How to resolve "The remote server returned an error: (401) Unauthorized" when running a SQL Server Reporting Service?

Question

I'm using this code to create and download PDF reports from SSRS, but I receive the following error:

The remote server returned an error: (401) Unauthorized.

My code is:

protected void Page_Load(object sender, EventArgs e)
{
    MemoryStream ms;
    // this name is what the user will see when they are prompted for download.
    string customFileName = "NewFileName.pdf";

    if (!this.IsPostBack)
    {
        try
        {
            string strRequest = "http://myServer.com/ReportServer?%2fmetadata_report%2fMetadataReport1&rs%3aCommand=Render&rs%3AFormat=PDF&grpId=3";
            WebRequest request = WebRequest.Create(strRequest);
            request.ContentType = "application/pdf";

            string userName = "username";
            string password = "password";
            string domain = "myServer.com";

            // Create and then pass in network credentials to acecss the reporting server
            System.Net.NetworkCredential credentials = new NetworkCredential(userName, password, domain);
            request.Credentials = credentials;

            HttpWebResponse response = (HttpWebResponse)request.GetResponse();

            using (response)
            {
                // Get the stream from the server
                using (Stream stream = response.GetResponseStream())
                {
                    // Use the ReadFully method from the link above:
                    byte[] data = ReadFully(stream, response.ContentLength);

                    // Return the memory stream.
                    ms = new MemoryStream(data);
                }
            }

            // Clear out the headers that may already exist, then set content type and add a header to name the file
            Response.Clear();
            Response.ContentType = "application/pdf";
            Response.AddHeader("content-disposition", "inline; ");

            //// Write the memory stream containing the pdf file directly to the Response object that gets sent to the client
            ms.WriteTo(Response.OutputStream);
        }
    }
}

Any help would be much appreciated.

Answer 1

I lost a lot of my hair over the past week because of this. In my case report definitions were in the same server as my Sql server and IIS. And i tested everything from my development machine by pulling reports from ssrs server. At this point everything was working perfectly fine. Now as soon as i deploy my application in production server it started giving me that error. I had a seperate report user sorted with necessary permissions which were working from the development machine. There comes microsofts security feature to protect from double hopping. If you google LSA m sure you will get enough on this. Bare in mind impersonate=true is not gonna do any good.

Following is my solution and it worked like a charm:

Method 2: Disable the authentication loopback checkRe-enable the behavior that exists in Windows Server 2003 by setting the DisableLoopbackCheck registry entry in the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa registry subkey to 1. To set the DisableLoopbackCheck registry entry to 1, follow these steps on the client computer:  Click Start, click Run, type regedit, and then click OK. Locate and then click the following registry subkey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LsaRight-click Lsa, point to New, and then click DWORD Value.Type DisableLoopbackCheck, and then press ENTER.Right-click DisableLoopbackCheck, and then click Modify.In the Value data box, type 1, and then click OK.Exit Registry Editor.Restart the computer.Note You must restart the server for this change to take effect. By default, loopback check functionality is turned on in Windows Server 2003 SP1, and the DisableLoopbackCheck registry entry is set to 0 (zero). The security is reduced when you disable the authentication loopback check, and you open the Windows Server 2003 server for man-in-the-middle (MITM) attacks on NTLM.

For detail study: read here

Hope it helps someone.

Thanks

Answer 2

can you try this?

// Create and then pass in network credentials to acecss the reporting server
CredentialCache cc = new CredentialCache();
cc.Add(new Uri("http://myServer.com/"), "Negotiate", new NetworkCredential("Username", "Password", "Domain"));
request.Credentials = cc;

Answer 3

It's a permissions problem.

Check these:

http://jhonatantirado.wordpress.com/2011/04/16/reporting-services-2008-asking-for-username-and-password/

http://forums.asp.net/p/1202398/2103516.aspx

Passing Credentials to Sql Report Server 2008