Kerberos, Reporting Services and SharePoint Integrated http 401: Unauthorized
by mysticslayer on Apr.06, 2011, under Active directory, Kerberos, Reporting Services, SharePoint 2010
When it comes to Reporting Services integrated with SharePoint it is difficult to solve problems when you don’t know where to start. Alot of people having issues when solving problems, or configuring Kerberos that way that Windows Integrated security is working properly.
At my work I’ve been at different customers, and still having some problems when it comes to Kerberos, why? Because every environment is different, every server is different, and when it comes to Reporting Services integrated with SharePoint it is some times a hell to fix issues.
So I’ve done multiple integrations with Reporting Services and SharePoint, and yet I know alot about Kerberos. Setting up delegations between App Pools and SSRS, SSRS and SSAS, SSAS and MSSQL, SSRS and MSSQL.
So I’ve ran last monday in a problem with SharePoint and Reporting Services, and why I did I ran into it? Simply, not every environment is configured properly when it comes to DNS, AD, etc.
So I’ve used Fiddler, DelegConfig v1, DelegConfig v2 Beta, ProcessMonitor, but yet I couldn’t figure it out. Even with HTTP streaming, etc I couldn’t see any information. The only thing I could see that was every time I tried I was succesfully logon.
Everytime I get with the integration was the following error: The request failed with HTTP status 401: Unauthorized
Probably everyone that has configured SSRS with SharePoint has seen this error in his life, right? Well If you hit google or bing for it, it will always show Reporting Services Add-In SharePoint. Yes, this is the one everyone is talking about.
Well I used all the tooling a SharePoint dude has to know. But yet I didn’t receive any request on the server running SSRS, and you know why? Because somebody forget to add the http://
July 12th, 2011 on 20:51
Hi,
Now I am setting up Sharepoint Server 2010 reporting with SQL Server 2008R2 Reporting Service. The Sharepoint is in one server, and the sql server and report server are in another box. I think I finish all the steps of configuration and want to generage a fake report in Report Builder 3.0 to test. The datasource is sharepoint_config.
At first, I chose “Windows Authentication” mode. The report could be generated successfully. But when I viewed the report in Sharepoint, it said “The request failed with HTTP status 401: Unauthorized. I checked some instructions for that and changed my mode to “Trusted account”. This time, either when I ran or view the report, a different error said ”
An error has occurred during report processing.
This data source is configured to use Windows integrated security. Windows
integrated security is either disabled for this report server or your report
server is using Trusted Account mode.”
I have read you blog and add http:///reportserver to my intranet. Do you have any suggesstion about what to do for this problem? Thank you!
August 17th, 2011 on 13:19
Hi Lingwen,
When you use Windows Integrated security your first problem is that you’ll be needing Kerberos to enable it. Without Kerberos you can’t use Windows Integrated security.
You’ll be needing Service Principal Names on the ReportServer URL, your SharePoint Server and SQL Server, Analysis Services, etc.
When you decide not to use Kerberos you can use Trusted Execution Account. On even the Shared Data Source as the Central Admin you’ll be needing the Trusted Account settings.
If you have any questions related to Kerberos or whatsoever, please ask.
Regards
April 4th, 2016 on 11:00
I have configured classic authentication with NTLM enabled in sharepoint and in reporting integration its trusted account.
When i create a SQL datasource with windows authentication, i am getting error saying “This data source is configured to use windows integrated security. Windows integrated security is either disabled for this report server or your report server is using Trusted Account
mode.”
Could you please provide step by step procedure to fix this issue.
May 5th, 2016 on 18:31
Hi Shruthi,
My advise is not to go with NTLM and a Trusted Execution account. When you set the security context to Windows Authentication it can not handle your authentication. You have to Disable Windows Authentication and use an Execution account to solve your issue. Please give me some information what you want to achieve?