Open topic with navigation
The permissions granted to user 'Domain\UserName' are insufficient for performing this operation.
Last Updated: 2018-03-20
- Guard1 Plus versions: 5.x
- Guard1 Plus SE versions: 4.x, 5.x
When running the Data Maintenance Application for Guard1 Plus or Guard1 Plus SE version 5
When attempting to view a Guard1 Plus or Guard1 Plus SE Reporting Services report, you receive one of the following Reporting Services errors in the browser:
- The permissions granted to user 'Domain\UserName' are insufficient for performing this operation. (rsAccessDenied)
- or -
Where Domain\UserName is the PC or domain name and the user name of the Windows User Account that is currently logged in to the PC.
If you try to browse to the Report Server Home Page (http://ReportServerName/Reports or http://ReportServerName/Reports_GUARD1PLUS) a similar error is returned:
- User 'PCName\UserName' does not have required permissions. Verify that sufficient permissions have been granted and Windows User Account Control (UAC) restrictions have been addressed.
- NOTE: Microsoft Edge may display "Hmm, we can't reach this page" in lieu of the error above when trying to access the Report Server Home Page.
- Your Windows User Account does not have sufficient permissions to access SQL Reporting Services.
- Your default browser is Microsoft Edge, and the Report Server is on the PC that you are using. Edge is not supported by SQL Server Reporting Services 2014 and earlier. The browser is unable to pass Windows credentials to the Report Server when the Report Server is on the same PC.
- Your default browser is Internet Explorer on a Windows Server OS, and Internet Explorer Enhanced Security is enabled.
Verify that you are using a supported default browser such as Internet Explorer, Chrome or Firefox. Windows 10 users must change their default browser to something other than Microsoft Edge when using Guard1 Plus. Edge will work on Guard1 Plus SE Client workstations when connecting to a Report Server on another PC.
If you are trying to view the report on Windows Server OS, you must turn Internet Explorer Enhanced Security off via Server Manager.
If browsers other than Edge return the error, it's most likely due to insufficient permissions on the Report Server. Microsoft Reporting Services requires that all users of a report are identified by their Windows login account in Report Manager. By default, Reporting Services grants access to Administrators only.
Users must have Content Manager permissions to the Guard1 Plus reports folder.
To configure Reporting Services permissions:
- Log in to Windows as an Administrator.
- Note: in an Active Directory environment, the account used must be a Reporting Services System Administrator.
- Open your Web Browser and type one of the following in the Address Bar, then press Enter:
- For Guard1 Plus , enter: http://PCName/Reports_GUARD1PLUS (where PCName is the name of the computer).
- For Guard1 Plus SE, enter: http://ReportServerName/Reports (where ReportServerName is the name of the SQL Reporting Services server (typically the same as the SQL Server).
- At the SQL Server Reporting Services Home page, click Folder Settings on the menu bar.
- On the Folder Settings page, click Security in the left pane.
- Click New Role Assignment.
- In the Group or user name field, enter the name of the User or Group (e.g. JSmith or Users (for a local account or group) or Domain\JSmith or Domain\Domain Users (for a domain account or group)).
- Guard1 Plus: If the PC is not a member of a domain, add the local PC Users group (i.e. Users). If the PC is a member of a domain, add the local PC Users group and the Domain Users group (i.e. Users and Domain\Domain Users).
- Guard1 Plus SE: At minimum, all users that will be using Guard1 Plus should be added.
- Select the Content Manager role.
- Click OK.
- Repeat steps 4-8 for other Users or Groups you'd like to add.
- Click Home at the top right of the screen.
- If the G1PSE folder is present, continue to Step 12. If it is not present, no further action with Reporting Services is necessary. Run the Data Maintenance Application to deploy the G1PSE folder and its contents.
- Click the dropdown arrow for the G1PSE folder and select Security. (G1PSE is the default name for the Guard1 Plus reports folder; Guard1 Plus SE allows you to specify a custom name).
- On the menu bar, click Revert to Parent Security.
- Click OK. This will propagate the top level folder security settings applied above to the entire G1PSE folder structure.
- When finished, exit the browser. Users should now be able to run the Data Maintenance Application and view Guard1 Plus reports without error.
Copyright © 2013-2016 TimeKeeping Systems, Inc.
Open topic with navigation