SQLTeam.com | Weblogs | Forums


Hi Experts,

one of my reports which are not in local domain are asking for user name and password when the external users are trying to access the reports, could any one suggest what can be done to over come this issue.

Thank you in Advance.

There are 2 options I know of,
Windows Credentials Manger
runas /user:doimain\user appname.exe

Hi Joseph,

Thank you very much for the quick reply. I tried to store the credentials in windows but when the user is trying to access for out of the network its asking for credentials. No idea where i am missing.

What if one of your users opens a command prompt and enter
runas /user:domain\user "C:\Program Files\Internet Explorer\iexplore.exe" "URL to ssrs"

Of corse they must replace domain the the ssrs's domain and the user used to login.

If the users have a domain account have them login at the prompt.

Doesn't Reporting Services Authenticate via AD?

Hi Joseph,

yes the user is a domain account and is added in the AD group, the SSRS services are running under this account. I will try to check the cmd prompt option in the morning, will update you the status.

Thank you once again.

External users need to login using their domain credentials - with the domain (e.g. MyDomain\MyUserName). That is just to get to SSRS to see the list of reports.

If the users are then getting prompted to provide credentials for the report - and the report has been setup to use the individuals login credentials, then you HAVE to implement Kerberos authentication in your domain and specifically with the service account/servers in question. If you do not have that setup/configured correctly then you run into a double-hop issue and the users will never be able to get to the report.

There are several ways to set this up - which can depend on how the users are getting to SSRS in the first place. One way would be to use a specific SQL account for this report - that only has access to execute the code for this report - and embed the data source in the report definition using the SQL account and password. This would insure that every user that has access to the report doesn't have to have direct access to the database - and will not prompt the user for their credentials.

You could also look into setting up the execution account in SSRS configuration manager - which may allow the report to run under that users context instead of the logged in user...

Hi Jeffw8713,

Thank you for your reply, I have created a SQL account which has access to the reports and the users are now using this account to access the reports.

Thank you once again.