Hi

I have developed a web application on our intranet that uses embedded SSRS reports. Everything worked fine on the internal web server but I have hit a hurdle after deploying it to our external non domain web server. Normally I would give the server access to the reports via the report manager as follows - DOMAINNAME\SERVERNAME$ 'browser' role. As the web server is not on our domain (for security reasons), SSRS doesn't recognise the name of the server and I can give access. Perhaps I'm not going about this the right way. If anyone can point me in the right direction here, I would be very grateful. Thanks.

Steve

All servers on Windows server 2012

SQL 2014 Standard

IIS 8

Error...

The request failed with HTTP status 401: Unauthorized. 
  Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code. 

 Exception Details: System.Net.WebException: The request failed with HTTP status 401: Unauthorized.

Source Error: 


 An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.  

Stack Trace: 



[WebException: The request failed with HTTP status 401: Unauthorized.]
   Microsoft.Reporting.WebForms.Internal.Soap.ReportingServices2005.Execution.RSExecutionConnection.GetSecureMethods() +228
   Microsoft.Reporting.WebForms.Internal.Soap.ReportingServices2005.Execution.RSExecutionConnection.IsSecureMethod(String methodname) +60
   Microsoft.Reporting.WebForms.Internal.Soap.ReportingServices2005.Execution.RSExecutionConnection.SetConnectionSSLForMethod(String methodname) +16
   Microsoft.Reporting.WebForms.Internal.Soap.ReportingServices2005.Execution.ProxyMethodInvocation.Execute(RSExecutionConnection connection, ProxyMethod`1 initialMethod, ProxyMethod`1 retryMethod) +827
   Microsoft.Reporting.WebForms.SoapReportExecutionService.LoadReport(String report, String historyId) +34
   Microsoft.Reporting.WebForms.ServerReport.EnsureExecutionSession() +175
   Microsoft.Reporting.WebForms.ServerReport.SetParameters(IEnumerable`1 parameters) +162
   PartnerDashboard.ReportViewer.btnViewReport_Click(Object sender, EventArgs e) +6568
   System.Web.UI.WebControls.Button.RaisePostBackEvent(String eventArgument) +155
   System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +3804

 

Hi Steve,

In Reporting Services, if we connect to Report Manager out of domain, then we need provide a domain username and password can we access to it. If you want to skip this step, you can configure anonymous access for the report server. However,anonymous access is not recommended as it may give direct access to your report server or report projects to any one who know the URL of your Reporting Services. But in case you still want to try it, you can refer to the link below to see it:
http://blog.quasarinc.com/ssrs/sql-server-reporting-services-2012-anonymous-access/

If you have any questions, please feel free to ask.

Hi Steve, 

According to your description, when accessing the deployed report out of domain, Reporting Services cannot recognize the account, right? 

In Reporting Services, NTLM authentication is the default. In your scenario, are you using the Negotiate or Kerberos authentication? If so, Negotiate attempts Kerberos authentication first, but falls back to NTLM if Active Directory cannot grant a ticket for the client request to the report server. If the first attempt results in an error rather than a missing ticket, the report server does not make a second attempt. How to configure Kerberos authentication, please refer to the following links: 

Configure Windows Authentication on the Report Server

Enabling Kerberos Authentication for Reporting Services

If you have any question, please feel free to ask. 

Regards,
Shrek Li