By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
431,990 Members | 1,741 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 431,990 IT Pros & Developers. It's quick & easy.

Report Viewer deployment

P: n/a
Hello,

I have created a simple .rdlc report and am showing it using the
ReportViewer control. All works OK on my development PC where I am using
windows authentication and identity impersonate = true. I ran
reportViewer.exe on the development PC.

The prod (intranet) setup has the web server and sql server (2000) on the
same machine. I have got the netwrok team to run redistributable
ReportViewer.exe on the prod server but when I run the report I get a
message saying that [MACHINE]\ASPNET user was denied access. I didn't think
I would have to give ASPNET user any special privileges as we are using
windows authentication.

Can anyone point me in the right direction for setting up a prod server to
run reports ?

thanks
Jul 3 '06 #1
Share this Question
Share on Google+
4 Replies


P: n/a
Does [machine]\aspnet have login and access rights to the database? Probably
not. You must add a login for the aspnet account and then grant it the
necessary rights to the databases that are being accessed for the report.

Make sure, tho, not to give the account more rights than it needs. If
somebody is able to hijack your webpage they would have all the rights to the
database that the aspnet account does. If your reporting software isn't
writing to the database, definitely give the aspnet account read-only access,
etc.

"digbydog" wrote:
Hello,

I have created a simple .rdlc report and am showing it using the
ReportViewer control. All works OK on my development PC where I am using
windows authentication and identity impersonate = true. I ran
reportViewer.exe on the development PC.

The prod (intranet) setup has the web server and sql server (2000) on the
same machine. I have got the netwrok team to run redistributable
ReportViewer.exe on the prod server but when I run the report I get a
message saying that [MACHINE]\ASPNET user was denied access. I didn't think
I would have to give ASPNET user any special privileges as we are using
windows authentication.

Can anyone point me in the right direction for setting up a prod server to
run reports ?

thanks
Jul 3 '06 #2

P: n/a
thanks for the response but I thought that as the data source used for the
report is using a connection from the web.config and that uses windows
authentication + identity impersonate then the user running the page would
be the one running the report ? Does the report viewer authenticate in a
different way and do it via the machine\ASPNET user?
"William Sullivan" <Wi*************@discussions.microsoft.comwrote in
message news:EF**********************************@microsof t.com...
Does [machine]\aspnet have login and access rights to the database?
Probably
not. You must add a login for the aspnet account and then grant it the
necessary rights to the databases that are being accessed for the report.

Make sure, tho, not to give the account more rights than it needs. If
somebody is able to hijack your webpage they would have all the rights to
the
database that the aspnet account does. If your reporting software isn't
writing to the database, definitely give the aspnet account read-only
access,
etc.

"digbydog" wrote:
>Hello,

I have created a simple .rdlc report and am showing it using the
ReportViewer control. All works OK on my development PC where I am using
windows authentication and identity impersonate = true. I ran
reportViewer.exe on the development PC.

The prod (intranet) setup has the web server and sql server (2000) on the
same machine. I have got the netwrok team to run redistributable
ReportViewer.exe on the prod server but when I run the report I get a
message saying that [MACHINE]\ASPNET user was denied access. I didn't
think
I would have to give ASPNET user any special privileges as we are using
windows authentication.

Can anyone point me in the right direction for setting up a prod server
to
run reports ?

thanks

Jul 3 '06 #3

P: n/a
Are you saying that you have set up ASP.NET to impersonate a user account in
the configuration? If you are getting the error message "[machine
name]\aspnet does not have access..." then it doesn't seem that impersonation
for the website is configured properly. Have someone log onto your website
and check out the user account the ASP.NET worker process is running under
(aspnet_wp for xp, w3wp (I believe) for server 2k3). If you're using windows
authentication to log onto the database, this is the account that will be
attempting to log on. If that account doesn't have the correct rights, you
won't be able to connect. Double check all your config assumptions (asp.net
config and sql server config), turn on auditing at the sql server and check
your logs.

"digbydog" wrote:
thanks for the response but I thought that as the data source used for the
report is using a connection from the web.config and that uses windows
authentication + identity impersonate then the user running the page would
be the one running the report ? Does the report viewer authenticate in a
different way and do it via the machine\ASPNET user?
"William Sullivan" <Wi*************@discussions.microsoft.comwrote in
message news:EF**********************************@microsof t.com...
Does [machine]\aspnet have login and access rights to the database?
Probably
not. You must add a login for the aspnet account and then grant it the
necessary rights to the databases that are being accessed for the report.

Make sure, tho, not to give the account more rights than it needs. If
somebody is able to hijack your webpage they would have all the rights to
the
database that the aspnet account does. If your reporting software isn't
writing to the database, definitely give the aspnet account read-only
access,
etc.

"digbydog" wrote:
Hello,

I have created a simple .rdlc report and am showing it using the
ReportViewer control. All works OK on my development PC where I am using
windows authentication and identity impersonate = true. I ran
reportViewer.exe on the development PC.

The prod (intranet) setup has the web server and sql server (2000) on the
same machine. I have got the netwrok team to run redistributable
ReportViewer.exe on the prod server but when I run the report I get a
message saying that [MACHINE]\ASPNET user was denied access. I didn't
think
I would have to give ASPNET user any special privileges as we are using
windows authentication.

Can anyone point me in the right direction for setting up a prod server
to
run reports ?

thanks


Jul 3 '06 #4

P: n/a
I couldn't get it working using the dataset used at design time so just
created a dataset at run time and bound it to the report and viewed and all
is Ok - not sure what happened but mustn't have had the website configured
proeprly

"William Sullivan" <Wi*************@discussions.microsoft.comwrote in
message news:FB**********************************@microsof t.com...
Are you saying that you have set up ASP.NET to impersonate a user account
in
the configuration? If you are getting the error message "[machine
name]\aspnet does not have access..." then it doesn't seem that
impersonation
for the website is configured properly. Have someone log onto your
website
and check out the user account the ASP.NET worker process is running under
(aspnet_wp for xp, w3wp (I believe) for server 2k3). If you're using
windows
authentication to log onto the database, this is the account that will be
attempting to log on. If that account doesn't have the correct rights,
you
won't be able to connect. Double check all your config assumptions
(asp.net
config and sql server config), turn on auditing at the sql server and
check
your logs.

"digbydog" wrote:
>thanks for the response but I thought that as the data source used for
the
report is using a connection from the web.config and that uses windows
authentication + identity impersonate then the user running the page
would
be the one running the report ? Does the report viewer authenticate in a
different way and do it via the machine\ASPNET user?
"William Sullivan" <Wi*************@discussions.microsoft.comwrote in
message news:EF**********************************@microsof t.com...
Does [machine]\aspnet have login and access rights to the database?
Probably
not. You must add a login for the aspnet account and then grant it the
necessary rights to the databases that are being accessed for the
report.

Make sure, tho, not to give the account more rights than it needs. If
somebody is able to hijack your webpage they would have all the rights
to
the
database that the aspnet account does. If your reporting software
isn't
writing to the database, definitely give the aspnet account read-only
access,
etc.

"digbydog" wrote:

Hello,

I have created a simple .rdlc report and am showing it using the
ReportViewer control. All works OK on my development PC where I am
using
windows authentication and identity impersonate = true. I ran
reportViewer.exe on the development PC.

The prod (intranet) setup has the web server and sql server (2000) on
the
same machine. I have got the netwrok team to run redistributable
ReportViewer.exe on the prod server but when I run the report I get a
message saying that [MACHINE]\ASPNET user was denied access. I didn't
think
I would have to give ASPNET user any special privileges as we are
using
windows authentication.

Can anyone point me in the right direction for setting up a prod
server
to
run reports ?

thanks



Jul 5 '06 #5

This discussion thread is closed

Replies have been disabled for this discussion.