Error While Passing Credentials from SSRS to Sharepoint Data Source - sharepoint-2010

I am using SSRS 2008 R2 to build a report that uses a Sharepoint list as its data source, to which it is configured to connect using Windows Authentication (Integrated Security). The problem is that when the report is deployed to the Report Server, the SharePoint source rejects the credentials, returning:
An error has occurred during report processing. (rsProcessingAborted)
Query execution failed for dataset 'ListDataset'. (rsErrorExecutingCommand)
An error occurred when accessing the specified SharePoint list. The connection string
might not be valid. Verify that the connection string is correct. (rsSPDataProviderError)
The request failed with HTTP status 401: Unauthorized.
The Sharepoint data source accepts my credentials when I test the report locally in BIDS, but does not accept them after they 'double-hop' from the Report Server. What is the best work-around? Do I need to create a Service Account in SSRS, supply those credentials in the data source within SSRS, and grant the necessary read permissions to the Service Account via Sharepoint? Any suggestions would be greatly appreciated.

This is the same answer to a similar question:
I usually create a user called Reportuser (e.g. reportuser#[domain].com). Create this user on your domain, make sure it has access to SharePoint.
In BIDS/visual studio in the properties for the datasource for your report, under the credentials tab, click the radio button next to "Use Windows Authentication (integrated security)". Upload the datasource to the report manager website. ( You've done this part).
Navigate to the Report manager website, and the properties of the uploaded datasource.
Under the section starting with "Connect using":
Check the "Credentials stored securely in the report server" option
Enter the username and password like this (where domain is replaced with the domain of your network): reportuser#domain.com password
Important part: Tick the "Use as Windows credentials when connecting to the data source"
Test the connection and will work - I have just tested it.

Related

Kusto.Explorer requires secondary account to access azure Log Analytics workspace

I am having a challenge accessing azure LA/AI workspace with desktop Kusto.Exploer. I cannot use RUNAS to invoke my secondary account with credentials, accessing workspace in azure. Note that I am able to do that using dataexplorer.azure.com ( since i am already logged into azure portal). Any help will be appreciated.
Kusto Explorer allows sign in form within the Client itself – using the Connections toolbar : https://learn.microsoft.com/en-us/azure/data-explorer/kusto/tools/kusto-explorer#connections-tab
You can –
Click on ‘Sign-Out from AAD’
Add your cluster again, and now you'll be prompted to Sign In where you can use the creds from your other User Account.
If the issue is that you are logging to the Log Analytics namespace from a different tenant, you can specify it in the cluster connection "advanced connection string" settings and add at the end the applicable tenant guid using the following ";authority id = tenant Guid" syntax, for example:

Getting error while creating groups in Office 365 Admin portal

I have created trial account in MS Dynamic 365 CRM. I have logged and created a new user by making my role into global administrator using Microsoft Office 365 Admin Portal. I have also completed that to successfully. But when I tried to create groups (for user roles) I'm getting error like this
Message: The server was unable to process the request due to an internal error. For more information
about the error, either turn on IncludeExceptionDetailInFaults (either from ServiceBehaviorAttribute
or from the configuration behavior) on the server in order to send the exception
information back to the client, or turn on tracing as per the Microsoft .NET Framework SDK documentation
and inspect the server trace logs.
Your request couldn't be completed. Please try again in a few minutes.
I have tried many time still getting same error.
How can I fix this ?
How can assign user into groups and permissions
Please change the Question subject line - its misleading. Actual security roles creation & assigning users can be done from Settings - Security menu from Dynamics 365 instance url.
But you are facing issues in Office 365 Admin portal. Please try to reach out to contacts in https://www.microsoft.com/en-us/dynamics/crm-customer-center/contact-technical-support.aspx but am not sure will they support trial orgs or not.

publish web application in azure facing permission issue with office365

We are doing Office 365 with asp.net mvc , in this example working fine for local system,(we are using VS2015), when i publish to azure web application its successfully published.
After open the URL click the Email button go to login page and enter the credentials its successfully logged and redirect to mail page now it showing some error message, but local working fine everything.
Please let me know anything required after publish.
Oops you've reached an error!
We weren't able to process the action you requested. This was caused by an exception in the below table:
Exception Cause Action
AdalException This exception is thrown when either you have a stale O365 access token that can cause authentication errors, or you attempted to access a resource that you don't have permissions to access.
You'll may need to refresh the access token. Try signing out and signing back in to the app again, or refreshing the session Click here.
Make sure the app is configured with the correct service permissions in the Services Manager menu. If any of these permissions are not configured, or configured incorrectly, some parts of the app may throw an error. For example Right click the project, select Connected Service..., and ensure the following permissions are set for this app:
(Calendar) – Have full access to users’ calendar and Read users' calendar
(Contacts) – Have full access to users’ contacts and Read users' contacts
(Mail) - Send mail as a user, Read and write access to users' mail, and Read users' mail
(Users and Groups) – Enable sign-on and read users’ profiles.
Thanks,
hemanth

Domino and Xpage, ask to login to access a database, but not authorized

I opened a demo xsp page and a window popped up asking me to input the name and password to login to the domino server. Then I entered my own id and password created in domino, but it didn't work. Only the Administrator name and its password worked. Anybody knows what's the problem? I already edited the corresponding ACL entries.
Thanks!
In order to use a database in a browser (no matter if classic notes web development or Xpages) one needs to meet several requirements.
First of all you need access to all NSF files that are used in the process.
As mentioned by Richard you either need to be mentioned in the ACL (namely or by group membership, or by setting -Default- and/or Anonymous to a level greater than No access).
AND the ACL has to allow Web- Access by not setting the Maximum Internet Name and Password to No Access
But this is not enough.
To be able to do authentication you do not have an ID- file in the browser.
You need a username and password. This password is NOT the password of your ID- file unless the admins choose to synchronize them using a policy.
It is the password stored in your person document in the names.nsf on the server.
But still these points are not enough yet: If you have access to the server with your username and internet password (can be tested by just trying to login to http://yourServer/names.nsf?open&login), then you might still not be able to access the application if -as umeli pointed out in the comment- the signer of the Xpage- application does not have enough rights to sign the XPages (Server document - security).
You see: There is a lot stuff to check. But if all of these points are OK, then access to the database will not be a problem anymore.
I omitted one reason for not beeing able to login because of your error description: If the Session Authentication on your server is configured for Multiple Servers (SSO) then you need to use the fully qualified internet host name of the server in the URL (or at least a hostname, that contains the SSO- domain), otherwise you will be redirected to the loginpage over and over again, even after supplying the right username / password. But as you wrote about a "Window popping up" I am quite sure, that Session authentication on that server is set to "Disabled"
You could be being rejected because of the
ACL of the NSF file not having the level of access required for operations performed in the code on the Xpage. I know you said you edited the ACL, but bear in mind that access also depends on the 'Maximum Internet Name and Password' setting for the NSF.
ACL in other NSF files that are accessed in the code of the Xpage not having the level of access required for operations performed on it by the code. This also includes the 'Maximum Internet Name and Password' setting.

Forms Based Authentication SharePoint 2010 using SSRS HTML viewer

I'm running SSRS in integrated mode (Trusted) and have an issue with trying to use the HTML viewer on a Forms Based Authentication site in Sharepoint 2010. I have found several articles on using the report viewer in FBA; however, to the best of my knowledge, I need to use the HTML viewer as the ultimate goal is to seamlessly produce a PDF file for the end user. The error I'm getting is "401 UNAUTHORIZED An unknown error occurred with the Reporting Services endpoint on this SharePoint site." The Url format I'm submitting is as follows:
http:///_vti_bin/ReportServer?//.rdl&rs:Command=Render&rs:Format=PDF. Some additional information, the request works if I use the default site name and not the forms based name.
So my question is twofold, should I be able to do this in FBA? and if not what is the best route to produce a PDF of the report for the client?
Thanks
First of all, running SSRS with SharePoint is tricky. For SSRS to be able to receive the user credential, it has to be running in kerberos mode. Otherwise, the request to SSRS is made as ANONYMUS LOGON (that's why you are getting a 401).
Now, for the PDF, you have a few options :
Call the SSRS webservice directly and produce a PDF.
Setup a subscription and generate it as PDF, either to filesystem, email, etc.
Do what you are doing now, but with kerberos enabled.