Microsoft KB Archive Search

Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

  1. Home
  2. Error: The request failed with HTTP status 401: Unauthorized when you open a report in Microsoft Dynamics CRM 4.0

Error: The request failed with HTTP status 401: Unauthorized when you open a report in Microsoft Dynamics CRM 4.0

Symptoms

When you open a report in Microsoft Dynamics CRM, you receive the following error:

The request failed with HTTP status 401: Unauthorized

Additionally, if you have the SQL Reporting Services Data Connector for CRM installed, you will see the following error in the Event Viewer: 

Thread information:
Thread ID: 12
Thread account name: NT AUTHORITY\NETWORK SERVICE
Is impersonating: False
Stack trace: at
System.Web.Services.Protocols.SoapHttpClientProtocol.ReadResponse(SoapCl
ientMessage message, WebResponse response, Stream responseStream, Boolean asyncCall)
at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String
methodName, Object[] parameters)
at
Microsoft.Crm.ReportingServices2005.ReportingService2005.ListExtensions(
ExtensionTypeEnum ExtensionType)
at
Microsoft.Crm.Reporting.ReportServer.IsDataExtensionInstalled(String
extensionName)

↑ Back to the top

Cause

The error occurs when the Report Server is configured to use only NTLM authentication and not Kerberos. In order for reports to run when Microsoft Dynamics CRM, SQL Server Reporting Services, and SQL are on separate servers, you need to enable Kerberos authentication and Trust for Delegation.

↑ Back to the top

Resolution

Update the RSReportServer.config file using the following steps:

  1. In Windows Explorer, locate the ReportServer directory. The following path is the default path of this directory: C:\Program Files\Microsoft SQL Server\MSRS10.MSSQLSERVER\Reporting Services\ReportServer
  2. Right-click RSReportServer.config, click Open With, click Notepad and then click OK. 
  3. Locate the following entry: <Authentication>
  4. Add the following key above the <RSWindowsNTLM> key: <RSWindowsNegotiate />

↑ Back to the top

More Information

If you prefer to use only Kerberos and not negotiate the authentication protocol, you may choose to add the <RSWindowsKerberos /> key in the place of the <RSWindowsNTLM /> and <RSWindowsNegotiate /> keys

For more information review the following MSDN article: http://msdn.microsoft.com/en-us/library/cc281253.aspx

In order for Kerberos delegation to function, you might have to setup ServicePrincipalNames (SPNs) as necessary. Please refer to the following document for a complete list of scenarios and SPNs:  http://rc.crm.dynamics.com/rc/regcont/en_us/op/articles/configurespn.aspx

↑ Back to the top

Keywords: kbmbsmigrate, kbmbspartner, vkball, kb

↑ Back to the top

Article Info
Article ID : 2011887
Revision : 1
Created on : 1/8/2017
Published on : 1/8/2010
Exists online : False
Views : 110