We need to configure our SSRS 2008R2 installation to use Basic Authentication only. We thought that this would make it impossible for us to use Windows integrated security because according to Books Online and MSDN (http://msdn.microsoft.com/en-us/library/cc281309.aspx), when only Basic Authentication is configured, it is not possible to use Windows Integrated Security on a Data Source (this option should be greyed out on the data source). This is the exact text as mentioned in BOL and on MSDN: After you enable Basic authentication, be aware that users cannot select the Windows integrated security option when setting connection properties to an external data source that provides data to a report. The option will be grayed out in the data source property pages. The strange thing is that this option is NOT greyed out, and it is possible to select Windows integrated security after all. I was suspicious, and ran a trace to see which account would be used to connect to the data source, and it is effectively the account that is used to log-on to SSRS with (using basic authentication). What is happening here? Is the documentation in Books Online and MSDN just plain wrong? And how is SSRS then using the basic-auth account? Is it using the passed credentials to connect to the data source using NTLM or Kerberos? Thanks, Charles

Some extra information... I enabled Kerberos logging on the reporting server, and when I'm authenticating in SSRS with basic authentication, I see some Security-Kerberos events appearing in the System event log. All events have error code "Error Code: 0x19 KDC_ERR_PREAUTH_REQUIRED". This error code can be ignored in most cases (http://answers.microsoft.com/en-us/windows/forum/windows_7-security/error-code-0x19-kdcerrpreauthrequired/ed5fc1db-6a44-4b16-b6b6-5f55e07c9ca4), but I think it also indicates that the reporting server is getting hold of a Kerberos ticket for the provided credentials. It would be nice if someone at Microsoft could explain what implications basic-only authentication now really has, what is happening in the background regarding Kerberos and what limitations basic authentication really puts on using Windows integrated security in Data sources. As far as I can see, the documentation is incorrect, and you can use Windows integrated security after all. /Charles