Netwrix Auditor complains about Anonymous Logon when looking at SSRS-based Reports.

6.5 and older
Copy Article URL Copied

If you have SSRS Server located on one SQL Server instance while the database containing data is stored on a separate SQL Server instance , you may get the following error message:
“Cannot create a connection to data source ‘DS’. —> System.Data.SqlClient.SqlException: Login failed for user ‘NT AUTHORITYANONYMOUS LOGON’.”

Assuming this is the only issue, if you try to generate the report from the SQL Reporting site it will be generated without any errors.

It happens as a result of double-hop authentication.
The double-hop issue is well described in the following article –

Select one of the proposed solutions to resolve this issue and perfrom the following steps:

  • Save logon creadentials in a datasource:
    1. Prevent Netwrix Auditor from overwriting the saved settings in a datasource located on the SSRS server:
      1. Logon to a computer where Netwrix Auditor resides.
      2. Click Start -> Run and type regedit to open Registry Editor.
      3. Depending on your OS, navigate to:
  • 32-bit OS: HKEY_LOCAL_MACHINESOFTWARENetWrixAD Change Reporter<managed – object name>Database Settings
  • 32-bit OS: HKEY_LOCAL_MACHINESOFTWARENetWrixManagement ConsoleDatabase Settings
  • 64-bit OS: HKEY_LOCAL_MACHINESOFTWAREWow6432NodeNetWrixAD Change Reporter<managed – object name>Database Settings
  • 64-bit OS:HKEY_LOCAL_MACHINESOFTWAREWow6432NodeNetWrixManagement ConsoleDatabase Settings
  1. Create or edit the keys in each: overwrite_datasource (DWORD)
  2. Set the value to 0 in decimal;
    1. Enter and save credentials in the datasouce:
      1. Open Report Manager in Internet Explorer.
      2. Select the target system node.
      3. Open the Datasource.
      4. Select “Credentials stored securely in the report server”.
      5. Enter Netwrix service account credentials.
      6. Select “Use as Windows credentioals when connecting to the data source”‘. (see image below)

NOTE: Perform these steps for each target system (registry edit first followed by updating Report Manager datasource). Report Manager datasource settings will be reset when you run a report from the Netwrix Auditor if the registry key is not present.

NOTE: This solution increases your server’s vulnerability to attack by malicious users or software.
Go Up