Friday, January 20, 2012

AX 2012 SSRS Error: Error while setting server report parameters.

AX 2012 SSRS Error: "Error while setting server report parameters. Error message: The permissions granted to user '[DOMAIN\USERNAME]' are insufficient for performing this operation. (rsAccessDenied). The permissions granted to user '[DOMAIN\USERNAME]' are insufficient for performing this operation. (rsAccessDenied)"
Figure 1 - SSRS Permissions error
Replication of the error: Trying to run any SSRS report within AX

About the error: This is actually not AX specific.  It is with permissions on the SSRS site.  The user may need to be granted access to get to the SSRS reports or it could be an issue with a setting.

Resolution: Some things to check to resolve the issue

1. Navigate to the Report Manager url (http://SSRSREPORTSERVERNAME/Reports/Pages/Folder.aspx), go to the Folder Settings and click on 'New Role Assignment'. Add the appropriate user or group. Make sure they have access to 'Browser. Content Manager, and DynamicsAXBrowser'.
Figure 2 - Adding a role assignment to SSRS 
2. IIS: Check to make sure the Reports virtual directory is NOT set to allow anonymous access on the properties (VirtDir > Properties > Security).  The Visual Studio ReportsServer virtual directory defaults to deny anonymous access. 
3. Check Windows User Account Control (UAC) restrictions.
4. Go here for more information: http://msdn2.microsoft.com/en-us/library/aa337471.aspx
If this still doesn't fix things, you can reset all the changes by going to the virtual directory tab on the left hand side of the SQL Server Reporting services config, make sure the check box 'Apply default settings' is checked.  Then try tinkering around some more.

at

10 comments:

  1. DevMarch 20, 2012 at 3:55 AM

    This is really helpful and saved lot of my time

    ReplyDelete
  2. ArunAugust 14, 2012 at 3:43 AM

    hi
    //IIS: Check to make sure the Reports virtual directory is NOT set to allow anonymous access on the properties (VirtDir > Properties > Security). The Visual Studio ReportsServer virtual directory defaults to deny anonymous access.

    i cant find any reports folder in iss

    ReplyDelete
  3. RyanNovember 13, 2013 at 1:45 PM

    This is great, thanks! What UAC rights are needed? I've found that if a user is an administrator they can run reports. If any other group (users, power users, the 5 SQLServer groups, etc) they cannot run reports. I don't want to make all my users administrators though.

    ReplyDelete
    Replies
    1. DAXDudeNovember 19, 2013 at 9:30 AM

      Ryan, hopefully users other than admins can run reports. I can definitely see your hesitation to giving everyone access as admins in your environment. For some reason I have a vision of a a bunch of kids in a pinata themed birthday party at a china shop going wild... Call me crazy...

      I'm not entirely sure about UAC rights for very specific setup. Speaking conceptually, users should be able to access reports from an AX link or URL link/shortcut as only SSRS 'user' permissions (not power users, admins, etc). You should be able to lock them down quite sufficiently. I'd need more info to be able to help you further on this one.

      As a next step however, I would check your security as a whole first, starting with hardening the report server. Have you had a user in question try to run a very specific report (via just a URL) from within the SSRS machine not as an admin?

      Delete
  4. Kieran CreaghNovember 18, 2014 at 2:06 AM

    Cheers thank you.

    ReplyDelete
  5. Steeve GilbertJanuary 21, 2016 at 12:00 PM

    If you are still getting the error for documents like Packing Slip, Invoice, etc... make sure to add Role Assignment to the StaticReports folder also. Looks like this folder doesn't inherit rights from Dynamics Ax folder.

    ReplyDelete
  6. GideonJuly 13, 2016 at 5:33 AM

    Adding the user to the StaticReports folder solves the issue. Thanks!

    ReplyDelete
  7. aAugust 26, 2016 at 6:47 AM

    This comment has been removed by a blog administrator.

    ReplyDelete
  8. UnknownNovember 23, 2016 at 8:26 AM

    Thank you, it saved me again

    ReplyDelete

Subscribe to: Post Comments (Atom)