rserroropeningconnection SQL RS 2000

I have configured a user as content manager in security settings for a data source and trying to execute the report under his credentials, but i keep getting the error

RSErrorOpeningConnection login failed for user <domain>\<username>

I have set windows authentication for the data source

Can anyone please help...

have u selected the checkbox in your datasource like this....

Use as Windows credentials when connecting to the data source..

|||

I selected the last but one option --

Windows NT Integrated Security

RS2005's own SPs to add users to RS

Dear Anyone,

Is it possible to use Reporting Services' own stored procedure to add users directly into RS's security roles?

Thanks,

Joseph

Direct access to the RS catalog is not supported. Is there a reason why SOAP APIs are not enough?

Thanks

Tudor

sql

RS2005's own SPs to add users to RS

Dear Anyone,

Is it possible to use Reporting Services' own stored procedure to add users directly into RS's security roles?

Thanks,

Joseph

Direct access to the RS catalog is not supported. Is there a reason why SOAP APIs are not enough?

Thanks

Tudor

rs2000 user in master database

Our database security standards require only dbo and guest users be in the
master database.
However, Reporting Services creates a user (rs2000) in the master database.
Is it possible to remove this user from the master database without affecting
functionality? If not, does anyone have suggestions for tightening down
security on this user?If RS created this it is how you installed it. I do not have any additional
users added to master database.
Only suggestion I could make is to try deleting it and if it causes a
problem put it back. All I know is, it is not a standard part of the install
(that I can see).
One caveat, my RS 2000 has been upgraded to RS 2005.
Bruce Loehle-Conger
MVP SQL Server Reporting Services
"cltdba" <cltdba@.discussions.microsoft.com> wrote in message
news:F4DE0DDD-3971-495B-B885-6338671BE79C@.microsoft.com...
> Our database security standards require only dbo and guest users be in the
> master database.
> However, Reporting Services creates a user (rs2000) in the master
> database.
> Is it possible to remove this user from the master database without
> affecting
> functionality? If not, does anyone have suggestions for tightening down
> security on this user?|||Thank you for the info. If I read your reply correctly;
The original install was RS 2000 (since upgraded to RS 2005).
During original install, no user (i.e. rs2000) was created in the master DB.
Are these true statements?
"Bruce L-C [MVP]" wrote:
> If RS created this it is how you installed it. I do not have any additional
> users added to master database.
> Only suggestion I could make is to try deleting it and if it causes a
> problem put it back. All I know is, it is not a standard part of the install
> (that I can see).
> One caveat, my RS 2000 has been upgraded to RS 2005.
>
> --
> Bruce Loehle-Conger
> MVP SQL Server Reporting Services
>
> "cltdba" <cltdba@.discussions.microsoft.com> wrote in message
> news:F4DE0DDD-3971-495B-B885-6338671BE79C@.microsoft.com...
> > Our database security standards require only dbo and guest users be in the
> > master database.
> >
> > However, Reporting Services creates a user (rs2000) in the master
> > database.
> > Is it possible to remove this user from the master database without
> > affecting
> > functionality? If not, does anyone have suggestions for tightening down
> > security on this user?
>
>|||I don't think a user was created at that time. I never looked previously so
I wouldn't know. What I can say is that in my situation (a 2000 upgraded to
2005) that there is no special user. I have dbo and guest in master and that
is it.
Bruce Loehle-Conger
MVP SQL Server Reporting Services
"cltdba" <cltdba@.discussions.microsoft.com> wrote in message
news:2CB87B13-7B80-4205-A06B-8BDDA367B801@.microsoft.com...
> Thank you for the info. If I read your reply correctly;
> The original install was RS 2000 (since upgraded to RS 2005).
> During original install, no user (i.e. rs2000) was created in the master
> DB.
> Are these true statements?
>
> "Bruce L-C [MVP]" wrote:
>> If RS created this it is how you installed it. I do not have any
>> additional
>> users added to master database.
>> Only suggestion I could make is to try deleting it and if it causes a
>> problem put it back. All I know is, it is not a standard part of the
>> install
>> (that I can see).
>> One caveat, my RS 2000 has been upgraded to RS 2005.
>>
>> --
>> Bruce Loehle-Conger
>> MVP SQL Server Reporting Services
>>
>> "cltdba" <cltdba@.discussions.microsoft.com> wrote in message
>> news:F4DE0DDD-3971-495B-B885-6338671BE79C@.microsoft.com...
>> > Our database security standards require only dbo and guest users be in
>> > the
>> > master database.
>> >
>> > However, Reporting Services creates a user (rs2000) in the master
>> > database.
>> > Is it possible to remove this user from the master database without
>> > affecting
>> > functionality? If not, does anyone have suggestions for tightening
>> > down
>> > security on this user?
>>

RS.exe Script utility and Forms Authentication

We have successfully implemented Forms Authentication using Custom Security
Extension. It works fine except the RS Script Utility unable to deploy
reports either locally on the report server itself or remotely from
workstation.
I could not connect to the report server. The command I used:
rs -s http://reportservername/reportserver -i PublishReports.rss -u username
-p password
The error message: Could not connect to server:
http://reportservername/ReportServer/ReportService2005.asmx
I'm not sure how the authentication ticket works with the rs utility.
Thanks,
Dawit T.You need to retrieve and cache the cookie and pass it manually with each
request just like you would do with WinForm applications. With web-based
access, the browser does it for you. With other clients, you are on your
own.
You may find this sample useful (assuming that you use RS 2000).
http://www.prologika.com/downloads/FormsAuthTester/RsFormAuthTester.zip
--
HTH,
---
Teo Lachev, MVP, MCSD, MCT
"Microsoft Reporting Services in Action"
"Applied Microsoft Analysis Services 2005"
Home page and blog: http://www.prologika.com/
---
"Dawit T." <DawitT@.discussions.microsoft.com> wrote in message
news:2CB76DF1-3053-417B-8ED2-1A4A95B55862@.microsoft.com...
> We have successfully implemented Forms Authentication using Custom
> Security
> Extension. It works fine except the RS Script Utility unable to deploy
> reports either locally on the report server itself or remotely from
> workstation.
> I could not connect to the report server. The command I used:
> rs -s http://reportservername/reportserver -i PublishReports.rss -u
> username
> -p password
> The error message: Could not connect to server:
> http://reportservername/ReportServer/ReportService2005.asmx
> I'm not sure how the authentication ticket works with the rs utility.
> Thanks,
> Dawit T.|||Thanks. Actually, I'm using RS 2005. What change do I need to make the sample
work in RS 2005?
"Teo Lachev [MVP]" wrote:
> You need to retrieve and cache the cookie and pass it manually with each
> request just like you would do with WinForm applications. With web-based
> access, the browser does it for you. With other clients, you are on your
> own.
> You may find this sample useful (assuming that you use RS 2000).
> http://www.prologika.com/downloads/FormsAuthTester/RsFormAuthTester.zip
> --
> HTH,
> ---
> Teo Lachev, MVP, MCSD, MCT
> "Microsoft Reporting Services in Action"
> "Applied Microsoft Analysis Services 2005"
> Home page and blog: http://www.prologika.com/
> ---
> "Dawit T." <DawitT@.discussions.microsoft.com> wrote in message
> news:2CB76DF1-3053-417B-8ED2-1A4A95B55862@.microsoft.com...
> > We have successfully implemented Forms Authentication using Custom
> > Security
> > Extension. It works fine except the RS Script Utility unable to deploy
> > reports either locally on the report server itself or remotely from
> > workstation.
> >
> > I could not connect to the report server. The command I used:
> >
> > rs -s http://reportservername/reportserver -i PublishReports.rss -u
> > username
> > -p password
> >
> > The error message: Could not connect to server:
> > http://reportservername/ReportServer/ReportService2005.asmx
> >
> > I'm not sure how the authentication ticket works with the rs utility.
> >
> > Thanks,
> > Dawit T.
>
>|||Forms Authentication hasn't changed in RS 2005. However, the web service
APIs have been split into two web services -Management and Execution. I am
not sure if my sample will compile at all with RS 2005 once you dereference
the web service. Give it a try.
--
HTH,
---
Teo Lachev, MVP, MCSD, MCT
"Microsoft Reporting Services in Action"
"Applied Microsoft Analysis Services 2005"
Home page and blog: http://www.prologika.com/
---
"Dawit T." <DawitT@.discussions.microsoft.com> wrote in message
news:1C95ECDD-FDCE-4BE0-983C-C82A4C855B88@.microsoft.com...
> Thanks. Actually, I'm using RS 2005. What change do I need to make the
> sample
> work in RS 2005?
> "Teo Lachev [MVP]" wrote:
>> You need to retrieve and cache the cookie and pass it manually with each
>> request just like you would do with WinForm applications. With web-based
>> access, the browser does it for you. With other clients, you are on your
>> own.
>> You may find this sample useful (assuming that you use RS 2000).
>> http://www.prologika.com/downloads/FormsAuthTester/RsFormAuthTester.zip
>> --
>> HTH,
>> ---
>> Teo Lachev, MVP, MCSD, MCT
>> "Microsoft Reporting Services in Action"
>> "Applied Microsoft Analysis Services 2005"
>> Home page and blog: http://www.prologika.com/
>> ---
>> "Dawit T." <DawitT@.discussions.microsoft.com> wrote in message
>> news:2CB76DF1-3053-417B-8ED2-1A4A95B55862@.microsoft.com...
>> > We have successfully implemented Forms Authentication using Custom
>> > Security
>> > Extension. It works fine except the RS Script Utility unable to deploy
>> > reports either locally on the report server itself or remotely from
>> > workstation.
>> >
>> > I could not connect to the report server. The command I used:
>> >
>> > rs -s http://reportservername/reportserver -i PublishReports.rss -u
>> > username
>> > -p password
>> >
>> > The error message: Could not connect to server:
>> > http://reportservername/ReportServer/ReportService2005.asmx
>> >
>> > I'm not sure how the authentication ticket works with the rs utility.
>> >
>> > Thanks,
>> > Dawit T.
>>|||"Teo Lachev [MVP]" wrote:
> Forms Authentication hasn't changed in RS 2005. However, the web service
> APIs have been split into two web services -Management and Execution. I am
> not sure if my sample will compile at all with RS 2005 once you dereference
> the web service. Give it a try.
> --
> HTH,
> ---
> Teo Lachev, MVP, MCSD, MCT
> "Microsoft Reporting Services in Action"
> "Applied Microsoft Analysis Services 2005"
> Home page and blog: http://www.prologika.com/
> ---
> "Dawit T." <DawitT@.discussions.microsoft.com> wrote in message
> news:1C95ECDD-FDCE-4BE0-983C-C82A4C855B88@.microsoft.com...
> > Thanks. Actually, I'm using RS 2005. What change do I need to make the
> > sample
> > work in RS 2005?
> >
> > "Teo Lachev [MVP]" wrote:
> >
> >> You need to retrieve and cache the cookie and pass it manually with each
> >> request just like you would do with WinForm applications. With web-based
> >> access, the browser does it for you. With other clients, you are on your
> >> own.
> >>
> >> You may find this sample useful (assuming that you use RS 2000).
> >>
> >> http://www.prologika.com/downloads/FormsAuthTester/RsFormAuthTester.zip
> >>
> >> --
> >> HTH,
> >> ---
> >> Teo Lachev, MVP, MCSD, MCT
> >> "Microsoft Reporting Services in Action"
> >> "Applied Microsoft Analysis Services 2005"
> >> Home page and blog: http://www.prologika.com/
> >> ---
> >> "Dawit T." <DawitT@.discussions.microsoft.com> wrote in message
> >> news:2CB76DF1-3053-417B-8ED2-1A4A95B55862@.microsoft.com...
> >> > We have successfully implemented Forms Authentication using Custom
> >> > Security
> >> > Extension. It works fine except the RS Script Utility unable to deploy
> >> > reports either locally on the report server itself or remotely from
> >> > workstation.
> >> >
> >> > I could not connect to the report server. The command I used:
> >> >
> >> > rs -s http://reportservername/reportserver -i PublishReports.rss -u
> >> > username
> >> > -p password
> >> >
> >> > The error message: Could not connect to server:
> >> > http://reportservername/ReportServer/ReportService2005.asmx
> >> >
> >> > I'm not sure how the authentication ticket works with the rs utility.
> >> >
> >> > Thanks,
> >> > Dawit T.
> >>
> >>
> >>
>
>|||Thanks for your immediate response.
I could be able to run the sample in RS 2005 and converted it into VB.Net.
Now, I'm to run it as RS script. However, I've face some basic issues:
1. I think rs instance (ReportServiceProxy) is created by the RS Utility
and the script uses it by referencing what the environment provided (rs). How
can I intercept the rs call to another instance that implemented/overriden
the default GetWebRequest & GetWebResponse for the cookie management?
2. RS Utility runs code between Public Sub Main()...End Sub. Can I import
or reference the custom ReportServiceProxy? Can there be two
ReportServiceProxy instances, one created by RS Utility another by the
script? How do I make RS utility be aware of the custome proxy?
Thanks,
Dawit.
"Teo Lachev [MVP]" wrote:
> Forms Authentication hasn't changed in RS 2005. However, the web service
> APIs have been split into two web services -Management and Execution. I am
> not sure if my sample will compile at all with RS 2005 once you dereference
> the web service. Give it a try.
> --
> HTH,
> ---
> Teo Lachev, MVP, MCSD, MCT
> "Microsoft Reporting Services in Action"
> "Applied Microsoft Analysis Services 2005"
> Home page and blog: http://www.prologika.com/
> ---
> "Dawit T." <DawitT@.discussions.microsoft.com> wrote in message
> news:1C95ECDD-FDCE-4BE0-983C-C82A4C855B88@.microsoft.com...
> > Thanks. Actually, I'm using RS 2005. What change do I need to make the
> > sample
> > work in RS 2005?
> >
> > "Teo Lachev [MVP]" wrote:
> >
> >> You need to retrieve and cache the cookie and pass it manually with each
> >> request just like you would do with WinForm applications. With web-based
> >> access, the browser does it for you. With other clients, you are on your
> >> own.
> >>
> >> You may find this sample useful (assuming that you use RS 2000).
> >>
> >> http://www.prologika.com/downloads/FormsAuthTester/RsFormAuthTester.zip
> >>
> >> --
> >> HTH,
> >> ---
> >> Teo Lachev, MVP, MCSD, MCT
> >> "Microsoft Reporting Services in Action"
> >> "Applied Microsoft Analysis Services 2005"
> >> Home page and blog: http://www.prologika.com/
> >> ---
> >> "Dawit T." <DawitT@.discussions.microsoft.com> wrote in message
> >> news:2CB76DF1-3053-417B-8ED2-1A4A95B55862@.microsoft.com...
> >> > We have successfully implemented Forms Authentication using Custom
> >> > Security
> >> > Extension. It works fine except the RS Script Utility unable to deploy
> >> > reports either locally on the report server itself or remotely from
> >> > workstation.
> >> >
> >> > I could not connect to the report server. The command I used:
> >> >
> >> > rs -s http://reportservername/reportserver -i PublishReports.rss -u
> >> > username
> >> > -p password
> >> >
> >> > The error message: Could not connect to server:
> >> > http://reportservername/ReportServer/ReportService2005.asmx
> >> >
> >> > I'm not sure how the authentication ticket works with the rs utility.
> >> >
> >> > Thanks,
> >> > Dawit T.
> >>
> >>
> >>
>
>|||Yeah, this is too helpful, isn't it? You can't also create custom classes in
the rss script. Here is something you can try.
The rs variable should inherit from SoapHttpClientProtocol because it is a
web service proxy. As such, it exposes a CookieContainer property which
allows you to set or get cookies. In other words, instead of inheriting from
the proxy, see if you could manage the auth cookie directly. I haven't tried
it so it may not work.
--
HTH,
---
Teo Lachev, MVP, MCSD, MCT
"Microsoft Reporting Services in Action"
"Applied Microsoft Analysis Services 2005"
Home page and blog: http://www.prologika.com/
---
"Dawit T." <DawitT@.discussions.microsoft.com> wrote in message
news:C342EE4D-EC1B-43BB-97DB-2FC2B8949AE1@.microsoft.com...
> Thanks for your immediate response.
> I could be able to run the sample in RS 2005 and converted it into VB.Net.
> Now, I'm to run it as RS script. However, I've face some basic issues:
> 1. I think rs instance (ReportServiceProxy) is created by the RS Utility
> and the script uses it by referencing what the environment provided (rs).
> How
> can I intercept the rs call to another instance that implemented/overriden
> the default GetWebRequest & GetWebResponse for the cookie management?
> 2. RS Utility runs code between Public Sub Main()...End Sub. Can I import
> or reference the custom ReportServiceProxy? Can there be two
> ReportServiceProxy instances, one created by RS Utility another by the
> script? How do I make RS utility be aware of the custome proxy?
> Thanks,
> Dawit.
> "Teo Lachev [MVP]" wrote:
>> Forms Authentication hasn't changed in RS 2005. However, the web service
>> APIs have been split into two web services -Management and Execution. I
>> am
>> not sure if my sample will compile at all with RS 2005 once you
>> dereference
>> the web service. Give it a try.
>> --
>> HTH,
>> ---
>> Teo Lachev, MVP, MCSD, MCT
>> "Microsoft Reporting Services in Action"
>> "Applied Microsoft Analysis Services 2005"
>> Home page and blog: http://www.prologika.com/
>> ---
>> "Dawit T." <DawitT@.discussions.microsoft.com> wrote in message
>> news:1C95ECDD-FDCE-4BE0-983C-C82A4C855B88@.microsoft.com...
>> > Thanks. Actually, I'm using RS 2005. What change do I need to make the
>> > sample
>> > work in RS 2005?
>> >
>> > "Teo Lachev [MVP]" wrote:
>> >
>> >> You need to retrieve and cache the cookie and pass it manually with
>> >> each
>> >> request just like you would do with WinForm applications. With
>> >> web-based
>> >> access, the browser does it for you. With other clients, you are on
>> >> your
>> >> own.
>> >>
>> >> You may find this sample useful (assuming that you use RS 2000).
>> >>
>> >> http://www.prologika.com/downloads/FormsAuthTester/RsFormAuthTester.zip
>> >>
>> >> --
>> >> HTH,
>> >> ---
>> >> Teo Lachev, MVP, MCSD, MCT
>> >> "Microsoft Reporting Services in Action"
>> >> "Applied Microsoft Analysis Services 2005"
>> >> Home page and blog: http://www.prologika.com/
>> >> ---
>> >> "Dawit T." <DawitT@.discussions.microsoft.com> wrote in message
>> >> news:2CB76DF1-3053-417B-8ED2-1A4A95B55862@.microsoft.com...
>> >> > We have successfully implemented Forms Authentication using Custom
>> >> > Security
>> >> > Extension. It works fine except the RS Script Utility unable to
>> >> > deploy
>> >> > reports either locally on the report server itself or remotely from
>> >> > workstation.
>> >> >
>> >> > I could not connect to the report server. The command I used:
>> >> >
>> >> > rs -s http://reportservername/reportserver -i PublishReports.rss -u
>> >> > username
>> >> > -p password
>> >> >
>> >> > The error message: Could not connect to server:
>> >> > http://reportservername/ReportServer/ReportService2005.asmx
>> >> >
>> >> > I'm not sure how the authentication ticket works with the rs
>> >> > utility.
>> >> >
>> >> > Thanks,
>> >> > Dawit T.
>> >>
>> >>
>> >>
>>|||Yes, it is a very helpful sample! Thanks again.
RS variable exposes CookieContainer property. The problem is to catch the
auth cookie first time when rs utility gets authenticated by the web service
proxy.
Command line rs authentication occurs using:
rs -s http://reportservername/reportserver -i PublishReports.rss -u username
-p password
How do I also send the stored cookie with the request, eg during
rs.CreateFolder(parentFolder, "/", Nothing) operation?
Thanks,
Dawit.
"Teo Lachev [MVP]" wrote:
> Yeah, this is too helpful, isn't it? You can't also create custom classes in
> the rss script. Here is something you can try.
> The rs variable should inherit from SoapHttpClientProtocol because it is a
> web service proxy. As such, it exposes a CookieContainer property which
> allows you to set or get cookies. In other words, instead of inheriting from
> the proxy, see if you could manage the auth cookie directly. I haven't tried
> it so it may not work.
> --
> HTH,
> ---
> Teo Lachev, MVP, MCSD, MCT
> "Microsoft Reporting Services in Action"
> "Applied Microsoft Analysis Services 2005"
> Home page and blog: http://www.prologika.com/
> ---
> "Dawit T." <DawitT@.discussions.microsoft.com> wrote in message
> news:C342EE4D-EC1B-43BB-97DB-2FC2B8949AE1@.microsoft.com...
> > Thanks for your immediate response.
> >
> > I could be able to run the sample in RS 2005 and converted it into VB.Net.
> > Now, I'm to run it as RS script. However, I've face some basic issues:
> >
> > 1. I think rs instance (ReportServiceProxy) is created by the RS Utility
> > and the script uses it by referencing what the environment provided (rs).
> > How
> > can I intercept the rs call to another instance that implemented/overriden
> > the default GetWebRequest & GetWebResponse for the cookie management?
> >
> > 2. RS Utility runs code between Public Sub Main()...End Sub. Can I import
> > or reference the custom ReportServiceProxy? Can there be two
> > ReportServiceProxy instances, one created by RS Utility another by the
> > script? How do I make RS utility be aware of the custome proxy?
> >
> > Thanks,
> > Dawit.
> >
> > "Teo Lachev [MVP]" wrote:
> >
> >> Forms Authentication hasn't changed in RS 2005. However, the web service
> >> APIs have been split into two web services -Management and Execution. I
> >> am
> >> not sure if my sample will compile at all with RS 2005 once you
> >> dereference
> >> the web service. Give it a try.
> >> --
> >> HTH,
> >> ---
> >> Teo Lachev, MVP, MCSD, MCT
> >> "Microsoft Reporting Services in Action"
> >> "Applied Microsoft Analysis Services 2005"
> >> Home page and blog: http://www.prologika.com/
> >> ---
> >> "Dawit T." <DawitT@.discussions.microsoft.com> wrote in message
> >> news:1C95ECDD-FDCE-4BE0-983C-C82A4C855B88@.microsoft.com...
> >> > Thanks. Actually, I'm using RS 2005. What change do I need to make the
> >> > sample
> >> > work in RS 2005?
> >> >
> >> > "Teo Lachev [MVP]" wrote:
> >> >
> >> >> You need to retrieve and cache the cookie and pass it manually with
> >> >> each
> >> >> request just like you would do with WinForm applications. With
> >> >> web-based
> >> >> access, the browser does it for you. With other clients, you are on
> >> >> your
> >> >> own.
> >> >>
> >> >> You may find this sample useful (assuming that you use RS 2000).
> >> >>
> >> >> http://www.prologika.com/downloads/FormsAuthTester/RsFormAuthTester.zip
> >> >>
> >> >> --
> >> >> HTH,
> >> >> ---
> >> >> Teo Lachev, MVP, MCSD, MCT
> >> >> "Microsoft Reporting Services in Action"
> >> >> "Applied Microsoft Analysis Services 2005"
> >> >> Home page and blog: http://www.prologika.com/
> >> >> ---
> >> >> "Dawit T." <DawitT@.discussions.microsoft.com> wrote in message
> >> >> news:2CB76DF1-3053-417B-8ED2-1A4A95B55862@.microsoft.com...
> >> >> > We have successfully implemented Forms Authentication using Custom
> >> >> > Security
> >> >> > Extension. It works fine except the RS Script Utility unable to
> >> >> > deploy
> >> >> > reports either locally on the report server itself or remotely from
> >> >> > workstation.
> >> >> >
> >> >> > I could not connect to the report server. The command I used:
> >> >> >
> >> >> > rs -s http://reportservername/reportserver -i PublishReports.rss -u
> >> >> > username
> >> >> > -p password
> >> >> >
> >> >> > The error message: Could not connect to server:
> >> >> > http://reportservername/ReportServer/ReportService2005.asmx
> >> >> >
> >> >> > I'm not sure how the authentication ticket works with the rs
> >> >> > utility.
> >> >> >
> >> >> > Thanks,
> >> >> > Dawit T.
> >> >>
> >> >>
> >> >>
> >>
> >>
> >>
>
>|||But you have to call LogonUser API first. I would expect that after this
call the management proxy to return the cookie. Well, worst come to worse,
you can whip out your own console app (rsex.exe :-0).
--
HTH,
---
Teo Lachev, MVP, MCSD, MCT
"Microsoft Reporting Services in Action"
"Applied Microsoft Analysis Services 2005"
Home page and blog: http://www.prologika.com/
---
"Dawit T." <DawitT@.discussions.microsoft.com> wrote in message
news:46897D4A-0094-4154-8301-EA3158D5508E@.microsoft.com...
> Yes, it is a very helpful sample! Thanks again.
> RS variable exposes CookieContainer property. The problem is to catch the
> auth cookie first time when rs utility gets authenticated by the web
> service
> proxy.
> Command line rs authentication occurs using:
> rs -s http://reportservername/reportserver -i PublishReports.rss -u
> username
> -p password
> How do I also send the stored cookie with the request, eg during
> rs.CreateFolder(parentFolder, "/", Nothing) operation?
> Thanks,
> Dawit.
> "Teo Lachev [MVP]" wrote:
>> Yeah, this is too helpful, isn't it? You can't also create custom classes
>> in
>> the rss script. Here is something you can try.
>> The rs variable should inherit from SoapHttpClientProtocol because it is
>> a
>> web service proxy. As such, it exposes a CookieContainer property which
>> allows you to set or get cookies. In other words, instead of inheriting
>> from
>> the proxy, see if you could manage the auth cookie directly. I haven't
>> tried
>> it so it may not work.
>> --
>> HTH,
>> ---
>> Teo Lachev, MVP, MCSD, MCT
>> "Microsoft Reporting Services in Action"
>> "Applied Microsoft Analysis Services 2005"
>> Home page and blog: http://www.prologika.com/
>> ---
>> "Dawit T." <DawitT@.discussions.microsoft.com> wrote in message
>> news:C342EE4D-EC1B-43BB-97DB-2FC2B8949AE1@.microsoft.com...
>> > Thanks for your immediate response.
>> >
>> > I could be able to run the sample in RS 2005 and converted it into
>> > VB.Net.
>> > Now, I'm to run it as RS script. However, I've face some basic issues:
>> >
>> > 1. I think rs instance (ReportServiceProxy) is created by the RS
>> > Utility
>> > and the script uses it by referencing what the environment provided
>> > (rs).
>> > How
>> > can I intercept the rs call to another instance that
>> > implemented/overriden
>> > the default GetWebRequest & GetWebResponse for the cookie management?
>> >
>> > 2. RS Utility runs code between Public Sub Main()...End Sub. Can I
>> > import
>> > or reference the custom ReportServiceProxy? Can there be two
>> > ReportServiceProxy instances, one created by RS Utility another by the
>> > script? How do I make RS utility be aware of the custome proxy?
>> >
>> > Thanks,
>> > Dawit.
>> >
>> > "Teo Lachev [MVP]" wrote:
>> >
>> >> Forms Authentication hasn't changed in RS 2005. However, the web
>> >> service
>> >> APIs have been split into two web services -Management and Execution.
>> >> I
>> >> am
>> >> not sure if my sample will compile at all with RS 2005 once you
>> >> dereference
>> >> the web service. Give it a try.
>> >> --
>> >> HTH,
>> >> ---
>> >> Teo Lachev, MVP, MCSD, MCT
>> >> "Microsoft Reporting Services in Action"
>> >> "Applied Microsoft Analysis Services 2005"
>> >> Home page and blog: http://www.prologika.com/
>> >> ---
>> >> "Dawit T." <DawitT@.discussions.microsoft.com> wrote in message
>> >> news:1C95ECDD-FDCE-4BE0-983C-C82A4C855B88@.microsoft.com...
>> >> > Thanks. Actually, I'm using RS 2005. What change do I need to make
>> >> > the
>> >> > sample
>> >> > work in RS 2005?
>> >> >
>> >> > "Teo Lachev [MVP]" wrote:
>> >> >
>> >> >> You need to retrieve and cache the cookie and pass it manually with
>> >> >> each
>> >> >> request just like you would do with WinForm applications. With
>> >> >> web-based
>> >> >> access, the browser does it for you. With other clients, you are
>> >> >> on
>> >> >> your
>> >> >> own.
>> >> >>
>> >> >> You may find this sample useful (assuming that you use RS 2000).
>> >> >>
>> >> >> http://www.prologika.com/downloads/FormsAuthTester/RsFormAuthTester.zip
>> >> >>
>> >> >> --
>> >> >> HTH,
>> >> >> ---
>> >> >> Teo Lachev, MVP, MCSD, MCT
>> >> >> "Microsoft Reporting Services in Action"
>> >> >> "Applied Microsoft Analysis Services 2005"
>> >> >> Home page and blog: http://www.prologika.com/
>> >> >> ---
>> >> >> "Dawit T." <DawitT@.discussions.microsoft.com> wrote in message
>> >> >> news:2CB76DF1-3053-417B-8ED2-1A4A95B55862@.microsoft.com...
>> >> >> > We have successfully implemented Forms Authentication using
>> >> >> > Custom
>> >> >> > Security
>> >> >> > Extension. It works fine except the RS Script Utility unable to
>> >> >> > deploy
>> >> >> > reports either locally on the report server itself or remotely
>> >> >> > from
>> >> >> > workstation.
>> >> >> >
>> >> >> > I could not connect to the report server. The command I used:
>> >> >> >
>> >> >> > rs -s http://reportservername/reportserver -i
>> >> >> > PublishReports.rss -u
>> >> >> > username
>> >> >> > -p password
>> >> >> >
>> >> >> > The error message: Could not connect to server:
>> >> >> > http://reportservername/ReportServer/ReportService2005.asmx
>> >> >> >
>> >> >> > I'm not sure how the authentication ticket works with the rs
>> >> >> > utility.
>> >> >> >
>> >> >> > Thanks,
>> >> >> > Dawit T.
>> >> >>
>> >> >>
>> >> >>
>> >>
>> >>
>> >>
>>|||I apprecaite if Reporting Service team fix RS Scripting utility to make it
Forms Authentication aware. It looks like RS utility does not have that
feature or it is a bug.
Expecting to hear from RS team.
Thanks for all your help,
Dawit.
"Teo Lachev [MVP]" wrote:
> But you have to call LogonUser API first. I would expect that after this
> call the management proxy to return the cookie. Well, worst come to worse,
> you can whip out your own console app (rsex.exe :-0).
> --
> HTH,
> ---
> Teo Lachev, MVP, MCSD, MCT
> "Microsoft Reporting Services in Action"
> "Applied Microsoft Analysis Services 2005"
> Home page and blog: http://www.prologika.com/
> ---
> "Dawit T." <DawitT@.discussions.microsoft.com> wrote in message
> news:46897D4A-0094-4154-8301-EA3158D5508E@.microsoft.com...
> > Yes, it is a very helpful sample! Thanks again.
> >
> > RS variable exposes CookieContainer property. The problem is to catch the
> > auth cookie first time when rs utility gets authenticated by the web
> > service
> > proxy.
> >
> > Command line rs authentication occurs using:
> > rs -s http://reportservername/reportserver -i PublishReports.rss -u
> > username
> > -p password
> >
> > How do I also send the stored cookie with the request, eg during
> > rs.CreateFolder(parentFolder, "/", Nothing) operation?
> >
> > Thanks,
> > Dawit.
> >
> > "Teo Lachev [MVP]" wrote:
> >
> >> Yeah, this is too helpful, isn't it? You can't also create custom classes
> >> in
> >> the rss script. Here is something you can try.
> >>
> >> The rs variable should inherit from SoapHttpClientProtocol because it is
> >> a
> >> web service proxy. As such, it exposes a CookieContainer property which
> >> allows you to set or get cookies. In other words, instead of inheriting
> >> from
> >> the proxy, see if you could manage the auth cookie directly. I haven't
> >> tried
> >> it so it may not work.
> >> --
> >> HTH,
> >> ---
> >> Teo Lachev, MVP, MCSD, MCT
> >> "Microsoft Reporting Services in Action"
> >> "Applied Microsoft Analysis Services 2005"
> >> Home page and blog: http://www.prologika.com/
> >> ---
> >> "Dawit T." <DawitT@.discussions.microsoft.com> wrote in message
> >> news:C342EE4D-EC1B-43BB-97DB-2FC2B8949AE1@.microsoft.com...
> >> > Thanks for your immediate response.
> >> >
> >> > I could be able to run the sample in RS 2005 and converted it into
> >> > VB.Net.
> >> > Now, I'm to run it as RS script. However, I've face some basic issues:
> >> >
> >> > 1. I think rs instance (ReportServiceProxy) is created by the RS
> >> > Utility
> >> > and the script uses it by referencing what the environment provided
> >> > (rs).
> >> > How
> >> > can I intercept the rs call to another instance that
> >> > implemented/overriden
> >> > the default GetWebRequest & GetWebResponse for the cookie management?
> >> >
> >> > 2. RS Utility runs code between Public Sub Main()...End Sub. Can I
> >> > import
> >> > or reference the custom ReportServiceProxy? Can there be two
> >> > ReportServiceProxy instances, one created by RS Utility another by the
> >> > script? How do I make RS utility be aware of the custome proxy?
> >> >
> >> > Thanks,
> >> > Dawit.
> >> >
> >> > "Teo Lachev [MVP]" wrote:
> >> >
> >> >> Forms Authentication hasn't changed in RS 2005. However, the web
> >> >> service
> >> >> APIs have been split into two web services -Management and Execution.
> >> >> I
> >> >> am
> >> >> not sure if my sample will compile at all with RS 2005 once you
> >> >> dereference
> >> >> the web service. Give it a try.
> >> >> --
> >> >> HTH,
> >> >> ---
> >> >> Teo Lachev, MVP, MCSD, MCT
> >> >> "Microsoft Reporting Services in Action"
> >> >> "Applied Microsoft Analysis Services 2005"
> >> >> Home page and blog: http://www.prologika.com/
> >> >> ---
> >> >> "Dawit T." <DawitT@.discussions.microsoft.com> wrote in message
> >> >> news:1C95ECDD-FDCE-4BE0-983C-C82A4C855B88@.microsoft.com...
> >> >> > Thanks. Actually, I'm using RS 2005. What change do I need to make
> >> >> > the
> >> >> > sample
> >> >> > work in RS 2005?
> >> >> >
> >> >> > "Teo Lachev [MVP]" wrote:
> >> >> >
> >> >> >> You need to retrieve and cache the cookie and pass it manually with
> >> >> >> each
> >> >> >> request just like you would do with WinForm applications. With
> >> >> >> web-based
> >> >> >> access, the browser does it for you. With other clients, you are
> >> >> >> on
> >> >> >> your
> >> >> >> own.
> >> >> >>
> >> >> >> You may find this sample useful (assuming that you use RS 2000).
> >> >> >>
> >> >> >> http://www.prologika.com/downloads/FormsAuthTester/RsFormAuthTester.zip
> >> >> >>
> >> >> >> --
> >> >> >> HTH,
> >> >> >> ---
> >> >> >> Teo Lachev, MVP, MCSD, MCT
> >> >> >> "Microsoft Reporting Services in Action"
> >> >> >> "Applied Microsoft Analysis Services 2005"
> >> >> >> Home page and blog: http://www.prologika.com/
> >> >> >> ---
> >> >> >> "Dawit T." <DawitT@.discussions.microsoft.com> wrote in message
> >> >> >> news:2CB76DF1-3053-417B-8ED2-1A4A95B55862@.microsoft.com...
> >> >> >> > We have successfully implemented Forms Authentication using
> >> >> >> > Custom
> >> >> >> > Security
> >> >> >> > Extension. It works fine except the RS Script Utility unable to
> >> >> >> > deploy
> >> >> >> > reports either locally on the report server itself or remotely
> >> >> >> > from
> >> >> >> > workstation.
> >> >> >> >
> >> >> >> > I could not connect to the report server. The command I used:
> >> >> >> >
> >> >> >> > rs -s http://reportservername/reportserver -i
> >> >> >> > PublishReports.rss -u
> >> >> >> > username
> >> >> >> > -p password
> >> >> >> >
> >> >> >> > The error message: Could not connect to server:
> >> >> >> > http://reportservername/ReportServer/ReportService2005.asmx
> >> >> >> >
> >> >> >> > I'm not sure how the authentication ticket works with the rs
> >> >> >> > utility.
> >> >> >> >
> >> >> >> > Thanks,
> >> >> >> > Dawit T.
> >> >> >>
> >> >> >>
> >> >> >>
> >> >>
> >> >>
> >> >>
> >>
> >>
> >>
>
>

RS web farm installation problem

Hi,
we have a web farm of two IIS servers, running under Windows 2003. Because of the security requirements, the servers are not part of a domain. After installing the Reporting Services on both machines, we have an activation problem: activation of the second server de-activates the first one and vice versa.
Following configuration is being used:
- Mirrored windows accounts are used to run RS windows and web services
- A SQL account is used to connect to the ReportServer database
- A mirrored account with RS administrative privileges is used to connect to another Report Server in the web farm
Is it possible at all to install the Reporting Server in such a configuration?
Please advise.
--
Regards,
Alex Korygin.do you copy the config files?
or do you use the rsconfig tool to setup the RS database connection?
Because RS generates an encrypted key at startup. This key is unique for
each computer.
Also, do you use the enterprise edition?
"Alex Korygin" <AlexKorygin@.discussions.microsoft.com> a écrit dans le
message de news:EDE0C681-C3D2-4BCC-A853-EEEA0312CAC5@.microsoft.com...
> Hi,
> we have a web farm of two IIS servers, running under Windows 2003. Because
of the security requirements, the servers are not part of a domain. After
installing the Reporting Services on both machines, we have an activation
problem: activation of the second server de-activates the first one and vice
versa.
> Following configuration is being used:
> - Mirrored windows accounts are used to run RS windows and web services
> - A SQL account is used to connect to the ReportServer database
> - A mirrored account with RS administrative privileges is used to connect
to another Report Server in the web farm
> Is it possible at all to install the Reporting Server in such a
configuration?
> Please advise.
> --
> Regards,
> Alex Korygin.|||Jéjé,
I'm sorry for not responding earlier. We use rsconfig utility to activate the Reporting Servers. And yes, we have the Enterprise edition installed. Does it have anything to do with the fact that we use mirrored accounts and domain names of each account are different?
There must be some way to work around. I hope we do not need a domain to get it working; not having the domain in the production environment is a commonly used case. Thanks.
--
Regards,
Alex Korygin.
"Jéjé" wrote:
> do you copy the config files?
> or do you use the rsconfig tool to setup the RS database connection?
> Because RS generates an encrypted key at startup. This key is unique for
> each computer.
> Also, do you use the enterprise edition?
>
> "Alex Korygin" <AlexKorygin@.discussions.microsoft.com> a écrit dans le
> message de news:EDE0C681-C3D2-4BCC-A853-EEEA0312CAC5@.microsoft.com...
> > Hi,
> >
> > we have a web farm of two IIS servers, running under Windows 2003. Because
> of the security requirements, the servers are not part of a domain. After
> installing the Reporting Services on both machines, we have an activation
> problem: activation of the second server de-activates the first one and vice
> versa.
> > Following configuration is being used:
> > - Mirrored windows accounts are used to run RS windows and web services
> > - A SQL account is used to connect to the ReportServer database
> > - A mirrored account with RS administrative privileges is used to connect
> to another Report Server in the web farm
> >
> > Is it possible at all to install the Reporting Server in such a
> configuration?
> > Please advise.
> >
> > --
> > Regards,
> >
> > Alex Korygin.
>
>

RS Security rsAccessDenied

Hi all,

I'm new to reporting services and having a nightmare with setting up the security. The problem is as follows:

I have been forced to allow anonymous access on IIS6 but have a requirement where some sub reports need to be secure because they are of a sensitive nature. When I remove anonymous access from the secure reports and add specific active directory accounts, it works fine if I am logged on to active directory with that account. Most of our users are not in AD and will just get an rsAccessDenied message. I need RS to prompt for a username and password. I can achieve this by specifying that the user provides a username and password on the shared data source, but this doesn't give much flexibility.

The primary data source is on another server with more servers to be referenced in the near future. All servers are in active directory.

I have told my developers that they will probably need to use custom security extentions, but they want to avoid this route if possible.

I did have another workarround by setting up another virtual directory referencing the same reporting services folder and removing anonymous access, which kind of worked. The problem I found was that something kept caching the users connection credentials, and if you want to a different secure report you got the rsAccessDenied message.

I just want a login prompt, please help!

Andy

Hi Andy

I'll take a stab at a portion of your question, though I see there are several layers to your question so take this for what it is worth. I have not used the AD features of RS, but have some knowledge of it.

DON'T use shared data sources. I have one setup with stored procedures and in the properties for those (in Visual Studio where you specify that it is the data source) click the option to prompt the user for ctheir SQL Server credentials (which I am guessing are pulled in via AD in your case). I am not sure what it would do for your subreports as you might have several data sources with different permissions. You could end up with one prompts for credentials for each data source where you specified to prompt.

I am curious how this turns out, please post your results.|||

Thanks for the reply.

Not sure that I explained myself properly, but I've now got a working solution.

RS is configured to use a virtual directory called securereportserver using windows authentication. I also have a duplicate virtual directory called reportserver which allows anonymous access (in IIS). All the public reports are configured in RS as anonymous access allowed, where as the secure reports are restricted to various AD groups. When users connect to the secure reports area they are prompted for a windows password, then when authenticated they are only able to see reports they have access to, including public reports. All other users connect to the anonymous report server virtual directory where no passwords are required.

I originally wanted RS to force a prompt for password when a user tried to access a secure report, but would just get RSAccessDenied.

The above solution works fine though.

Thanks again.

RS Security Best Practices

Dear Anyone,

Does anyone know where I can find some papers regarding best practices on how to implement security in reporting services?

Thanks,

Joseph

Books Online should be a good start for overview. There is a whitepaper on how to develop a custom security extensions, but that might be beyone what you're looking for. If you have specific questions, please ask.

-Lukasz

This posting is provided "AS IS" with no warranties, and confers no rights.

RS Scripting utility does not work with Forms Authentication

We have successfully implemented Forms Authentication using Custom Security
Extension. It works fine except the RS Script Utility unable to deploy
reports either locally on the report server itself or remotely from
workstation.
I could not connect to the report server. The command I used:
rs -s http://reportservername/reportserver -i PublishReports.rss -u username
-p password
The error message: Could not connect to server:
http://reportservername/ReportServer/ReportService2005.asmx
This occurs under SSRS 2005 & VS 2005.
Tried Solution: Is to cache and retrieve the cookie and pass it manually
with each
request just like WinForm applications. However, once the RS utility logs
in, it will be too late for any script to catch the authentication cookie,
even by calling rs.LogonUser API.
Question: It looks like RS utility does not support Forms Authentication or
it is a bug.
Would there be a fix by Reporting Service team to make RS Scripting utility
work with Forms Authentication?
Thanks for your help,
Dawit T.Unfortunately, it's a limitation of the RS utility, which has been the case
since SQL 2000.
--
Cheers,
'(' Jeff A. Stucker
\
Senior Consultant
www.rapidigm.com
"Dawit T." <DawitT@.discussions.microsoft.com> wrote in message
news:76EDBB9F-4B08-4BFF-A471-12C9CCA3A817@.microsoft.com...
> We have successfully implemented Forms Authentication using Custom
> Security
> Extension. It works fine except the RS Script Utility unable to deploy
> reports either locally on the report server itself or remotely from
> workstation.
> I could not connect to the report server. The command I used:
> rs -s http://reportservername/reportserver -i PublishReports.rss -u
> username
> -p password
> The error message: Could not connect to server:
> http://reportservername/ReportServer/ReportService2005.asmx
> This occurs under SSRS 2005 & VS 2005.
> Tried Solution: Is to cache and retrieve the cookie and pass it manually
> with each
> request just like WinForm applications. However, once the RS utility logs
> in, it will be too late for any script to catch the authentication cookie,
> even by calling rs.LogonUser API.
> Question: It looks like RS utility does not support Forms Authentication
> or
> it is a bug.
> Would there be a fix by Reporting Service team to make RS Scripting
> utility
> work with Forms Authentication?
>
> Thanks for your help,
> Dawit T.

RS on the Internet - security issues

Hi there,

We are looking at making RS over the web for a client.

Is is safe to put RS on the web? Is it possible to provide adequate security for complete peace of mind - ssl etc? Or does another security layer have to be placed over it?

Advice, thoughts, and some pointers would be greatly appreciated!!

Many thanks

Chris

It is relatively safe, to a point. Check out this article:

http://msdn2.microsoft.com/en-us/library/ms157198.aspx

for a summary of SSRS authentication options.

Integrated Windows authentication is not sent in plain text, and it is controlled by IIS, not RS. But you can only use integrated (NTLM) authentication in IE.

sluggy

|||

Reporting services supports SSL.

For authentication, you can either:

1. use forms based authentication - take a look at the sample that comes with RS 2005 or

2. use the built-in Windows authentication if you want to give your users access to your domain.

In general RS 2005 is safer/easier to deploy in internet facing scenarios than RS 2000. See the following article for some more information.

http://blogs.msdn.com/tudortr/archive/2005/11/03/488731.aspx

The safest option is to only expose report manager outside of the firewall.

There will be more information on this topic in an upcoming MSDN doc refresh.

Thanks

Tudor Trufinescu

|||

Thanks Tudor,

To put into context, we are looking at putting a server into a datacentre, putting SQL and RS onto it, and RS making available to clients.

If we use windows authentication (with SSL?), would you consider this to be a secure environment? Considering the context, would it be a problem if clients have access to our domain? Could we set up their user accounts so that they would only be able to access our site via a browser into RS?

Regards

Chris

RS Forms Authentication single sign-on problem

I am trying to implement the forms authentication (using the MSDN custom
security extension), to enable a single sign-on (SSO) between our web
application and RS. SSO works fine when both application and RS are on the
same machine. However, I haven't made SSO work when RS is on a different
machine. The RS login page always asks for credentials everytime I try to
generate a report through URL.
Based on some posts here, and MSDN suggestions, I have:
1. Modified the TranslateCookie methods and explicitly assigned our domain
name to netCookie.domain, and remove the conditional statements right after
it.
netCookie.domain = ".domain";
note: I am still testing on local domains (computername.domain). I
wonder if this is causing the problems. When deployed to production, this
will be something like appname.domain.com and reports.domain.com.
netCookie.domain = ".domain.com";
2. Modified both (our app and RS) web.config to have identical keys, based
on MSDN suggestion below.
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/cpguide/html/cpconformsauthenticationacrossapplications.asp
3. Changed SessionState to "StateServer". Is this really needed?
Am I missing something else? I have included the IIS logs for more
information. RS is installed on a Win2K server and is not (yet) using SSL.
Need help badly. TIA.
#----
--
#Software: Microsoft Internet Information Services 5.0
#Version: 1.0
#Date: 2004-08-06 05:52:27
#Fields: date time c-ip cs-username s-ip s-port cs-method cs-uri-stem
cs-uri-query sc-status sc-win32-status cs(Cookie)
2004-08-06 05:52:27 192.168.15.14 - 192.168.15.156 80 GET /Default.htm - 200
0 -
2004-08-06 13:49:34 192.168.15.27 - 192.168.15.156 80 POST
/reportserver/ReportService.asmx - 200 0 -
2004-08-06 13:49:34 192.168.15.27 - 192.168.15.156 80 POST
/reportserver/ReportService.asmx - 200 0
sqlAuthCookie=09D2336BF9DC41B35067D85F16F19C522D5C1F393C96D4956B795C69DD69F2
CD7708825305DDA8C10E3489937AEE3D8FA1F8976C88A848B1775351841B8A3BE9
2004-08-06 13:49:34 192.168.15.27 - 192.168.15.156 80 POST
/reportserver/ReportService.asmx - 200 0
sqlAuthCookie=09D2336BF9DC41B35067D85F16F19C522D5C1F393C96D4956B795C69DD69F2
CD7708825305DDA8C10E3489937AEE3D8FA1F8976C88A848B1775351841B8A3BE9
#----
--Addendum:
I have viewed the IIS logs on both client machine (where web app is) and RS
server. It seems that the sqlAuthCookie was passed backed properly, from
the RS server, yet it still asks for credentials. See below.
IIS log from RS server:
2004-08-06 13:49:34 192.168.15.155 - 192.168.15.156 80 POST
/reportserver/ReportService.asmx - 200 0
sqlAuthCookie=09D2336BF9DC41B35067D85F16F19C522D5C1F393C96D4956B795C69DD69F2
CD7708825305DDA8C10E3489937AEE3D8FA1F8976C88A848B1775351841B8A3BE9
IIS log from client machine:
2004-08-06 13:49:34 192.168.15.155 POST /AAWeb/Login.aspx 302 0
ASP.NET_SessionId=3fhfoi55rbf4fiuvhaasi3rz
2004-08-06 13:49:34 192.168.15.155 GET /aaweb/default.aspx 200 0
ASP.NET_SessionId=3fhfoi55rbf4fiuvhaasi3rz;+sqlAuthCookie=09D2336BF9DC41B350
67D85F16F19C522D5C1F393C96D4956B795C69DD69F2CD7708825305DDA8C10E3489937AEE3D
8FA1F8976C88A848B1775351841B8A3BE9;+ASPXAUTH=D1226A0765C1A3CD447D1F329197886
8DB7478ED7CD849801633588BE5E6FF434B90ECF0344099C2E9341CD4F700AD5ADCDE0EC8F72
6B225E630F46A6947658C30AD53F0E628F6D1
"TechnoSpyke" <technospyke@.yahoo.com> wrote in message
news:OYRMCt8eEHA.704@.TK2MSFTNGP09.phx.gbl...
> I am trying to implement the forms authentication (using the MSDN custom
> security extension), to enable a single sign-on (SSO) between our web
> application and RS. SSO works fine when both application and RS are on
the
> same machine. However, I haven't made SSO work when RS is on a different
> machine. The RS login page always asks for credentials everytime I try to
> generate a report through URL.
> Based on some posts here, and MSDN suggestions, I have:
> 1. Modified the TranslateCookie methods and explicitly assigned our
domain
> name to netCookie.domain, and remove the conditional statements right
after
> it.
> netCookie.domain = ".domain";
> note: I am still testing on local domains (computername.domain). I
> wonder if this is causing the problems. When deployed to production, this
> will be something like appname.domain.com and reports.domain.com.
> netCookie.domain = ".domain.com";
> 2. Modified both (our app and RS) web.config to have identical keys,
based
> on MSDN suggestion below.
>
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/cpguide/html/cpconformsauthenticationacrossapplications.asp
> 3. Changed SessionState to "StateServer". Is this really needed?
> Am I missing something else? I have included the IIS logs for more
> information. RS is installed on a Win2K server and is not (yet) using
SSL.
> Need help badly. TIA.
>
#----
> --
> #Software: Microsoft Internet Information Services 5.0
> #Version: 1.0
> #Date: 2004-08-06 05:52:27
> #Fields: date time c-ip cs-username s-ip s-port cs-method cs-uri-stem
> cs-uri-query sc-status sc-win32-status cs(Cookie)
> 2004-08-06 05:52:27 192.168.15.14 - 192.168.15.156 80 GET /Default.htm -
200
> 0 -
> 2004-08-06 13:49:34 192.168.15.27 - 192.168.15.156 80 POST
> /reportserver/ReportService.asmx - 200 0 -
> 2004-08-06 13:49:34 192.168.15.27 - 192.168.15.156 80 POST
> /reportserver/ReportService.asmx - 200 0
>
sqlAuthCookie=09D2336BF9DC41B35067D85F16F19C522D5C1F393C96D4956B795C69DD69F2
> CD7708825305DDA8C10E3489937AEE3D8FA1F8976C88A848B1775351841B8A3BE9
> 2004-08-06 13:49:34 192.168.15.27 - 192.168.15.156 80 POST
> /reportserver/ReportService.asmx - 200 0
>
sqlAuthCookie=09D2336BF9DC41B35067D85F16F19C522D5C1F393C96D4956B795C69DD69F2
> CD7708825305DDA8C10E3489937AEE3D8FA1F8976C88A848B1775351841B8A3BE9
>
#----
> --
>