Posts Tagged 'wss'

The request failed with HTTP status 401: Unauthorized in Report Services 2008 Sharepoint Integration

Today I tried to integrate Reporting Services and Sharepoint. The setup consisted of three servers:

  • SQL 2008
  • Reporting Services 2008
  • Sharepoint (WSS 3.0) with Reporting Services Addins

When I tried to connect Sharepoint to the Reporting Services Webservice using the Central Administration, I got the following error:

The request failed with HTTP status 401: Unauthorized

However when I manually visited the webservice through the browser @ http://myserver/ReportServer, everything worked fine. So why did the authentication fail for Sharepoint?

My Sharepoint setup uses NTLM authentication only, therefore Reporting Services must be configured for the same authentication type as well. After reading through tons of KB articles and posts, i finally found a solution to the problem:

  1. On the Reporting Services Server, open the config file rsreportserver.config (you find it in the Reporting Services folder)
  2. Look for the Autentication configuration node
  3. Remove the RSWindowsNegotiate setting

The config section in question should now look like this:

    <!-- <RSWindowsNegotiate/> -->

That way, only NTLM is used for authentication. This fixed it for me 🙂


Add existing users to Sharepoint in “Active Directory Account Creation Mode”

If you run a WSS 3.0 Farm in the so called Active Directory Account Creation Mode you can not add existing users to your site collection. You are restricted to users that were created in the respective site collection.

To work around this limitation, you can abuse the stsadm utility to publish an existing user into a site collection:

  1. Log in to your portal and create a new user, name it “dummy” with a non-existing E-Mail address like dummy@dummy.local
  2. On your Webserver, start a command prompt and navigate to C:\Program Files\Common Files\Microsoft Shared\web server extensions\12\Bin
  3. From there, run the STSADM utilty:
stsadm.exe -o migrateuser -oldlogin MYDOMAIN\dummy -newlogin MYDOMAIN\myExistingUser -ignoresidhistory

This will replace all Sharepoint-internal references to the dummy user by references your existing user. That way your existing user is visible in the isolated site collection.

Some notes about this techniques:

  • User attributes such as E-Mail, Title, Position, etc will not be updated along with the user SID.
  • If a user called dummy already existed, Sharepoint will create a User like dummy1 instead. I suggest you take a look at the dummy users creation date in Active Directory before issuing the stadm command.
  • Delete the dummy user after the migration.
  • The user references are being updated in the whole Sharepoint Farm.
  • If you dont specify -ignoresidhistory, the SID histories of both users will be compared for matches. And if there are no matches, the operation will fail.