For more information about configuring credentials for multiple computer connections, see Specify Credential and Connection Information for Report Data Sources. Otherwise, credentials can be passed only one time before they expire. Credentials can be passed more than one time if you enable the Kerberos version 5 protocol for your servers.
Cubeactive notelist offload as text windows#
Trusted and single domains are a requirement for passing Windows credentials. The default settings work best if all client and server computers are in the same domain or in a trusted domain and the report server is deployed for intranet access behind a corporate firewall. You can copy and paste the examples in this topic to implement specific combinations. To change the report server authentication settings, edit the XML elements and values in the nfig file.
The web portal does not need additional configuration. The client application or browser must support Windows integrated security. The Web.config files for the Report Server Web service must have. If you change it to, the Windows Authentication for Reporting Services will fail. By default, the Web.config files for the Report Server Web service include the setting. For more information, see Resolving Kerberos Authentication Errors When Connecting to a report server in this topic.ĪSP.NET must be configured for Windows Authentication. Using RSWindowsNegotiate will result in a Kerberos authentication error if you configured the Report Server service to run under a domain user account and you did not register a Service Principal Name (SPN) for the account. You can add RSWindowsKerberos if you have applications that only use Kerberos authentication. By default, the nfig file includes the RSWindowsNegotiate setting if the Report Server service account is either NetworkService or LocalSystem otherwise, the RSWindowsNTLM setting is used. The nfig files must have AuthenticationType set to RSWindowsNegotiate, RSWindowsKerberos, or RSWindowsNTLM. The following additional requirements must also be met: The accounts must have access to the report server computer, and must be subsequently assigned to roles in order to gain access to specific report server operations. You can include accounts from other domains as long as those domains are trusted. To use Windows integrated security, each user who requires access to a report server must have a valid Windows local or domain user account or be a member of a Windows local or domain group account. If you want to use a different security provider for Windows integrated security (for example, if you want to use Kerberos directly), or if you modified the default values and want to restore the original settings, you can use the information in this topic to specify authentication settings on the report server. If your deployment includes client applications and browsers that use these security providers, you can use the default values without additional configuration. By default, Reporting Services accepts requests that specify Negotiate or NTLM authentication.
0 kommentar(er)
