My intention is to access the SSAS Database without Windows authentication. The user outside the domain should be able to access the cube and built PIVOT tables around it. Thus I found that we can use HTTP access for this purpose.
I followed each and every step mentioned on the following links
http://msdn.microsoft.com/en-us/library/gg492140.aspx
http://bloggingabout.net/blogs/mglaser/archive/2008/08/15/configuring-http-access-to-sql-server-2008-analysis-services-on-microsoft-windows-server-2008.aspx
When I try to hit the URL in Mgmt Studio --> Analysis Services
http://localhost/olap/msmdpump.dll. I am getting the "Connection time out" and "404 error"
I went to MSDN forums for the same problem but no concrete results.
How do I test whether my SSAS 2008 is accessible with HTTP access.
Please help!!
I don't have a lot to go on from your question, but if I had to guess I'd say you probably didn't switch from integrated to classic in the application pool settings which left your handler mapping disabled giving you the 404.
I would start simple on your local development machine and follow the instructions allowing anonymous access to the site. Make sure that your site uses an application pool that has access to the cube in analysis services. Additionally, you cannot use the integrated pipeline in IIS, you will hve to use classic. When you create your script mapping (under Handler Mappings) in IIS, make sure that you follow the directions carefully from the following URL:
http://msdn.microsoft.com/en-us/library/gg492140.aspx
I just followed the instructions and it worked for me.
Switching on Anonymous authentication will work to grant access to the site, however I would suggest you use at least Basic HTTP authentication or even Windows Authentication. Just note, if you're using a remote SSAS instance (not on the same host), a double-hop authentication is required. For that, you will have to register SPNs and enable Kerberos authentication.
You find out how to do that by following the links referred to under
Microsoft - Configure HTTP Access to SSAS
Greetings,
Remo
Related
Good day everyone!
Background: I have old legacy ASP.NET MVC on premise application running on local windows IIS. I'm investigating ways to integrate this application with Azure AD authentication. As far as I can understand (Windows IIS integration with Azure AD) it's not possible to do it directly because of the Azure AD authentication can be added at the application level only. So I'm thinking integrating one of the MSAL library for adding Azure AD authentication.
Using this windows manual (Quickstart: Add sign-in with Microsoft to a web app), I've downloaded sample windows application (ASP.NET code sample) from this learn page and tried to run it within the Visual Studio 2022 in debug mode on my azure virtual work machine (based on VDI platform).
And Azure AD authentication does not work. When I click "Sign in with windows" button on the start application page, I get the error:
Server Error in '/' Application.The resource cannot be found.
Description: HTTP 404. The resource you are looking for (or one of its dependencies) could have been removed, had its name changed, or is temporarily unavailable. Please review the following URL and make sure that it is spelled correctly.
Requested URL: /login.aspx
This sample works fine on my local laptop in exactly the same state. I suggest that any security utilities might be the reason, but I don't know how to check it. I can't disable security apps on my working machine, and maybe there are any restrictions on the network level I don't even know nothing about.
Could somebody suggest any ways to solve this problem? Or maybe still ways to find the reason of this problem?
Thank you in advanced!
I have created a web service in Visual Studio 2015 (web api) that listens out for requests via a barcode scanner. The barcode scanner links to a database that provides information such as stock quantities etc, but this is just for background information. The web service is currently installed on my local machine and works perfectly, returning the correct values and posts data to a database.
I attempted to install the web service onto a server, copying over similar settings in IIS (only have basic knowledge using this), such as the bindings and ensuring the permissions were set up correctly. However when running the web service I recieved a "404 not found error and 401 unauthorized". After that, I installed Visual Studio 2015 onto the server to ensure it wasn't a build or publish error...same problem.
Below are some of the 'fixes' I have tried to help narrow down the potential problem.
Ensured the correct version of .Net, 4.0, is installed on the server.
IIS Manager - Authentication: Annoymous Authentication set to enabled.
IIS Manager - Directly browsing: set to enabled.
Set the correct permissions using 'Edit Permissions', granted full control to 'Everyone'
This is my first time creating a web service so up until now I have been using tutorials and making it up as I go along. I think it could be to do with the application pools set up? But because the solution works on my local machine and not the server has me extremely confused. Thanks in advance.
Okay so full disclosure I am new to IIS and WCF so I bought a book and am stuck. I can develop on my dev box at work as it is Windows 7 with IIS 7 but at home on Windows 8 and IIS 8 I believe there are two issues and I just do not know which step is potentially causing the issue. I am developing on .NET 4.5 environment with Visual Studio 2012 Professional for both environments.
Basically I believe IIS to be set up wrong as I am following a book called 'Windows Communication Foundation 4, Step be Step'
http://www.amazon.com/Windows-Communication-Foundation-Step-Microsoft/dp/0735645566
I followed the set up instructions but they are a little different at home and am curious what to do to correct this error:
"The content type text/html; charset=utf-8 of the response message does not match the content type of the binding (text/xml; charset=utf-8). If using a custom encoder, be sure that the IsContentTypeSupported method is implemented properly. The first 1024 bytes of the response were: ' "
This code occurs after I create a WCF service library web project, it is referencing an entity framework model. You create a console app that references the web service and it runs fine. You deploy that web service to IIS and change the config file to reference that location and it blows up with the error above ONLY on the windows 8 machine, the Windows 7 runs just fine.
I noticed two steps I could not do in the setup and believe they are the culprits but don't know how to adjust for Windows 8 yet.
From VS command prompt: 'aspnet_regiis -iru', this does not work AT ALL for IIS 8. Don't know what options when you open IIS to set for the generic okays for asp.net operations. - I did attempt to go into IIS and under 'Authentication' turn on Anonymous authentication and ASP.NET. Still did not fix anything.
The book came with a sql object that then registered two users to the database for 'Adventureworks'. Obviously I am guessing since part 1 did not work or due to Windows 8 settings these users do not exist, hence they cannot be registered. The code for the register users is:
'CREATE USER [IIS APPPOOL\DefaultAppPool] FOR LOGIN [IIS APPPOOL\DefaultAppPool]
GO
EXEC sp_addrolemember N'db_owner', [IIS APPPOOL\DefaultAppPool]
GO
GO
CREATE USER [IIS APPPOOL\ASP.NET v4.0] FOR LOGIN [IIS APPPOOL\ASP.NET v4.0]
GO
EXEC sp_addrolemember N'db_owner', [IIS APPPOOL\ASP.NET v4.0]
GO'
I know SQL code but I know that the users don't exist they are trying to reference so may I add them through IIS or through Control Panel? I was not sure so I did not know IIS so thought I should ask first.
Any help is much appreciated as I know this is probably just a simple method.
Okay I think I got it but not the way I would have hoped to. It seems that I need to run the service with Anonymous Access in IIS 8. Go to 'Authentication' under the default site 'disable' ASP.NET impersonation. But.... for some reason IIS8 and WCF options for .NET 4.5 were not enabled by default for Windows 8. So I found this: http://proq.blogspot.com/2012/09/wcf-on-iis-and-windows-8.html and enabled them.
Weird, anyways I know at some point I am going to have to register ASP.NET users on my local machine mimicking a server environment. But for the time being anonymous access seems to work. I am curious though if IIS knew it had two choices and anonymous was first why it failed? Does it take the most restrictive policy as the default for an access point binding at all times? I am completely new to IIS and it seems like I am going to have to learn it as well as the WCF.
EDIT: When running VS 2012 with some settings also be sure to run VS as ADMINISTRATOR or you may also have issues.
I am developing an intranet ASP.NET web application that's configured to use Integrated Windows Authentication. My web app needs to check user entitlements using LDAP to get user memberships, etc.
The issue I noticed today is that, when I run my web app using IIS, sometimes the LDAP calls fail with strange errors, such as "Unable to contact the server..." ... or "...that domain doesn't exist..." (something along those lines, anyway). However, if I run my web app using Cassini, I don't get those errors.
If IIS is the issue, why would it fail some times and other times not? What does Cassini do different that IIS is not doing?
I'm using IIS 5.1 / Windows XP / Visual Studio 2008
Why is this happening, and how can I fix it?
Probably something to do with the fact that when you're running Cassini, it's your domain account that's querying the LDAP. It is strange that it would work in IIS sometimes though, and not others. Is the server registered on the network? What system account is IIS running under?
#James Johnson: I figured it out thanks to your comment, which got me thinking about my domain account... Finally, I found this post which points out that in order to connect to LDAP one needs to set Impersonation=True in web.config. It was working intermittently this morning, I think, because I was using Firefox instead of IE, which required me to enter my domain username and password.
The other strange thing was that my app worked fine in our development and stage environments even though my web.config is the same for all of them. I suppose the guys in the hosting group have this set at the machine.config level.
I've recently had my PC upgraded to Vista, which means it includes IIS7. The problem is that the ASP.NET website we're working on doesn't work anymore. I get an error because the application is trying to connect to the SQL Server with NT AUTHORITY/ANONYMOUS LOGON instead of my domain user, and anonymous isn't authorized. I've tried several things, but no solution yet:
- install and enable the 'IIS Metabase and IIS 6 configuration compatibility'
- enable Windows Authentication for this website
- created a different Application Pool with managed pipeline mode set to Classic
- enabled IIS6 WMI compatibility and IIS6 management console (getting desperate here)
In our web.config there's and in our machine.config there's . I've tried putting impersonate to false and entering my domain user and password in the machine.config (it used to be like this) but that didn't help either.
Are there things I'm missing? Has anyone else had a similar problem?
How does your application authenticate with SQL Server? Does it use SQL or Windows Auth? I hope you are trying to use Windows Auth. In that case, your IIS worker process should be running under that Windows user account. If not, it should at the least impersonate a Windows user account that has necessary access rights to SQL Server. If you have impersonation enabled and if you are using the right Windows user account and if SQL Server authenticates using Windows auth and if you are still unable to access SQL Server, you may be running into the classic double hop issue. In other words, you are trying to authenticate to IIS once and you are using the same crdentials to authenticate to the SQL Server over a network next(which is your second hop) and Windows does not allow that for security reasons.
I believe I have found a/the solution. At least it's working now. This is what I did:
The website is now running in a seperate application pool with Managed Pipeline mode set to classic, Load userprofile set to False and Identity set to custom and using a domain user (and password) that has access to the database.
Under 'authorization' of the website itself, I have Anonymous set to enabled and ASP.NET impersonate set to disabled.
in the web.config of the site is also set.
Credit where it's due, this site helped me.
I'm sorry to say I can't look into the issue any further. Indeed, it probably is something with the way we connected to SQL Server (Win Auth) because we've changed it now. Now we connect with username and password in the connection string and it's solved.
So I can't really say if you provided the answer, msvcyc, but I did vote on your solution. Thanks for the time and trouble.
Well, I recommend you migrate to Integrated mode if there is not too many troubles to enjoy the innovation it brings. :)
http://mvolo.com/blogs/serverside/archive/2007/12/08/IIS-7.0-Breaking-Changes-ASP.NET-2.0-applications-Integrated-mode.aspx