Reporting Services Authentication Ticket Across Domain

Apr 4, 2007

Hi,

I am new to Reporting Services. I want to use Reporting Services 2005 in our application.

My custom web application is on one machine and Reporting Services 2005 is on other machine. I am using Forms Authentication and using Single Sign On for login

If my custom web application and Reporting Services are on same machin I can get "Authentication Ticket" issued by ReportingServices2005 to the Report server.



But in this case I am not able to get "Authentication Ticket" on Report Server since it is on other machine.

I am using ReportViewer control in my web application to display Reports and using LogonUser method to get the Authentication Ticket.



How can I pass CookieAuthentication ticket from my Custom Web Application to Report Server?

Is there any work around to pass Authentication Cookie across Domain or any other solution for this?



Regards

Amit

View 3 Replies


ADVERTISEMENT

Reporting Services Authentication

Mar 6, 2007

For a connection string,we just use sqlconnection class in c# and try to do the open opration to test whether the connection string is valid or not.

but for reporting servics,when given a username and a password ,how can we do the authentication in c#program to see the account is valid or invalid...

Thank you very much for your help!

View 1 Replies View Related

Can I Install SQL Server Reporting Services On A Domain Controller

Feb 18, 2004

I've just got RS Enterprise Edition.
Installed it in a Test Server, ok.
Installed it in a DEV server, having some errors.


My DEV server is an "ALL in 1" server, which is also a Domian Controller.
While Test Server is not a DC.



The installation was succesful but when I open RS Manager thru the web, it gives me a ASP.NET error:


Access to the path "D:Program FilesMicrosoft SQL ServerMSSQLReporting ServicesReportManagerin" is denied.
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

Exception Details: System.UnauthorizedAccessException: Access to the path "D:Program FilesMicrosoft SQL ServerMSSQLReporting ServicesReportManagerin" is denied.

ASP.NET is not authorized to access the requested resource. Consider granting access rights to the resource to the ASP.NET request identity. ASP.NET has a base process identity (typically {MACHINE}ASPNET on IIS 5 or Network Service on IIS 6) that is used if the application is not impersonating. If the application is impersonating via <identity impersonate="true"/>, the identity will be the anonymous user (typically IUSR_MACHINENAME) or the authenticated request user.

To grant ASP.NET write access to a file, right-click the file in Explorer, choose "Properties" and select the Security tab. Click "Add" to add the appropriate user or group. Highlight the ASP.NET account, and check the boxes for the desired access.




I tried doing everything I can possible think of from the error message advice, including adding rights to ASPNET user from ISS to that particular folder...no success.




What I'm suspecting is I can't install RS in a DC box. But I can't find this info anyway in the web.

Anyone can point me to the correct direction or any advice?

View 2 Replies View Related

Passing Authentication From PHP To Reporting Services

Nov 1, 2005

Hello,My boss wants me to create a front end webpage for our ReportingServices reports that customers can log onto through a webform. I'm aPHP programmer, so I'd rather do this site and the authentication inPHP than learn .NET. The main problem I see is finding a way to passthe authentication to Reporting Services so that when a user runs areport, they are not asked to enter their password a second time.I don't even know where to start researching this problem... I've askedin PHP forums and they passed me to you guys. Any ideas?Andrew

View 3 Replies View Related

Authentication Reporting Services And Web Reportviewer

Feb 22, 2007

Hi,
I€™ve an application Web which uses to reportviewer to show information. I want that all the users of the application accede to reports by means of he himself user and password. This user is a local user of report€™s server. The problem is that when attempt to show report always appear the following error:
The request failed with HTTP status 401: Unauthorized.
The code that use is the following one:



ReportViewer1.ServerReport.ReportServerCredentials = new ReportViewerCredentials("Usuario", "pwd", "servidor");


using System;
using System.Data;
using System.Configuration;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using Microsoft.Reporting.WebForms;
using System.Net;
using System.Security.Principal;
using System.Runtime.InteropServices;

/// <summary>
/// Summary description for ReportViewerCredentials
/// </summary>
public class ReportViewerCredentials : IReportServerCredentials
{
[DllImport("advapi32.dll", SetLastError = true)]
public extern static bool LogonUser(String lpszUsername, String lpszDomain, String lpszPassword, int dwLogonType, int dwLogonProvider, ref IntPtr phToken);

[DllImport("kernel32.dll", CharSet = CharSet.Auto)]
public extern static bool CloseHandle(IntPtr handle);

[DllImport("advapi32.dll", CharSet = CharSet.Auto, SetLastError = true)]
public extern static bool DuplicateToken(IntPtr ExistingTokenHandle,
int SECURITY_IMPERSONATION_LEVEL, ref IntPtr DuplicateTokenHandle);

public ReportViewerCredentials()
{
}

public ReportViewerCredentials(string username)
{
this.Username = username;
}


public ReportViewerCredentials(string username, string password)
{
this.Username = username;
this.Password = password;
}


public ReportViewerCredentials(string username, string password, string domain)
{
this.Username = username;
this.Password = password;
this.Domain = domain;
}


public string Username
{
get
{
return this.username;
}
set
{
string username = value;
if (username.Contains("\"))
{
this.domain = username.Substring(0, username.IndexOf("\"));
this.username = username.Substring(username.IndexOf("\") + 1);
}
else
{
this.username = username;
}
}
}
private string username;



public string Password
{
get
{
return this.password;
}
set
{
this.password = value;
}
}
private string password;


public string Domain
{
get
{
return this.domain;
}
set
{
this.domain = value;
}
}
private string domain;




#region IReportServerCredentials Members

public bool GetBasicCredentials(out string basicUser, out string basicPassword, out string basicDomain)
{
basicUser = username;
basicPassword = password;
basicDomain = domain;
return username != null && password != null && domain != null;
}

public bool GetFormsCredentials(out string formsUser, out string formsPassword, out string formsAuthority)
{
formsUser = username;
formsPassword = password;
formsAuthority = domain;
return username != null && password != null && domain != null;

}

public bool GetFormsCredentials(out Cookie authCookie,out string user, out string password, out string authority)
{
authCookie = null;
user = password = authority = null;
return false; // Not implemented
}


public WindowsIdentity ImpersonationUser
{
get
{

string[] args = new string[3] { this.Domain.ToString(), this.Username.ToString(), this.Password.ToString() };
IntPtr tokenHandle = new IntPtr(0);
IntPtr dupeTokenHandle = new IntPtr(0);

//const int LOGON32_PROVIDER_DEFAULT = 0;
////This parameter causes LogonUser to create a primary token.
//const int LOGON32_LOGON_INTERACTIVE = 2;

const int LOGON32_PROVIDER_DEFAULT = 3;
//This parameter causes LogonUser to create a primary token.
const int LOGON32_LOGON_INTERACTIVE = 9;
const int SecurityImpersonation = 2;


tokenHandle = IntPtr.Zero;
dupeTokenHandle = IntPtr.Zero;
try
{
// Call LogonUser to obtain an handle to an access token.
bool returnValue = LogonUser(args[1], args[0], args[2],
LOGON32_LOGON_INTERACTIVE, LOGON32_PROVIDER_DEFAULT,
ref tokenHandle);

if (false == returnValue)
{
Console.WriteLine("LogonUser failed with error code : {0}",Marshal.GetLastWin32Error());
return null;
}

// Check the identity.
System.Diagnostics.Trace.WriteLine("Before impersonation: "
+ WindowsIdentity.GetCurrent().Name);



bool retVal = DuplicateToken(tokenHandle, SecurityImpersonation, ref dupeTokenHandle);
if (false == retVal)
{
CloseHandle(tokenHandle);
Console.WriteLine("Exception in token duplication.");
return null;
}


// The token that is passed to the following constructor must
// be a primary token to impersonate.
WindowsIdentity newId = new WindowsIdentity(dupeTokenHandle);
WindowsImpersonationContext impersonatedUser = newId.Impersonate();


// Free the tokens.
if (tokenHandle != IntPtr.Zero)
CloseHandle(tokenHandle);
if (dupeTokenHandle != IntPtr.Zero)
CloseHandle(dupeTokenHandle);

// Check the identity.
System.Diagnostics.Trace.WriteLine("After impersonation: "
+ WindowsIdentity.GetCurrent().Name);

return newId;

}
catch (Exception ex)
{
Console.WriteLine("Exception occurred. " + ex.Message);
}

return null;
}
}


public ICredentials NetworkCredentials
{
get
{
return null; // Not using NetworkCredentials to authenticate.
}
}


#endregion


}

View 1 Replies View Related

Reporting Services Authentication Question

Mar 30, 2007

Hi,



I've changed from Visual Studio 2003 to Visula Studio 2005 by using now the MS SQL 2005 Express Advanced Edition.

As I wanted to deploy another report suddenly it asked me for an authetication for the ReportServer ?

Well, no problem, I thought and looked into the authentications in IIS, but no one of those is working.

Where the heck do I have to look ?



Thx for reply.



Andreas



P.S. Using on backend site RS Enterprise Edition SP1 and changed for developing reports from VS 2003 to VS 2005 with reporting services.

View 2 Replies View Related

Reporting Services :: Server Not Fully Functional After Migrating To New Domain

Jun 19, 2015

I had to migrate my report server (2008R2) to a new domain. I built new server and restored the old ReportServer and ReportServerTempDB into new server and also restored the certificate from old server. The Report Server is running but I don't have full access to all server futures anymore, looks like it's AD authentication messed up. My new account is Admin on new server but I can't see all options, like New Data Source, or wehn going on report level to manage to see all option such as Parameters, Subscriptions, Data Source.

View 2 Replies View Related

Reporting Services :: SSRS 2012 Report For Non Domain Users

Nov 6, 2015

I created a SSRS Reports in SQL Server 2012 and deployed in server, I want this report to be accessed by one particular User created in that hosted server and any time if user hits the Report URL it asked for login Prompt.Suppose if I create a Windows User "ReportUser" in report server , I want when user hits the URL he should be able to access the report by providing the 'ReportUser" credentials.

View 7 Replies View Related

Reporting Services :: Domain Account Used For SSRS Service Keeps Getting Locked Out

Oct 15, 2015

Sometimes I have to unlock the account 3 or 4 times a day. This is getting annoying. Why would my service account keep getting locked out?

View 3 Replies View Related

Problem Using Reporting Services Forms Authentication With SSL

Jan 23, 2007

I am using Reporting services 2005 and have enabled forms authentication using the example found in:
'C:Program FilesMicrosoft SQL Server90SamplesReporting ServicesExtension SamplesFormsAuthentication Sample'
This works correctly without SSL, but when I enable SSL I get an error when logging in. The symptoms are as follows. I can login to the reporting server (in my case <server>/ReportServer2) directory, but when I login to the report manager (in my case at <server>/Reports2) I get the following error:
'The underlying connection was closed: An unexpected error occurred on a send.'
Can anyone suggest why I might be getting this error?

Thank you,
Graham

View 1 Replies View Related

Reporting Services :: Report Subscriptions Not Working With A Particular Domain Service Account?

Aug 13, 2015

I have an instance of SSRS that will not run my report subscriptions if it is using a dedicated domain account I made for the express purpose of using it to run this service.

If I have SSRS use my personal domain account as the service account, my subscriptions run correctly. If I have SSRS use this other domain account, the subscriptions do not run.

What else do I have to configure to make this run correctly not on my personal account?

Error message below.

"ERROR: Throwing Microsoft.ReportingServices.Diagnostics.Utilities.ServerConfigurationErrorException: AuthzInitializeContextFromSid: Win32 error: 5; possible reason - service account doesn't have rights to check domain user SIDs., Microsoft.ReportingServices.Diagnostics.Utilities.ServerConfigurationErrorException: The report server has encountered a configuration error. ;"

View 2 Replies View Related

SQL Reporting Services With Cross Forest Authentication Issues

May 13, 2008


I setup CRM 4.0 in one domain with a domain service account. SQL Reporting is located on the same machine using the same service account. SQL is on a different machine. These are in the same single domain forest which has a two way trust relation with another domain of a separate single domain forest. Both domains are W2k3 Native Mode.

The CRM application allows access to users in both domains. The reports are generated with accounts in the first domain where CRM and SQL Reports is located but not for users in the other domain. The CRM's report viewer window displays "The report cannot be displayed."

The following are events that are related to the error:
On CRM server:
Event Type: Warning
Event Source: ASP.NET 2.0.50727.0
Event Category: Web Event
Event ID: 1309
Date: 5/13/2008
Time: 6:55:19 AM
User: N/A
Computer: CRMSERVER
Description:
Event code: 3005
Event message: An unhandled exception has occurred.
Event time: 5/13/2008 6:55:19 AM
Event time (UTC): 5/13/2008 1:55:19 PM
Event ID: cc4c29c8f4be4e82ac0eee1234a15dc6
Event sequence: 77
Event occurrence: 1
Event detail code: 0

Application information:
Application domain: /LM/W3SVC/2/ROOT-1-128551603464644692
Trust level: Full
Application Virtual Path: /
Application Path: C:Program FilesMicrosoft Dynamics CRMCRMWeb
Machine name: CRMSERVER

Process information:
Process ID: 3340
Process name: w3wp.exe
Account name: CRM Service Account

Exception information:
Exception type: CrmReportingException
Exception message: An error has occurred during report processing. (rsProcessingAborted)

Request information:
Request URL: http://CRMServer:5555/OrganizationDev/CRMReports/rsviewer/reportviewer.aspx
Request path: /OrganizationDev/CRMReports/rsviewer/reportviewer.aspx
User host address: 172.x.y.z
User: OTHERDOMAIN estuser
Is authenticated: True
Authentication Type: Negotiate
Thread account name: CRM Service Account

Thread information:
Thread ID: 1
Thread account name: CRM Service Account
Is impersonating: False
Stack trace: at Microsoft.Crm.Web.Reporting.SrsReportViewer.ConfigurePage()
at Microsoft.Crm.Application.Controls.AppUIPage.OnPreRender(EventArgs e)
at System.Web.UI.Control.PreRenderRecursiveInternal()
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)


Custom event details:

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.



Event Type: Error
Event Source: MSCRMReporting
Event Category: None
Event ID: 19969
Date: 5/13/2008
Time: 6:55:19 AM
User: N/A
Computer: CRMSERVER
Description:
Web service request SetParameters to Report Server http://CRMServer/reportserver failed with SoapException. Error: An error has occurred during report processing. (rsProcessingAborted)

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.




On SQL Server:
Event Type: Failure Audit
Event Source: MSSQLSERVER
Event Category: (4)
Event ID: 18456
Date: 5/13/2008
Time: 6:55:18 AM
User: NT AUTHORITYANONYMOUS LOGON
Computer: SQLServer
Description:
Login failed for user 'NT AUTHORITYANONYMOUS LOGON'. [CLIENT: 172.a.b.c] This is the IP address for the CRM server.

The take away from the events is either the SQL Reporting or CRM is attempting to access the SQL service with the Anonymous account. I expect it's SQL reporting because the CRM application is not having problems letting in the other domain users. The problem occurs only on reports.

I tried the following:
1. Applied the steps in the CRM Planning Guide for "Taks for a native mode domain with users in a mixed-mode domain." This adds the other domain users to a domain local group. Then assigns Browser access to the SQL reports and SQL database access to the group.
2. Set the CRM server to be trusted for delegation (kerberos only)
3. Created SPNs for http/crmserver domaincrmservice and http/crmserver:5555 domaincrmservice and http/crmserver.domain.local domaincrmservice and http/crmserver.domain.local:5555 domaincrmservice

Any suggestion?

View 6 Replies View Related

SQL Server Admin 2014 :: DNS Name Not Match Active Directory Domain Name For Reporting Services

Feb 11, 2015

I am running into a weird issue with a new SQL Reporting Services 2014 server I built. I installed SQL Reporting 2014 on Windows Server 2012 R2 and configured Kerberos, but the site is extremely slow. After some reconfiguration and log captures I have determined the issue has to do with the Kerberos setup, however I am running a similar configuration with SQL Reporting Services 2008 on Windows Server 2008 R2 and do not run into the same errors.

The error I see while using Wireshark is KRB Error: KRB5KDC_ERR_BADOPTION NT Status: STATUS_NO_MATCH. When I drill down the into the error I can see the kerberos string is testprjmnmtreports14.company.com, which is the URL we are using to access the site. I made sure to add that name as an SPN for the service account that is running SQL Reporting Services, however I still receive the error.

Then I tried configuring the site to run without a hostheader, so I accessed the site with the server name, ECTSTSQLRS5, and the site works perfectly fine, no errors are reported either. So it seems I have isolated the issue down to Kerberos but I am not sure how to resolve it. Here is some more information about my environment:

DNS/URL used: testprjmnmtreports14.company.com
Server Name (FQDN): ECTSTSQLRS5.company.int
AD Domain Name: company.int
Server Version: Windows Server 2012 R2
AD Functional Level: 2008 R2

As you can see I am trying to use a .com address but my AD domain is .int which I think is the issue, but I do not have the same problem on my other server that is running Windows Server 2008 R2. What do I need to do to allow my new site on 2012 R2 to work with this DNS Alias?

View 0 Replies View Related

Reporting Services :: Web Service As Data Source With Basic Authentication

Aug 2, 2011

Is it possible to configure a datasource using data from a web service (java) requiring basic http authentication?

View 4 Replies View Related

Reporting Services Custom Authentication And Web Reportviewer - Familiar Question

Feb 20, 2007

This is a subject that has been brought up before but I have not seen a definitive answer/solution.
We have implemented a custom authentication extension (forms authentication) for reporting services and it has been working just fine under "normal" conditions; "normal" being users logging in, viewing reports, and then moving on.
Recently some reports were created by our report group and they contain Dundas gauge controls for "dashboard" style reports. These reports are meant to be up all day and they post back every few seconds because the data they present is mission critical.
This of course exposed the inability of the reportviewer control to stay in the context of Report Manager when it comes to the cookie exchange and authentication thus resulting in the following error:
<html><head><title>Object moved</title></head><body>
<h2>Object
moved to <a
href="/ReportServer/logon.aspx?ReturnUrl=%2freportserver%2fReportExecution2005.asmx">here</a>.</h2>
</body></html>

I created a quick ASP.NET web application and added the reportviewer to it, implemented IReportServerCredentials and the report came up as expected but behaved the same way as it did in Report Manager. Same with a Windows Forms application.

Increasing the cookie timeout in the forms authentication tag is an option, but not an attractive one. Extending the reportviewer control is also an option, but I don't know if that is a good candidate right now because I don't see anything extensible yet.

Is this just the nature of RS with custom authentication or is there a viable solution out there right now?

Any and all answers are much appreciated and I thank you in advance.

View 20 Replies View Related

(Urgent)Login Error While Integrating Reporting Services With ASP.NET Using Forms Authentication

Apr 17, 2008



Hi all,
I am using forms authetication to log in to reporting services. I am using logonuser method of reporting services web service. I am getting the following error when i try to log in

System.Web.Services.Protocols.SoapException: Server was unable to process request. --->
System.Exception: An error occurred while attempting to verify the user.Login failed for user 'SON-1499IUSR_SON-1499'.
at Microsoft.Samples.ReportingServices.CustomSecurity.AuthenticationUtilities.VerifyPassword(String suppliedUserName, String suppliedPassword)
at Microsoft.Samples.ReportingServices.CustomSecurity.AuthenticationExtension.LogonUser(String userName, String password, String authority)
at Microsoft.ReportingServices.WebServer.RSCustomAuthentication.LogonUser(String userName, String password, String authority)
at Microsoft.ReportingServices.WebServer.ReportingService2005Impl.LogonUser(String userName, String password, String authority)
at Microsoft.ReportingServices.WebServer.ReportingService2005.LogonUser(String userName, String password, String authority) --- End of inner exception stack trace ---

I have LocalMachine/ASPNET web service identity set in Reporting Services Configuration on Windows XP .

Thanks in advance.
Anupama

View 6 Replies View Related

Steps To Follow SQL Server 2005 Reporting Services Forms Authentication

Oct 12, 2007

I need to know the steps on how to configure the SSRS Forms Authentication and its IIS Configuration. What specific Config Files should be modified?

i am using IIS 6.0, Windows Server 2003, SQL Server 2005.

Please help....

View 1 Replies View Related

Reporting Services :: SSRS 2008 - Report Builder Download To Domain Level Clients Not Working

Feb 5, 2010

I have created a new SSRS Server and done all of the basic security setup for the site but I am having trouble with client machine access...At first I had an issue with being able to access report manager from any client and ended up having to shut off windows authentication on the client IE settings to get it to work.  Now I am trying to run Report Builder from a client machine and it will not download. The client machine is on the same domain and my user id is set as an administrator within SSRS and as a local admin on the 2008 server. 

I had the thought that without windows auth in the browser maybe it can't permit me access to the application but if I turn it on I can't get to it to download it.  I have set Full Control rights to the folder as well. Most of the info out there is for 2005 and that uses IIS to host the pages where as 2008 does not. Here is the details of the error:

PLATFORM VERSION INFO Windows    : 6.1.7600.0 (Win32NT) Common Language Runtime  : 2.0.50727.4927 System.Deployment.dll   : 2.0.50727.4927 (NetFXspW7.050727-4900) mscorwks.dll    : 2.0.50727.4927 (NetFXspW7.050727-4900) dfdll.dll    : 2.0.50727.4927 (NetFXspW7.050727-4900) dfshim.dll    : 2.0.50727.4927 (NetFXspW7.050727-4900)

[URL] ....

View 2 Replies View Related

Reporting Services 2005 In SharePoint Integrated Mode With Forms Based Authentication

Feb 6, 2008

Well, I have SQL Server 2005 SP2 Reporting Services installed and configured in sharepoint integrated mode, so I am deploying reports in sharepoint libraries. Also I configured sharepoint to use forms authentication with builtin AspNetSqlMembership provider, but after this action I couldnot open reports through sharepoint library, instead of this, error was displayed mentioned below. I searched and found hotfix Cumulative Update 3 build 3186 for this issue, request it from microsoft support and applied it, but nothing has changed!

Error I have been experiencing is following:

An unexpected error occurred while connecting to the report server.
Verify that the report server is available and configured for
SharePoint integrated mode. --> The request failed with the error
message:
--
<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="/_layouts/login.aspx?ReturnUrl=
%2f_vti_bin
%2fReportServer%2fReportService2006.asmx">here</a>.</h2>
</body></html>

I continued to dig and find out that this hotfix should update Microsoft.ReportingServices.SharePoint.UI.WebParts.dll from version 9.0.3042.0 to new version 9.0.3180.0, but when I checked file version after applying hotfix, it remained the same as was before i.e. 9.0.3042.0. Apparently this cumulative update does not fix this issue.
anyone has any idea how to solve it? Thanks in advance.

sorry for my poor english :-)

View 2 Replies View Related

Using Forms Authentication With The Report Viewer Control And SQL Server Reporting Services 2005

Jan 12, 2007

here is my error

System.Web.Services.Protocols.SoapException: System.Web.Services.Protocols.SoapException: Logon failed. ---> Microsoft.ReportingServices.Diagnostics.Utilities.LogonFailedException: Logon failed. at Microsoft.ReportingServices.WebServer.RSCustomAuthentication.LogonUser(String userName, String password, String authority) at Microsoft.ReportingServices.WebServer.ReportingService.LogonUser(String userName, String password, String authority) --- End of inner exception stack trace --- at .................

Please help me

View 1 Replies View Related

How Do I Configure SQL Server 2005 Reporting Services To Deliver Subscription E-mails To Addresses External To My Windows Domain

Jun 10, 2007

Can anyone help me with a problem I have with SSRS 2005? How do I configure SQL Server 2005 Reporting Services to deliver subscription e-mails to addresses external to my windows domain?

I've been having trouble configuring the Report Server e-mail delivery component to send subscription e-mails to addresses outside the domain on which the report server is hosted.

For e.g. since my local windows domain is named "smartsystems.com", I have found that the Report Manager does not have any problems sending subscription mails to "eawagu@smartsystems.com" but throws up an error whenever I include "eawagu@yahoo.com" in the recipients' list.

Any insights?

View 1 Replies View Related

Using Windows Authentication Over Different Domain

Jul 16, 2007

Hi,

I have a client running in a Domain A and a SQL server running in Domain B using Windows security. We don't want to put SQL Server in the mixed authentication mode.



I created a local group on de SQL server. Gave the group correct rights.

Added users from Domain A to that group. Although he prompted me for username password from Domain A it did work.



There is currently no trust between those domains. What kind of a trust should it be ? I believe that a one way trust where B trusts A should be enough.



Any suggestions.



CE

View 1 Replies View Related

Windows Authentication - Different Domain

Jan 29, 2007

Hi:

I am trying to figure out if there is a way to connect via SQL Server Management Studio to a server sitting on a separate domain. So here is the situation. there is Server B which sits in a domain called DomainB. If I am in DomainA, I could typically remote into that server utilizing an IP address in DomainB, and even transfer files to that server. But how do I connect via SQL Server Management Studio(basically login as a different domain user) to Server B in DomainB from DomainA. Basically when I choose Windows Authentication from the dropdown list in SQL Server Management Studio, it grays out the username field, which is where I could type something like this domainBusernameondomainB, similar to how you would connect to a share on that server. Please let me know if there is a possibly solution to this. Also, our customer doesnot allow SQL Server Auth/Logins, so that is not an option. Thanks.

View 24 Replies View Related

Reporting Services :: Domain User - Unable To Run Report In SSRS Report Manager?

Oct 9, 2015

I have done the following and a domain user would not access report created a login to the SQL server to the user (this SQL Server is where data source DB is)went to site setting in Report Manager and made this use a system userright clicked on report folder and made this user in the browser roleeven checked that in the report in question, the user is already in the browser role Still the user would not access the report! "User .......... does not have required permission" is the error message I am getting. 

View 6 Replies View Related

Reporting Services :: Adding (new) Child Domain Users To SSRS As System Users?

Jul 28, 2015

We have an existing SSRS server, and have just created a new child domain. We'll be migrating users from the parent to the child, and want to add the users of that new domain with access to SSRS. In the parent domain they are able to access, but after migration with the child domain account, they cannot.

I have added the group CHILDDomain Users with a system user role on SSRS, and PARENTDomain Users was already there.

Is there any additional step I should/could take to get this active?

View 5 Replies View Related

Windows Authentication From Non-domain Laptop

Apr 28, 2008

We have a SQL 2005 box that requires windows authentication but I have to connect a laptop that is not part of the domain. Is there any way to do this? Per company policy, the SQL server cannot be changed to use SQL Auth AND Windows Auth. Also per policy, the user's laptop cannot be joined to the domain since it's not a company laptop.

I've tried using the following command:
net use \SQLServerNameipc$ /user:DomainNameDomainAccount Password

and then using enterprise manager to register the sql server but it still says that the computer is not trusted.

Is there something else to this that I am missing or is this just not possible?

Thanks in advance for the help.

View 2 Replies View Related

Domain Groups And Windows Authentication

Nov 8, 2006

Hi

We are planning implementation of a currently Sybase db. The users (about 3600) will be i 5 domains and we want single sign-on through trusted connections. We want to use the database roles to define different user access on databases and tables. There will be around 2000 roles. We also want to add the users directly to the database roles without having to grant each user database access.

So I thought that I could add the user groups from all domains and then add each domain user account to specified database roles. Am I right here or what? The Windows authentication will lookup or check the users kerberos ticket during logon process and allow logon.

The documentation here is weak and I assume it's a windows authentication question but wondered if any of you guys had been down the same road.

For creating the groups I have the following options:

Create a domain group and put all the usergroups from the other domains in this group

Add user groups from all other domains directly into the SQL Server.

Any recommendations here?

View 3 Replies View Related

What Happens To Windows Authentication If Domain Failure Occurs?

Jul 23, 2005

Hi,I have a peculiar problem (or maybe not). I have SQL clients installedon XP boxes. These XP boxes are a member of let us say "XYZ" domain.SQL Server is installed on one of the boxes having Windows 2000 Serverin the same network. The installation has been done on local domainaccount. Since SQl Server has been installed with Windowsauthentication, what happens if the XYZ domain fails. Will it bepossible for all clients to access the database present on SQL Serverin the Win 2K box. I think I have made myself clear upto some extent.Please throw light on how to accomplish the connectivity between SQLclients and server in case of domain failure.Regards,Vinodi

View 2 Replies View Related

Windows Integrated Authentication - Domain Controller

Feb 24, 2007

If my SQL Server authentication is windows integrated authentication, whenever my application makes a connection to SQL server does it contact the windows active directory domain controller to authenticate the windows user account? How does windows integrated authentication work in the background?

View 9 Replies View Related

Authentication Failure - Can't Find Domain Accounts

May 30, 2007

We're getting an error where we can't add a login with the full dns name of a user - domain.xyzuser, for example. Get an error 15401, "Windows NT user or group domain.xyzuser' not found". The domain has a different Netbios name and DNS domain names, so we can add the user when we use the form "netbiosnameuser". So far so good.



Unfortunately, we have another application - Office Share Point Server whose shared services provider won't run, giving errors in the event log every 60 seconds that "Windows NT user or group 'domain.xyzuser' not found".



It looks as if SQL insists upon listing users in the form netbiosdomainnameuser, and applications that look for domain.xyzuser simply fail to authenticate.



Suggestions?

jnfranc at yahoo period com

View 3 Replies View Related

Cross Domain Windows Endpoint Authentication?

Feb 13, 2007

Hi There

I have service broker working 100% with an initiator - forwarder - target, all in the same domain using windows authentication on the endpoints, for all instances' the sql server service run under the same domain account, which in turn is granted connect on the various endpoints. This all works 100%

However i have a scenario where the initiator will be in a different trusted domain.

I need to know if i am correct in thinking that the initiator sql server servcie account can run under DomainAsqlservice, the target instance sql server servcie can run under DomainBsqlservice, then on the forwarder i simply grant connect on the forwarder endpoint to both DomainAsqlservice and DomainBsqlservice.

Is this correct, will this work?

Thanx

View 6 Replies View Related

Windows Authentication Fails For Trusted Domain

Nov 16, 2006

Greetings,

One of my users gets the following error when he tries to connect to my SQL Server 2000 database using windows authentication via Query Analyzer:

[Micorsoft][ODBC SQL Server Driver][SQL Server] Login failed for user '(null)'. Reason: Not associated with a trusted SQL Server connection.

Me and the server are located in Colorado and are on the NADomain. User is in London on the EURDomain. The EURDomain has a one way trust to the NADomain to use NADomain resources. I have granted access to the database to the user via Enterpise Manager as EURDomainuserid. All the literature I've read says this should be sufficient to connect but isn't. User can connect with SQL Server authentication. Users on the NADomain in Toronto can connect just fine with Windows Authentication. EURDomain user can access other file server resources in the same building as the SQL Server in Colorado.

SQL Server version is:

Microsoft SQL Server 2000 - 8.00.818 (Intel X86) Standard Edition on Windows NT 5.0 (Build 2195: Service Pack 4)

EURDomain Client ODBC version is 2000.85.1022.00 and MDAC is 2.8.

Any help is greatly appreciated.

View 5 Replies View Related

Reporting Services :: Unable To Run Report On Report Manager Using Windows Authentication

Oct 15, 2015

I was able to log in to SSRS report manager. But i was unable to run a report i designed on report builder.

It prompts for login when i wanted to run the report and i used the same windows authentication to sign in

It will show me the parameters but when i click on view report it gives this error

 "Data source 'DataSource1': An error has occurred.

Details: Microsoft.ReportingServices.ReportProcessing.ReportProcessingException: Cannot create a connection to data source 'DataSource1'. ---> System.Data.SqlClient.SqlException: Login failed for user 'Acc-11Admin'."

View 4 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved