://localhost:80/Reports/Pages/Folder.aspx
Physical Path c:\Program Files\Microsoft SQL Server\MSSQL.3\Reporting Services\ReportManager\Pag es\Folder. aspx
Logon Method Negotiate
Logon User Server\Guest
Here is the web.config file:
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<configSections>
<section name="MicrosoftWebControls " type="System.Configuration .NameValue SectionHan dler, System, Version=2.0.3600.0, Culture=neutral, PublicKeyToken=b77a5c56193 4e089, processorArchitecture=MSIL " />
<section name="RStrace" type="Microsoft.ReportingS ervices.Di agnostics. RSTraceSec tionHandle r,Microsof t.Reportin gServices. Diagnostic s" />
<section name="UIConfig" type="Microsoft.ReportingS ervices.UI .UIConfigS ectionHand ler,Report ingService sWebUserIn terface" />
</configSections>
<system.net>
<defaultProxy enabled="false" />
</system.net>
<system.web>
<pages validateRequest="false" />
<compilation defaultLanguage="c#" debug="false" />
<customErrors mode="Off" />
<authentication mode="Windows" />
<identity impersonate="true" />
<trace enabled="false" requestLimit="10" pageOutput="false" traceMode="SortByTime" localOnly="true" />
<sessionState mode="InProc" cookieless="false" timeout="20" />
<globalization requestEncoding="utf-8" responseEncoding="utf-8" />
<httpRuntime executionTimeout="9000" />
<securityPolicy>
<trustLevel name="RosettaMgr" policyFile="rsmgrpolicy.co nfig" />
</securityPolicy>
<trust level="RosettaMgr" originUrl="" />
<httpHandlers>
<add verb="*" path="Reserved.ReportViewe rWebContro l.axd" type="Microsoft.Reporting. WebForms.H ttpHandler , ReportingServicesWebUserIn terface, Version=9.0.242.0, Culture=neutral, PublicKeyToken=89845dcd808 0cc91" />
</httpHandlers>
</system.web>
<appSettings>
<add key="ReportViewerServerCon nection" value="Microsoft.Reporting Services.U I.WebContr olConnecti on, ReportingServicesWebUserIn terface, Version=9.0.242.0, Culture=neutral, PublicKeyToken=89845dcd808 0cc91" />
<add key="ReportViewerTemporary Storage" value="Microsoft.Reporting Services.U I.ReportVi ewerTempor aryStorage , ReportingServicesWebUserIn terface, Version=9.0.242.0, Culture=neutral, PublicKeyToken=89845dcd808 0cc91" />
</appSettings>
<RStrace>
<add name="FileName" value="ReportServerWebApp_ " />
<add name="Prefix" value="tid, time" />
<add name="TraceListeners" value="debugwindow, file" />
<add name="TraceFileMode" value="unique" />
<add name="Components" value="all" />
</RStrace>
<system.diagnostics>
<switches>
<!-- 1 = error, 2 = warning, 3 = info, 4 = verbose -->
<add name="DefaultTraceSwitch" value="3" />
</switches>
</system.diagnostics>
<runtime>
<assemblyBinding xmlns="urn:schemas-microso ft-com:asm .v1">
<dependentAssembly>
<assemblyIdentity name="Microsoft.ReportingS ervices.In terfaces" publicKeyToken="89845dcd80 80cc91" culture="neutral" />
<bindingRedirect oldVersion="8.0.242.0" newVersion="9.0.242.0" />
</dependentAssembly>
</assemblyBinding>
</runtime>
<system.webServer>
<security>
<authorization>
<remove users="TARAH\User" roles="" verbs="" />
</authorization>
</security>
</system.webServer>
<connectionStrings>
<add connectionString="Server=T ARAH;Datab ase=Report s;User ID=Tarah;Password=pandemon ium" name="RS" />
</connectionStrings>
</configuration>
This is relly frustrating, I hope that you can see the error.
Thanks.
HTTP Error 401.3 - Unauthorized
You do not have permission to view this directory or page because of the access control list (ACL) configuration or encryption settings for this resource on the Web server. Detailed Error Information
Module IsapiModule
Notification ExecuteRequestHandler
Handler PageHandlerFactory-ISAPI-2
Error Code 0x80070005
Requested URL http://localhost:80/Reports/Pages/Folder.aspx
Physical Path c:\Program Files\Microsoft SQL Server\MSSQL.3\Reporting Services\ReportManager\Pag
Logon Method Negotiate
Logon User Server\Guest
Here is the web.config file:
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<configSections>
<section name="MicrosoftWebControls
<section name="RStrace" type="Microsoft.ReportingS
<section name="UIConfig" type="Microsoft.ReportingS
</configSections>
<system.net>
<defaultProxy enabled="false" />
</system.net>
<system.web>
<pages validateRequest="false" />
<compilation defaultLanguage="c#" debug="false" />
<customErrors mode="Off" />
<authentication mode="Windows" />
<identity impersonate="true" />
<trace enabled="false" requestLimit="10" pageOutput="false" traceMode="SortByTime" localOnly="true" />
<sessionState mode="InProc" cookieless="false" timeout="20" />
<globalization requestEncoding="utf-8" responseEncoding="utf-8" />
<httpRuntime executionTimeout="9000" />
<securityPolicy>
<trustLevel name="RosettaMgr" policyFile="rsmgrpolicy.co
</securityPolicy>
<trust level="RosettaMgr" originUrl="" />
<httpHandlers>
<add verb="*" path="Reserved.ReportViewe
</httpHandlers>
</system.web>
<appSettings>
<add key="ReportViewerServerCon
<add key="ReportViewerTemporary
</appSettings>
<RStrace>
<add name="FileName" value="ReportServerWebApp_
<add name="Prefix" value="tid, time" />
<add name="TraceListeners" value="debugwindow, file" />
<add name="TraceFileMode" value="unique" />
<add name="Components" value="all" />
</RStrace>
<system.diagnostics>
<switches>
<!-- 1 = error, 2 = warning, 3 = info, 4 = verbose -->
<add name="DefaultTraceSwitch" value="3" />
</switches>
</system.diagnostics>
<runtime>
<assemblyBinding xmlns="urn:schemas-microso
<dependentAssembly>
<assemblyIdentity name="Microsoft.ReportingS
<bindingRedirect oldVersion="8.0.242.0" newVersion="9.0.242.0" />
</dependentAssembly>
</assemblyBinding>
</runtime>
<system.webServer>
<security>
<authorization>
<remove users="TARAH\User" roles="" verbs="" />
</authorization>
</security>
</system.webServer>
<connectionStrings>
<add connectionString="Server=T
</connectionStrings>
</configuration>
This is relly frustrating, I hope that you can see the error.
Thanks.
Hi,
The report manager you are accessing, that is installed in your local machine, right?
The report manager you are accessing, that is installed in your local machine, right?
ASKER
Yes it is on the local machine.
OK. Let us start with Report Manager first. Since this is in your local machine, can you set in IIS under your Reports virtual server the authentication control (Properties -> Directory Security -> Edit) to allow anonymous access and remove the tick in integrated windows authentication and try accessing the report manager after this. What I am trying to do here is make sure we can access your Report Manager. If later on this will work, I suggest using Integrated Windows Authentication and not allow anonymous access for a remote server.
ASKER
I get the header only and an error message: "Unable to connect to the remote server"
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Current Reporting Services Configuration
Windows Services Identity:
Windows Services Identity:
Server name: ReportServerWeb Service Identity:
Service Account: Local System
Built-in Account: LocalSystem
ASP.NET Service Account: NT Authority\SystemDatabase Connection:
Report Server: Classc .NET AppPool
Report Manager: ReportServer
ServerName: Server Name
Database Name: ReportServer
Credentials Type: Service Credebtials
For the "Error The permissions granted to user 'SERVER\User' are insufficient for performing this operation."
In report manager, create another Group or User SERVER\User for your report under Properties -> Security and Role as "Publisher".