The Permissions Granted To User &&<MachineName&&>ASPNET' Are Insufficient For Performing This Operation.
Jul 25, 2007
Hi,
I wanted to deploy my Sql 2005 reports to my local machine and want it to get viewed by all the users through Asp.Net application.
User can directly view the reports by clicking on the direct link to report but when they try to view it using application having Report Viewer, running on iis it gives acess denied 401 error and can't view the reports
If I make my application to run on default port then it works fine
If I give rights to <particularMachineNameASPNET> then that user can view the report but if there are 100 users then will i Add 100 such entries???
The Report server is configured to use a custom security extension. i can access the reportserver.
It looks like when i deploy the reports from VS. it does not pass any credentials to the report server. From the error message it looks like there is no username . How do i deploy reports to report server if we are using a custom security extension. How do i grant user rights to deploy report if we are using a custom security extension. Any idea. Thanks!
I have installed and configured sql server 2005 express edition with advanced services on an xp box, with the aim of using reporting services.
I have set up reporting services successfully using the report manager, with my web services id = netwrokservice.
I can access both the report manager and report url locally, i.e while using localhost anjd on the machine. The problem arises however when i try to access
the reports from another machine, as i get the message:
"The permissions granted to user 'domainusername' are insufficient for performing this operation. (rsAccessDenied)"
I have looked at various sites (including microsoft) in an attempt to find a solution to this and most sites give exmaples of how to configure the full
version of reporting services which i do not have. The things that I have managed to gleam and try are:
- open up security on dir: C:Program FilesMicrosoft SQL ServerMSSQL.2Reporting ServicesReportServer to everyone and allow all access - added my own username as a new role assigment in the report manager page - added my own username to the reportserveruser and reportingserviceswebservicesuser roles, as indicated by microft:
http://msdn2.microsoft.com/en-us/library/ms365166.aspx, who state that "Custom authentication extensions and custom role assignments are not supported. You
must map existing Windows domain user and group accounts to predefined role definitions."
Can anyone suggest where to look next as I cannot believe that this should be this difficult?
Hi, I've scoured the forums and tried just about every answer to this problem without any success. What I have is SQL Server 2005 installed on a single machine, and trying to deploy reports to the same machine for testing purposes. When I try to deploy the report I receive the permissions error. Here's what I've gotten to at this point:
I can get to the reports URL (http://machine/Reports)
I can login to Reporting Services via SQL Server Management Studio as the administrator. (Windows Authentication)
I have added my login to the Home Folder-->Permissions in SQL Server Management Studio, and all reports are set to inherit the home folder's permissions
In Reporting Service Configuration Manager the Windows Service Identity is set to Local System, and for web service identity - ASP.NET Service Account is set to NT AuthorityNetworkService; Report Server and Report Manager are set to DefaultAppPool.
In IIS I tried enabling Anonymous Authentication
Current Application pools are set to "Classic" for Managed Pipeline mode (I did this to actually be able to login to Reporting Services via SQL Server management studio; having this set to integrated gives me an error) What gets me is that this is entirely self-contained on one machine, that I set up as an administrator. So why do I get a permissions error when I am the admin on this machine deploying to this machine?
i finally got SSRS(SQL Server Reporting Services) to install properly and and it was working before i had to restart my PC after restarting my PC i went back to the Domain/Reports$SQLExpress and the menus where Blank it just showed the help link and the border. so i opened the Domain/ReportServer$SQLExpress and it said
The permissions granted to user 'DOMAINOwner' are insufficient for performing this operation.(rsAccessDenied) Get Online Help and there is no Login Box Popping up How do i get it to Login - Its set to use Windows Authentication what sould i doo please help ive had one problem after another with this SSRS
Hi all, I am new to ASP .NET and now I have been messing two days with the connection thing. I use the Visual Studio 2003 provided drag and drop SqlDataAdapter and SqlConnection to connect to the SQL 2000 server, developer edition (configured with the Windows authentication mode), but whenever I tried I always got a "Login failed for user mymachine/ASPNET" error. Can anyone help me with this? I have also tried, as somebody did, adding one line "<identity imperonate="true"/> to the Web.config file, but had the same kind of error. Do I have do make some change to my SQL server? Thanks a lot! Charlize
I'm developing an asp.net app that will list the reports available on the report server. The app works OK on my local machine but when I deploy it I run into a permissions problem:
Exception Details: System.Web.Services.Protocols.SoapException: System.Web.Services.Protocols.SoapException: The permissions granted to user 'NT AUTHORITYNETWORK SERVICE' are insufficient for performing this operation. ---> Microsoft.ReportingServices.Diagnostics.Utilities.AccessDeniedException: The permissions granted to user 'NT AUTHORITYNETWORK SERVICE' are insufficient for performing this operation. at Microsoft.ReportingServices.Library.ListChildrenAction.PerformActionNow() at Microsoft.ReportingServices.Library.RSSoapAction`1.Execute() at Microsoft.ReportingServices.WebServer.ReportingService2005Impl.ListChildren(String Item, Boolean Recursive, CatalogItem[]& CatalogItems) --- End of inner exception stack trace --- at Microsoft.ReportingServices.WebServer.ReportingService2005Impl.ListChildren(String Item, Boolean Recursive, CatalogItem[]& CatalogItems) at Microsoft.ReportingServices.WebServer.ReportingService2005.ListChildren(String Item, Boolean Recursive, CatalogItem[]& CatalogItems)
My code uses the DefaultCredentials: ReportingService2005 rService = new ReportingService2005();rService.Credentials = System.Net.CredentialCache.DefaultCredentials; CatalogItem[] catalogItems; catalogItems = rService.ListChildren("/", true); I can avoid the exception if I use the Administrator account:
System.Net.CredentialCache cache = new System.Net.CredentialCache();// Add a NetworkCredential instance to CredentialCache.// Negotiate for NTLM or Kerberos authentication.cache.Add(new Uri(ReportServer), "Negotiate", new System.Net.NetworkCredential("Administrator", "<password>", "<domain>")); //Assign CredentialCache to the Web service Client Proxy(myProxy) Credentials property.rService.Credentials = cache;
I'm pretty sure using the Administrator account here is not the best practice. Any suggestions?
The permissions granted to user 'domainusername' are insufficient for performing this operation. (rsAccessDenied)
Hi,
I wonder if anyone can help me?
I have installed and configured sql server 2005 express edition with advanced services on an xp box, with the aim of using reporting services.
I have set up reporting services successfully using the report manager, with my web services id = netwrokservice.
I can access both the report manager and report url locally, i.e while using localhost anjd on the machine. The problem arises however when i try to access
the reports from another machine, as i get the message:
"The permissions granted to user 'domainusername' are insufficient for performing this operation. (rsAccessDenied)"
I have looked at various sites (including microsoft) in an attempt to find a solution to this and most sites give exmaples of how to configure the full
version of reporting services which i do not have. The things that I have managed to gleam and try are:
- open up security on dir: C:Program FilesMicrosoft SQL ServerMSSQL.2Reporting ServicesReportServer to everyone and allow all access - added my own username as a new role assigment in the report manager page - added my own username to the reportserveruser and reportingserviceswebservicesuser roles, as indicated by microft:
http://msdn2.microsoft.com/en-us/library/ms365166.aspx, who state that "Custom authentication extensions and custom role assignments are not supported. You
must map existing Windows domain user and group accounts to predefined role definitions."
Can anyone suggest where to look next as I cannot believe that this should be this difficult?
I'm working on a big project, and in about 3-4 months I'm looking to put out out as a web app for some local businesses. My question is, is there a way I can disable having to use a <machinename>aspnet, and just use a SQL user I create? Otherwise, I'm not sure how I'm going to give the <machinename>aspnet access to my database in case I add more tables and what not.
Not sure if this should go here or in the SQL thread. Thanks
I have an application that talks to an access db located on a 2000 server. I would like grant permissions to the application instead of a specific user. Any help would be great...
set up asp .net user account on sql server 2005Question:
I've read the instructions in this article: http://www.netomatix.com/Development/aspnetuserpermissions.aspxBut do not know how to do this:You can grant 'Network Service' or 'ASPNET' user accounts permissions to connect to database.Please provide example on how to do this, thanks!
I have got a column with the string "I too Love Sql Server". I am trying an output as shown below:
I want to divide this into 4 columns :
Column1 Column2 Column3 Column4 I too Love Sql Server I.t.L.S.S
The Column 4 contains the first letter of each word. If the string contains only 2 words, Eg: "Sql Server" then Column 2 will be empty and only Column 1,3 and 4 will be filled.
Here's a simple question for you:Is it better to maintain a single open connection to the database for theentire duration of the users session, or to connect, perform an operationand then disconnect each time the user wants to do some work, within thatsession?If so, why?Thanks,Robin
I am using sql server and I have a table called accnt with the fields ven1 and amnt1 and a table called acc1167 with fields ven, job#, and amnt. for this example these tables look like this
I need to sum amnt1 for all the records in accnt with the ven1 of 1167, we will call this sumA. Then sum amnt in acc1167 for all records, we will call this sumB. next I need to divide sumB by sumA to get a ratio. finally I need to multiply each amnt value from acc1167 by the ratio and get a number that will then replace the acc1167 amnt value.
for example, sumA = 3750, sumB = 1150. taking these values, sumB/sumA = 0.307. I then replace every value in acc1167 amnt with 0.307*itself, so the final table should look like this:
i have tried to use the sum function and and some insert, but i am very new to SQL and have never used sum before and don't know how to call from multiple tables, or how to store a ratio. Ive tried this:
UPDATE acc1167 sum1 = sum amnt1 where ven1 = '1167' from accnt sum2 = sum amnt from accnt SET amnt = sum2/sum1*amnt FROM acc1167
I have granted execute on the dbo schema to a sql user so that he can execute available procedures in the dbo schema. However when he executes a procedure ie..
exec dbo.myproc
The following error is returned:
Msg 229, Level 14, State 5, Line 2
SELECT permission denied on object 'MyType', database 'Mine', schema 'dbo'.
MyType is a table
How can I correct this behavior?
I don't want the user to be able to access the tables except via the procedure calls.
Ive created a DAL called Artist.xsd. Ive used stored procedures to access the data. The wizard created a stored procedure called 'dbo.ArtistSelectCommand' Ive granted the ASPNET account execute permissions on this stored procedure When I run the application and try to execute the stored proc, I get this error EXECUTE permission denied on object 'ArtistSelectCommand', database 'EBSNet', owner 'dbo'.
as far as im aware ive givne the ASPNET account the correct permissions
I'm trying to use the SPROC below (courtesy of Erland!) to capture theerror message but it fails owing to insufficient permissions (I can'treproduce it just now, but I think it's because it can't get access tothe DBCC OUTPUTBUFFER).How do I give the SPROC permission to execute?Many thanksEdwardCREATE PROCEDURE stpShowErrorMessage @errmsg nvarchar(500) OUTPUT ASDECLARE @dbccrow nchar(77),@msglen int,@lenstr nchar(2),@sql nvarchar(2000),@s tinyint-- Catch the output buffer.CREATE TABLE #DBCCOUT (col1 nchar(77) NOT NULL)INSERT INTO #DBCCOUTEXEC ('DBCC OUTPUTBUFFER(@@spid)')-- Set up a cursor over the table. We skip the first-- row, because there is nothing of interest.DECLARE error_cursor CURSOR STATIC FORWARD_ONLY FORSELECT col1FROM #DBCCOUTWHERE left(col1, 8) <> replicate('0', 8)ORDER BY col1-- Init variable, and open cursor.SELECT @errmsg = ''OPEN error_cursorFETCH NEXT FROM error_cursor INTO @dbccrow-- On this first row we find the length.SELECT @lenstr = substring(@dbccrow, 15, 2)-- Convert hexstring to intSELECT @sql = 'SELECT @int = convert(int, 0x00' + @lenstr + ')'EXEC sp_executesql @sql, N'@int int OUTPUT', @msglen OUTPUT-- @s is where the text part of the buffer starts.SELECT @s = 62-- Now assemble rest of string.WHILE @@FETCH_STATUS = 0 AND datalength(@errmsg) - 1 < 2 * @msglenBEGINSELECT @errmsg = @errmsg + substring(@dbccrow, @s + 1, 1) +substring(@dbccrow, @s + 3, 1) +substring(@dbccrow, @s + 5, 1) +substring(@dbccrow, @s + 7, 1) +substring(@dbccrow, @s + 9, 1) +substring(@dbccrow, @s + 11, 1) +substring(@dbccrow, @s + 13, 1) +substring(@dbccrow, @s + 15, 1)FETCH NEXT FROM error_cursor INTO @dbccrowENDCLOSE error_cursorDEALLOCATE error_cursor-- Now chop first character which is the length, and cut after end.SELECT @errmsg = substring(@errmsg, 2, @msglen)GO
I am trying implement replication and having problem when creating push subscription to an existing transactional replication publication. The distribution agent is failing to run its job with the error:
Agent message code 14260. You do not have sufficient permission to run this command. Contact your system administrator.
I followed the http://msdn2.microsoft.com/en-us/library/ms151868.aspx article instructions when I set the distribution agent properties
What did I miss?
The following is the step error message: Date 1/12/2007 2:30:01 PM Log Job History (105342-DB3PROD-MOMA-ArchivedTransactions-105337-DEV2-15)
Step ID 2 Server 105342-DB3PROD Job Name 105342-DB3PROD-MOMA-ArchivedTransactions-105337-DEV2-15 Step Name Run agent. Duration 00:00:00 Sql Severity 0 Sql Message ID 0 Operator Emailed Operator Net sent Operator Paged Retries Attempted 0
Message 2007-01-12 19:30:01.258 Microsoft SQL Server Replication Agent: distrib 2007-01-12 19:30:01.258 2007-01-12 19:30:01.258 The timestamps prepended to the output lines are expressed in terms of UTC time. 2007-01-12 19:30:01.258 User-specified agent parameter values: -Subscriber 105337-DEV2 -SubscriberDB MOMA -Publisher 105342-DB3PROD -Distributor 105342-DB3PROD -DistributorSecurityMode 1 -Publication ArchivedTransactions -PublisherDB MOMA -XJOBID 0x65C41EBC553D96439BAF69E4DC3CC823 -XJOBNAME 105342-DB3PROD-MOMA-ArchivedTransactions-105337-DEV2-15 -XSTEPID 2 -XSUBSYSTEM Distribution -XSERVER 105342-DB3PROD -XCMDLINE 0 -XCancelEventHandle 00000000000006E8 2007-01-12 19:30:01.258 Startup Delay: 214 (msecs) 2007-01-12 19:30:01.477 Connecting to Distributor '105342-DB3PROD' 2007-01-12 19:30:01.618 Agent message code 14260. You do not have sufficient permission to run this command. Contact your system administrator.
Can a user be granted the ability to create stored procedures with read only capabilities? I wouldn't mind be able to UPDATE but simply need to read only.
We seem to be being plagued by the error below by our SQL Server agent. This happens almost everytime we restart the server that has been running for a day or two.
Our SQL Server Agent uses a none expiring domain credential. I understand that this problem only happens when the profile being used by the SQL Servr Agent has changed (password change). What puzzles me is that the login is A ok and no changes has been made to it's password.
We always resolve this problem by changing the login used in the SQL Server Agent to local and after that, returning it back to it's original domain login. Unfortunately, we cant always do this everytime something goes wrong.
Can anyone please help us shed a light on this? We're using SQL2k with SP3a. Thanks!
Error:
An error 1069 - )The service did not start due to logon failure) occurred while performing this service operation on the SQLServerAgent service.
I just moved my website to a shared host, and I face some trouble. Since there is more than one DB on the SQL server they don't want to create a ASPNET user. Is there a way to make my SQLCommand use my user name instead of ASPNET ?
Otherwise, can anyone explain to me the result of the ASPNET user on other website who will use the same server as me security wise ?
I am going though the ASP.NET QuickStart tutorials. One of the lessons is to add a datagrid. I am able to do that with VWD and am able to connect to the database in VWD. However when I try to execute the application I get a "Login failure" message because the user pcName/ASPNET cannot login. How do I add the ASPNET user to the SQLExpress database? There don't seem to be any administration tools that were installed with SQL Server Express 2005. Thanks in advance for the help!
I am trying to add aspnet user to sqlexpress. I am able to select the asp.net however when I click on OK button, it is asking me to enter a name for it. COuld you tell me what name I should enter? I tried computernameaspnet didn't help? is there better way to do this? thanks for your help Cemal
I have developed an asp.net application and have deployed it to the web server. The application accesses an SQL Server to allow users to make changes to data. My connection string is the following:
On the SQL Server side, I have a trigger that logs when changes are made and by whom. The suser_sname returns <Servername>ASPNET as the user making the change. Why is this? Should it not be the user id of the user? If the SQL Server thinks that the current user is ASPNET then how can it make changes when this is not a user defined for the database.
The web site is set up to allow for Integrated Windows Authentication only. SQL Server is on the same machine as the web server.
I am using MSDE in an ASP .NET application using forms authentication in order to the user can visit my website anonymously but have to authenticate in some pages.
Web server and MSDE server are in the same computer.
I would like to know how role I should set for the ASPNET sql server user. I am using Microsoft SQL Web Data Administrator and when I am creating the ASPNET user, then a page with some roles is shown.
Roles like public (default), db_owner, db_accessadmin, db_datareader, db_datawriter...
I had applied db_datareader and db_datawriter but now, when I use store procedures in my code, an error is made so I have applied db_owner role for the ASPNET user.
Is this correct or db_owner is a excessive privileged role for the ASPNET user?
The objective is to configure on a dev machine. Selecting New Database User is the easy part as the ***ASPNET user can be selected from the drop down listbox. What follows and what to do next is a myriad of choices. What needs to be done next? Is there a step-by-step document somewhere that you can refer?
can anyone help me with this error message, i follow the instruction of someone in other forum, but i cant find where the SQL Server Enterprise manager is, i am using MSDE.
Hello,I am getting following error when I tried to connect to the database. Login failed for user 'SHALINIASPNET' I am new to this and don't know how to fix it. I am running SQL Server Desktop engine 2000. I could connect through Server Explorer window, but not through ADO.NETHere's my connection string: sConnectionString = "Integrated Security=SSPI;Persist Security Info=False;Initial Catalog=MyStore;Data Source=SHALINI;Workstation ID=SHALINI" I have IIS and SQL Server running on the same machine.Please please help me.Thanks in Advance
We have an ASP.net application that currently sits on a server that runs IIS and sql server. We are spliting IIS and SQL server into 2 seperate machines. I believe I have the connection string okay as I can see the entries in the security log on the sql server machine however it keeps saying aspnet user invalid user or invalid password. What gives with this. We put .net on the sql server however this just added the aspnet user to the machine. Do I need to create an aspnet user inside the sql server and give it control of the dbases as well? I am running this using the personal web server not IIS on a server. I have a project on my desktop and am using the "local" IIS or personal web server that comes with visual studio out of the box. What kills me is that when I put the project on a real IIS server that has sql server on the same machine I have no issues. However when I split the dbase and the IIS apart onto 2 servers I get this aspnet invalid user or invalid password. HELP
Hi, I have added interactive sort to report. When i perform the sort in the preview of the report, i see a message 'Report is being generated'. But when i do the sorting from Report viewer control, the screen goes blank before the sorted data comes up. Is there any way I can display a message telling sorting is in progress? Any help in this regard is appreciated.