Using Trusted Connections in Web Applications under SharePoint Server

Microsoft really try to hammer home the concept of using trusted connections in web.config files, such as

<connectionStrings>
<add name="MyDbConn1" 
connectionString="Server=MyServer;Database=MyDb;Trusted_Connection=Yes;"/>
<add name="MyDbConn2" 
connectionString="Initial Catalog=MyDb;Data Source=MyServer;Integrated Security=SSPI;"/>
</connectionStrings> 

They will also mention that you do not need impersonation on for this to work, only that the identity account for the application pool has the required access to the SQL server (normally making this account a managed domain service account). This is despite many inccorrect postings on news groups saying you must have impersonation on (people never read the scenario)

However, there is one gotcha when playing your web application underneath a currently existing .NET application. If your top level website has

<identity impersonate="true">

then you will need to put

<identity impersonate="false">

into your own web.config to override (or override in another way, this worked best for me). This is the scenario you will face with WSS or MOSS, as all the sites attempt to impersonate the current user.

SSRS 2008 SharePoint Integrated Mode Issues -

I've finally found time to look at SSRS 2008 and how it improves the integration mode for SharePoint. As usual, I had a new pain setting it up.

My setup:

• MOSS 2007 and SSRS 2008 installed on vmsp-01
• SQL Server 2008 installed on vmsql-01
  

There are several reasons for getting the following message:

An unexpected error occurred while connecting to the report server. Verify
that the report server is available and configured for SharePoint integrated
mode

The main reason for getting this error will be that you have configured Reporting Services in Central Administration to point at a localhost URL. However you might have checked all your settings (as I had) and been fairly sure they were right. Mine were as below





Now, as this was testing, the url is not in DNS (and to be honest, I've no intention of cluttering DNS with another record). I'd modified the hosts file to point at this.

What you might find at this point is that you can access the URL from external machines (with the right host headers in the hosts file), but you cannot access the url from the server itself. You've fallen foul of "as designed. If you cannot connect to any *windows authenticated* URL hosted on the server from the server itself, and you are receiving the error message above, then it is the loopback adapter that is at fault. As the SharePoint server makes the second request to retrieve data from the reporting server it makes no difference if you can access the reporting server url correctly from a client machine


Disabling the loopback adapter solves the problem. I think that having a DNS record probably fixes this issue too, but I've not checked for sure.


Installing SSRS for SharePoint Integrated Mode
Disabling Loopback Adapter in Windows Server 2003 R2 and Windows Server 2008/Vista