Setup and deploy issues 2

[NoCoolHandle]

Ok.. I really know very little about reporting services. Except it runs on IIS and is hosted via SQL and you can author reports via Visual Studio.

I have "installed sql and reporting services" on the system that is the webserver. It also runs Sharepoint services and some other websites.

One of the other websites is where I want to make the reports available from .. (users get to them using a different http headder than the default site)

I have been unable to figure out how to deploy any reports to the webserver. Trying via a URL bombs! Permission errors.

I can't seem to give it a valid login and password. THe server is a win 2003 server. It runs active directory and I have tried to login using my AD username and password. (which is a member of the administrators group).. Any combo of username@domain fails.

I am beginning to understand that I can't just copy the rdl files to the webserver (that would be too easy), and I can't seem to figure out how to get my reports to the webserver.

If in iis i click "browse", I can't. Even in the default site. I get persistant permission errors.

HELP

 

[MisterMo]

Wherever you want the reports to run from must have reporting services installed it will also needs SQL because all the permission and reports info are stored onto a database file

you can create your reports and folder structure from another machine and then deploy them the the proper server.

I guess that is where you're having problems

on that same server than you can create groups that can access your reports and refer to them via the browser.

that is the way I have done it and it works just fine

-Mo

 

[NoCoolHandle]

I might be getting better at describing my problem..

Running W2003
on it is Sharepoint Services..
Install seems good. then when I try to browse
localhost\reports

it returns a 403 error - FORBIDDEN

I have tried to setup an Aspnet useraccount and have it use that, but i keep getting the same error.

Also.. I just can't get the deploy to website to work..but i suspect the issues might be linked..

Any clues?
Thoughts?

 

[Catadmin]

You may have to use the actual server name (not localhost) to get your browser to work.

Also, when you reached the Virtual Directories page, did you install in the default HTTP folder or did you change this?



Catadmin - MCDBA, MCSA
"No, no. Yes. No, I tried that. Yes, both ways. No, I don't know. No again. Are there any more questions?"
-- Xena, "Been There, Done That"

 

[NoCoolHandle]

Catadmin, hi!

I used the default virtual directorys..
Using the actual servername gave the same results.
I have seen some issues that seemed to effect RS2000 regarding the aspnet account. It didn't exist until this morning, but that still seems to have the same result.

I am thinking of removing and reinstalling. However last time i did an uninstall it seemed to have left directorys for SQL and in iis. Should I get rid of them. It also didn't get rid of all the tools. a bit perplexed here.

I am pretty comfortable with aspx setups and don't mind getting into the machine.config or web.config files. My IIS skills have always been pretty good, configuring Mutiple Sites from a single server etc.. ALso pretty familure with normal SQL stuff.. but this....

 

[Catadmin]

So, your account has permissions to the IIS / Virtual directory shares? And you've checked the security for it too?

When you try to deploy, have you checked the deployment properties within the report (in Report Designer) to make sure it's pointing to the correct share?



Catadmin - MCDBA, MCSA
"No, no. Yes. No, I tried that. Yes, both ways. No, I don't know. No again. Are there any more questions?"
-- Xena, "Been There, Done That"

 

[NoCoolHandle]

Cataadmin

thanks.. that solved the 403 error .. I needed to add the aspnet access at the filesystem level.

However now i am getting a new error message

Failed to execute request because the App-Domain could not be created. Error: 0x80070005 Access is denied.

Once again i think it goes back to permissions.. I will dig a bit longer but if you have any ideas as to where to look it would be apprecitate..

however a star for getting me a new error! (i feel like i am getting progress)

 

[MisterMo]

check on the following groups in your web/reporting server

go to computer management/ local users and groups/groups

SQLServer2005ReportServerUser$TLITS05$MSSQLSERVER
and
SQLServer2005ReportingServicesWebServiceUser$yourservername$MSSQLSERVER

these groups are created by reporting services and you can add users to access your reports

add yourself in both.

as I said before you can create groups and refer to them on the reports.

-Mo

 

[NoCoolHandle]

Ok...
wow.. what a tough one.!
I believe the issue (at least the big one) was that this system is also running Sharpoint.

I hit my head against the second error and no assigingin of permissions ever fixed it.. (even full to everyone..argh)

so.. Uninstall and Reinstall - I found an install error somewhere that seemed to effect xp systems, where the soultion was to use the system account rather than a domain account, so decided to try that.

That was even worse.. 403 errors and no permission granting ever fixed that. There was a bug with RS 2000 that said you couldn't install rs with sp, so i set the virtual directory to one of the other sites on my server.

FIXED! no extra permissions needed. (I nearly called MS on this one ... getting very very frustrated toward the end)

Next stupid question..
Is it possible to just copy the rdl and rds files to a directory on the server and have them become available ?
If so.. what direcotry?

 

[MisterMo]

No the reports are stored as binary files onto one of the tables (dbo.catalog)on your ReportServer database.

if you want to use the standard Reporting Services you must deploy the files using .NET



-Mo

 

[NoCoolHandle]

In that case I am once again in the security issues problem.

However I think I am getting closer there. The error I am seeing is the account that is being logged on as dosn't have permission to add a report.

thanks though.. I had the feeling that was the case. but i am getting closer so thanks again for your continued support.

just incase this is of value

Error rsAccessDenied : The permissions granted to user 'XXX\XXXXX' are insufficient for performing this operation.
Deploy complete -- 1 errors, 0 warnings

 

[NoCoolHandle]

Im an idiot, I had dropped the sqlreport groups and when they were recreated I wasn't in them

Thanks again!

 

[NoCoolHandle]

no did that am still getting the same error..

 

[NoCoolHandle]

SUCCESS!!!!!

flaky authentication stuff..
couldn't authenticate with the server unless it was in "Clear text"@!@@##$#
Integrated failed.. no matter how I formatted my userid with domain data.

That caused me to try no authentication and post using the default webuser.

This failed as a password seems to be necessary to deploy reports

So i was suck in a vicious circle - once i set the site to accept clear text authentication I was ok.. I suspect it is something to do with Sharpoint again...

This brings up a quesion...

Can we use forms authentication with reporting services?
Do we need to create NT users for every login, or can we make it work with forms?

TIA

Rob

 

[Catadmin]

Actually, now that you mention the clear text stuff, I remember running into the same problem. And it isn't Sharepoint. It has to do with IIS not translating the forwarded encryption for NT Authentication.

Not sure what you mean by using Forms Authentication, but the way we had to do it was create a SQL Server Login with a password and put that on all our data sources, forcing the reports to use the same SQL Login / Pwd as defined by the data source.



Catadmin - MCDBA, MCSA
"No, no. Yes. No, I tried that. Yes, both ways. No, I don't know. No again. Are there any more questions?"
-- Xena, "Been There, Done That"

 

[NoCoolHandle]

Cat thanks..

The forms authenication thing is an asp.net authentication that isn't part of the Domain Login. Logins would be stored in SQL. This can simplify the creation and management of users/logins and keep them seperated from valid Network users.

Although this site only has one client at the moment, it looks like we may have multiple clients soon. What is sounds like is that we would need an NT login for each potential login to the site. Otherwise I will need to setup a sitewide impersonation.. which I am not sure i favor, and for reporting services not sure how I would pull off.

This potentially sets us up for 2 logins per client..

The other choice is to authenticate using NT logins for every aspect of the site. Maybe easier. But of course then everyone is a valid member of the Domain - of course having a clear text login makes that a dangerous option from the perspective of hackers.

Options.....

Again thanks


Rob

 

[Catadmin]

Glad I could help. @=)

As far as forms authentication, I think you're going to need to utilize the NT stuff (map groups to SQL Server instead of individual NT logins) or just come up with individual SQL Server logins for each client.



Catadmin - MCDBA, MCSA
"No, no. Yes. No, I tried that. Yes, both ways. No, I don't know. No again. Are there any more questions?"
-- Xena, "Been There, Done That"