I have enabled the Business Intelligence center in my sharepoint site. Once i done that. I tried clicking the "RUN DASHBOARD DESIGNER". It is not opening the dashboard designer.exe.
It is showing me the error "Cannot retreive application. Authentication Error"
The remote server returned an error: (401) Unauthorized.
I am using Sharpoint server 2010. To run this.
This usually happens when the machine on which you are opening Dashboard Designer is not joined to the same domain as PerformancePoint Server machine. Another common issue is that Windows/IE is not remembering your credentials to pass them to the application. See this MSDN thread for more info on that.
To solve this, you should ensure you
add the site to Local Intranet / Trusted Sites on IE and
you add the credentials you use to access your SharePoint site to Windows
Credentials Manager.
Related
I just installed the latest version of SyncFusion Report Server and am running it in Microsoft IIS / Server 2016.
I created a subdomain (reports.mydomain.com) and created a binding in iis. I can hit that website and it opens the login page for the syncFusion report server.
When I go to my website (reports.myWebsite.com) I get the standard login for syncFusion. I then login with my SyncFusion credentials and it then prompts me with a server login. I can't figure out how to get around this server login prompt. If I use my server credentials and login then it works but I don't want to have to do that. The report server is running under port 57240.
Just for testing purposes, my firewall is completely disabled and I gave full access to the report server's application pool to the SyncFusion directory.
I created an iis binding for port 57240 and a binding for reports.mydomain.com on port 80.
SyncFusion does offer the ability to use windows authentication to login. I am curious if it is trying to windows authenticate first before basic authenticate. Thoughts?
I just got off the phone with Syncfusion and it turns out that SQL Server Reporting Services automatically registers the URL /reports. I switched my ssrs url to /ssrsreports and everything is now working.
A big thanks to Syncfusion for setting up a GoToMeeting and figuring this out for me!
Check whether the Authentication of your application is set by this way ?
(Open IIS -> Select your Web Application -> Double click on the “Authentication” listed in the main panel)
i. Windows Authentication and ASP.NET Impersonation should be Disabled
ii. Forms Authentication and Anonymous Authentication should be Enabled
Our SharePoint environment uses Claims Based Authentication - using
FBA for external users and AD for internal users.
I have not been able to connect using default credentials or Windows
authentication to a test SharePoint site using the SharePoint Client
Side Object Model (CSOM). I am able to connect using an FBA user but
require connecting using default credentials (assuming this is the
app pool id tied to the SharePoint application) or at least an AD
account.
The message I get when executing ClientContext.ExecuteQuery is - Cannot Contact Site at the Specified URL. I
have researched this extensively and have tried numerous suggestions including the following:
Using an event handler tied to the clientContext.ExecutingWebRequest
which adds to the WebRequest headers. Solution found here
https://social.technet.microsoft.com/Forums/office/en-US/16cd0e26-8f3b-4ef2-bac4-c2c59849ab96/authentication-in-clientcontext-in-sharepoint-2010?forum=sharepointdevelopmentprevious.
Using System.Net.CredentialCache.DefaultCredentials
Using System.Net.NetworkCredential passing in AD account
Thanks for any ideas or suggestions.
Tom
I should have mentioned that we are using SharePoint 2010 and that I'm trying to retrieve and update user profile properties. As I was beginning to code a solution to do this (using my FBA connected ClientContext), I read that in SharePoint 2010, you can only update user properties using the UserGroup web service. I get an Access Denied when trying to connect via the web service. I believe the ClientContext sits on top of the web services so the scenario/issue is the same. Again, any thoughts or suggestions are greatly appreciated.
Well, after much research, it seems that there is a solution. Adding a header to the request programmatically is the first step. The only issue is that in addition to adding the header, you must add an additional Windows authentication zone to SharePoint. I do not want to add another zone to our production environment.
Since the program I'm putting together accesses SharePoint and non-SharePoint databases, I would like to run it on a non-SharePoint server so I will most likely use an FBA account that is specifically created for this purpose.
In case anyone is interested, here is another link explaining how to add the header to the web request. You will receive an error - Object Moved without adding an additional zone. Here is a link which describes adding a zone.
I've managed to setup two virtual machines in my local windows 7 laptop. Both of them are Windows server 2008 R2. One acts as Active Directory Domain controller and also as Active Directory Federation Services, and one other as the web app server. This second one is where I've set up my claims aware asp.net mvc web application and I also plan to setup ThinkTecture Identity Server later as my way to authenticate against custom username and password outside AD.
I've successfully implemented the installation and configuration needed for connecting our ASP.NET MVC apps through ADFS. They include :
Configure first server as Domain Controller and add domain account store (add user as testing -> this user belongs to Domain Users Group).
Configure first server also as active directory federation services.
configure relying party trust identifier from federation metadata generated from FedUtil.exe in second server.
Configure group claim mapping and assign Domain Users to this group.
Configure web apps server to be claims aware agent.
The one that's always troubled me is that every time I access my apps, it successfully prompts login dialog box. Once I enter My AD account and password, it always gives me the following error message : "There was a problem accessing the site. Try to browse to the site again.
If the problem persists, contact the administrator of this site and provide the reference number to identify the problem.
Reference number: c558ed55-b203-42cc-b6bd-3d66bddb96cd".
Any idea from you guys how to get this to work?? Any suggestion and ideas will be highly appreciated.
Have you looked in the event log?
Open Event Viewer > Go to Applications and Services Logs > AD FS 2.0
You'll see an list of errors which should give you some more guidance.
If you see the ADFS login screen, you can get to ADFS so I suspect it's something to do with your RP configuration.
Just to check - you are using ADFS 2.0 which you downloaded?
I have an WinJS metro application that I'm using to connect to a remote webservice that same domain. I read up on the app manifest capability (well the little that is present online) and was hoping that I would be able to use the logged in users credentials to access this webservice without requiring them to login.
I'm trying to authenticate to the webservice via a post using a contentType: "application/x-www-form-urlencoded;charset='utf-8'". This application was previously a website that would prompt the user for login credentials in the authentication step using the aforementioned post. In the WinJS metro application I'm effectively using the same code (minor tweaks) to achieve the same result.
Has anyone had experience with Enterprise Authentication in a WinJS metro application and could better explain what types of resources I would/wouldn't have access to. I'm hoping this isn't specific to accessing things like file shares and intranet sites.
I had this exact issue as well. After ensuring the following Capabilities were enabled in the package.appxmanifest:
Enterprise Authentication
Internet (Client)
Private Networks (Client & Server)
I had to still add the URL of our web service to Internet Explorer's list of Intranet Sites. Only then did the prompt go away.
I have a working production environment of SQL Server Reporting Services 2008 that is configured for Forms Authentication. I have been trying to setup a new environment that uses the same custom authorization extension dll. Unfortunately, it is not working. The original creators of the dll and environment configuration are not available.
I have verified that the LogonUser method in the extension DLL return true for valid credential and false for invalid credentials. So I know that the DLL is working and configured to access the database correctly.
The logon page is getting a successful return from the LogonUser web service method in Reporting Services, Fiddler shows that it has the authCookie, and it is being redirected to http://myurl/ReportManager/Pages/Folder.aspx as I beleive it should. But when redirected to this page Fiddler shows me that the authCookie is not being sentback out by the browser. Without the auth cookie, Reporting Services goes right back to the custom login page. The same workstation and same browser does not exhibit this behavior when it accesses the working legacy instance.
I struggled over whether this should be here or on Server Fault. I originally chose Server Fault because the extension dll is working in another environment and all of my testing shows that the problem is not in the dll. That lead me to the conslusion that the issue is a Reporting Services configuration issue. However, the complete lack of response on SF (and very few views), and the complete lack of knowledge about forms authentication by my IT department has caused me to reconsider and post the question here on SO.
Thanks in advance,
Jim
Edit
I installed Firefox and a couple of add-ins, then reran my tests. The observed behavior on the surface is identical to IE. However, Fiddler shows that Firefox is sending the auth cookie when it redirects to /ReportManager/Pages/Folder.aspx(as mentioned earlier IE does not do this). But Reporting Services appears to be ignoring it and still redirects to the login page. The cookie editor addin says that the cookie has the name 'authCookie' and the site is "my domain.com".
To me this seems to all be correct except for the fact that RS keeps redirecting to the login page. Why?