The permission granted to user "Domain\user" are insufficient for performing this operation(rsAccessDenied)

Similar Messages

• The permissions granted to user '' are insufficient for performing this operation. (rsAccessDenied)

  when I try to connect to the "http://localhost:8080/ReportServer " I get this error.
  The permissions granted to user 'DOMAIN/USERNAME' are insufficient for performing this operation. (rsAccessDenied).
  I have configered the Reporting services Configuration manager.
  I am an administrator on my machine and on the reportserver DB. when I try to log on the my 2008 R2 reporting services I get a simalar error.
  does any one have an idea of what I am missing?
  thank you.
  Jeff
  Jeff

  Hi There
  Please also have a look on this thread
  http://tanveeronline.blogspot.co.nz/2011/07/ssrs-2008-r2-unable-to-connect-to.html
  http://social.msdn.microsoft.com/Forums/hu-HU/sqlreportingservices/thread/f8a0a3f5-3985-4356-8404-3b408f790747
  http://www.networksteve.com/enterprise/topic.php?TopicId=24217
  In the last section of this thread it get resolved by
  "Changing the ports. Configured TCP port to 9000 and SSL port to 9001.
  And then
  <Add Key="SecureConnectionLevel" Value="0"/>
  Its value was 2, changed it to 0."
  Please have alook on this thread that might help you
  Many thanks
  Syed
  http://tanveeronline.blogspot.co.nz/2011/07/ssrs-2008-r2-unable-to-connect-to.html
  Does not work. I already had the settings which are mentioned in that blog - 
  Try doing the following things
  Go to Reporting Services Conf. Manager.
  1. Change the server account to local account.
  2. Remove the SSL if configured.
  3. Go to C:\Program Files\Microsoft SQL Server\MSRS10_50.MSSQLSERVER\Reporting Services\ReportServer
  4. Change the  SecureConnectionLevel value to 0 in rsreportserver.config
  Try refreshing the page, it should work now!
  Also tried answer at - http://social.msdn.microsoft.com/Forums/sqlserver/en-US/f8a0a3f5-3985-4356-8404-3b408f790747/ssrs-2008-unable-to-connect-to-remote-server?forum=sqlreportingservices
  Same thing there. SecureConnectionLevel value to 0 is already set for me.
  Third link comment at end says  - 
  Hi Chaitanya, Changing the ports worked for me. Configured TCP port to 9000 and SSL port to 9001. And then <Add Key="SecureConnectionLevel"
  Value="0"/> Its value was 2, changed it to 0. Thanks for all your support Best Regards, Arka Mitra.
  You can set TCP and SSL like this from Reporting services config manager - 
  Web Service URL option (left pane) > Advanced settings button > put the values.
  The TCP can be changged to 9000, but the SSL requires a certificate file. I am stuck here.
  The clue to make your own SSL certificate is here - 
  http://johnhennesey.blogspot.com/2010/10/reporting-services-2008-over-ssl.html
  But, this post is not for windows 7 64 bit, ie my personal pc os. I tried to make the cert on win, 7, but options are complicated. Lets see.
  Here is the issue for the same - https://stackoverflow.com/questions/22314341/cannot-see-self-created-certificate-in-certmanager

• SSRS 2012: The permissions granted to user '' are insufficient for performing this operation. (rsAccessDenied)

  Hello
  Can you please help me with this error that I'm getting with SSRS 2012.  I've searched the forums and I can only find solutions for SQL Server 2008 and not 2012.
  When I try to go to the url on our server
  http://server:port/ReportServer, I get the following error.
  "The permissions granted to user 'WW004\z0008x5e' are insufficient for performing this operation. (rsAccessDenied)". 
  Can you please help me troubleshoot this.  I have not been able to find a solution.
  Andy

  Hi AndyMcV,
  According to your description, when you try to go to the URL
  http://server:port/ReportServer, the error occurred: The permissions granted to user 'WW004\z0008x5e' are insufficient for performing this operation. In fact, reporting Services uses role-based security to grant user access to a report server, and there
  are two types of roles: Item-level roles and System-level roles. On a new installation, only local administrators have access to a report server. In order to grant access to visit the URL
  http://server:port/ReportServer to users, a local administrator must create a role assignment to define the tasks a user can perform. To workaround this issue, please refer to the following steps:
  Start Report Manager by going to URL
  http://server:port/ReportServer.
  Click Site Settings at the top right of the page.
  Click Security in the left pane.
  If a role assignment already exists for the user, click Edit.
  Otherwise, click New Role Assignment. In user, enter the user account.
  Select appropriate access, and then click Apply.
  Besides, if the user need to have access to reports, folders, models and shared data sources, we can assign Item-level roles on the root node (the Home folder) or on specific folders or items.
  For more information about Role Assignments, please refer to the following article:
  http://technet.microsoft.com/en-us/library/aa337471(v=SQL.105).aspx
  If you have any questions, please feel free to let me know.
  Thanks,
  Wendy Fu

• The permissions granted to user '' are insufficient for performing this operation._

  We have just installed a new instance of ss2012 on windows server (2008r2), both myself and another BA are in the server administrator group and can create projects and reports. But when we try to deploy we get this error..
  The permissions granted to user 'Domain\Username' are insufficient for performing this operation.

  Hi ghw123,
  According to your description, you can't deploy report onto report server, even the current user is the local server administrator. Right?
  In this scenario, since you are the system administrator of Reporting Services, you supposed to be assigned Content Manager role already. Please go to SQL Server Management Studio, connect Reporting Services, go to Security->Roles->Content Manager,
  check if this item level role has permission for all tasks.
  If you have any question, please feel free to ask.
  Best Regards,
  Simon Hou

• "The permissions granted to user 'domain\username' are insufficient for performing this operation. (rsAccessDenied)

  HI,
  I am working on SharePoint 2013 and using Report Viewer webpart (imported from RSWebpart.cab file from SQL server 2008 R2) for showing SSRS reports. I have added Report Viewer webpart in page and done all configuration related to it like set Report
  Manager Url and Report Path in the webpart properties. But when i browse that page it is giving the below error -
  The permissions granted to user 'domain\username' are insufficient for performing this operation. (rsAccessDenied)"
  But when i run IE as 'Run as Administrator' and open the same page which contains the Report Viewer webpart, now i am able to view the report on the page and the error gone away.
  I am not sure what is happening here, what can be the reason for such unpredicable behaviour and what can be the work around for this. Every user can't open the IE in 'Run as Administrator' mode. So what can be the possible solution for this.
  Thanks in advance for the help!

  Solved.  In IE I went to the RS Home page, selected Detail View, put a check in front of every folder, went to Folder Settings and then added my domain user as a Browser in New Role Assignment. Reports work fine now.
  André

• Data Source Level SRS (SSRS) Issue - Permissions granted to user... are insufficient for performing this operation. (rsAccessDenied)

  I've inherited a bit of a security issue and would appreciate any insight.  
  The bottom line is that I have a user than can run one report from folder "X", but not the report next to it.
  Here is the problem context.  The names are changed to protect the innocent.  Sharepoint is not involved.
  The SSRS Home Folder has Security "Group or User" of "DomainX\SSRS_Browsers"   with Role(s) "Browser"
  "SSRS_Browsers" is an AD group.  The user with the issue (DomainX\UnhappyUser) is a member of this group.
  The user is able to navigate to folder "X" (one level below Home) and run Report "A" successfully.  But, when they try to run report "B", they get: 
  "An error has occurred during report processing. (rsProcessingAborted)  The permissions granted to user "DomainX\UnhappyUser" are insufficient for performing this operation. (rsAccessDenied)
  The difference between report "A" that works, and report "B" that doesn't is that report "B" references a data set from a different data source.
  Both reports reference DataSource1.  The failing report additionally references DataSource2.   The SSRS logs confirm this is where the problem is:
  ERROR: Throwing Microsoft.ReportingServices.Diagnostics.Utilities.AccessDeniedException: , Microsoft.ReportingServices.Diagnostics.Utilities.AccessDeniedException: The permissions granted to user 'DomainX\UnhappyUser' are insufficient for performing this operation.;
  processing!ReportServer_0-34!c58!07/16/2014-16:45:41:: e ERROR: An exception has occurred in data set 'DataSource2'. blah blah blah
  Both data sources have "stored" credentials with the same AD user: "DomainX\SSRS_Reports".  Both data sources reference the same instance of SQL Server.  They do have different "Initial Catalog" values.  (DatabaseA
  and DatabaseB).  I can run both reports successfully, but I more authority.
  "SSRS_Reports" is defined as a "Login" user under "Security" in SSMS at the instance level.  The Server Role is "public".
  DatabaseA (which is behind the data source that works) has Security->Users->DomainX\DataBaseA_Readers.   This is an AD group, that includes has "SSRS_Reports" as a member.
  DataBaseA_readers (in SQL Server, at the DatabaseA level) is a member of role db_datareader.
  DataBaseB (which is behind the data source that fails) has Security->Users->DomainX\DataBaseB_Readers.  This is also an AD group, that includes "SSRS_Reports" as a member.
  DataBaseA_readers (in SQL Server, at the DatabaseB level) is a member of role db_datareader.
  Does anyone have any insights as to where my problem may be?
  Thank you.  Sorry for the verbosity.  

  Hi Steve,
  After testing the issue in my local environment, I can reproduce it. The Home Folder has Security for "DomainX\SSRS_Browsers" group with "Browser" Role, the folder “X” and Report “A” security is inherited from its parent item, but the Report “B” Item security
  is not inherited from its parent item. In this way, the DomainX\UnhappyUser has insufficient permission to render the Report “B”.
  So, please try to check the Security page of Report “B” and compare it with Report “A” security settings. If possible, we can click “Revert to Parent Security” button to replace all the defined security settings with the security settings of its parent folder
  ”X”.
  Hope this helps.
  Thanks,
  Katherine Xiong
  Katherine Xiong
  TechNet Community Support

• Insufficiant for performing this operationwhen try to connect to the sharepoint site

  Dears,
  I have an issue when i try to open the SharePoint site from the report builder to save the report or get the data source 
  it gives :unable to open or save the file
  the permissions granted to the 'Nt Authority\Anonymous logon' are insufficient for performing this operation
  any help please its so urgent , thanks in advance
  as the image below
  khatib7

  Hi khatib7,
  According to your description, my understanding is that you got an error when you opened a SharePoint site from the report builder to save the report.
  SSRS does not support anonymous access. You can disable anonymous access or extend the Web Application into another zone that does not have anonymous access enabled.
  For disabling anonymous access, please go to SharePoint Central Administration->Manage web applications, select the web application that you used, and click Authentication Providers->Default, unselect ‘Enable anonymous access’, click Save.
  Here is a similar post for you to take a look at:
  http://social.msdn.microsoft.com/Forums/en-US/c79f12a9-23f0-446b-9af1-49f1c7a1692b/the-permissions-granted-to-user-nt-authorityanonymous-logon-are-insufficient-for-performing-this?forum=sqlreportingservices
  I hope this helps.
  Thanks,
  Wendy
  Forum Support
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact
  [email protected]
  Wendy Li
  TechNet Community Support

• SQL 2012 sp2 "The permissions granted to user 'DOMAIN\user' are insufficient ..."

  1st let me set the tone by admitting I am not real familiar with SQL, I'm more of an Operations Admin. So this is not a new question I think, although I am having difficulty finding an applicable solution.  Using SQL Server 2012 sp2 on a Windows
  2012R2 server.  This is configured to be a SCOM DB server; while on the SQL server itself I open IE and attempt to go to the following URL http://scomsql/reportserver_SCOM I get the
  following error.
  Reporting Services Error
  The permissions granted to user 'DOMAIN\user' are insufficient for performing this operation. (rsAccessDenied) Get Online Help
  SQL Server Reporting Services
  I have looked at the Reporting Services Config. Mgr. and it looks like the Report Mgt. URL is set for port 80 and no SSL is configured.  The rsreportserver.config file has the SecureConnectionLevel set to "0"
  My domain account is listed under Security\Logins and holds the 'Server Roles' of public and sysadmin, 'User Mapping' is DBO for the 'ReportServer$SCOM' and 'ReportServer$SCOMTempDB' and the role membership shows db_owner and public for these as well.
  Any assistance with getting this working would be greatly appreciated.
  # When I wrote this script only God and I knew what I was doing. # Now, only God Knows!

  Hi Wasisname,
  The Reporting Services error rsAccessedDenied occurs when a user does not have permission to perform an action. To troubleshooting this issue, please make sure that you have sufficient permission and the report server name is correct.
  In fact, reporting Services uses role-based security to grant user access to a report server, and there are two types of roles: Item-level roles and System-level roles. On a new installation, only local administrators have access to a report server. In order
  to grant access to visit the URL http://server:port/ReportServer to users, a local administrator must create a role assignment to define the tasks a user can perform. To solve this problem, please refer to the
  following steps:
  Start Report Manager by going to URL
  http://scomsql/reportserver_SCOM.
  Click Site Settings at the top right of the page.
  Click Security in the left pane.
  If a role assignment already exists for the user, click Edit.
  Otherwise, click New Role Assignment. In user, enter the user account.
  Select appropriate access, and then click Apply.
  The issue may be caused by the UAC or Internet Explorer security setting, please try to follow this steps:
  1. Open the Internet options of the IE and add the report server URL into trusted site in the Security tab.
  2. Run the IE as administrator.
  Besides, if the user need to have access to reports, folders, models and shared data sources, we can assign Item-level roles on the root node (the Home folder) or on specific folders or items.
  For more information about Configuring a Native Mode Report Server for Local Administration, please refer to the following document:
  http://msdn.microsoft.com/en-us/library/bb630430(v=sql.110).aspx
  If you have any more questions, please feel free to ask.
  Thanks,
  Wendy Fu
  If you have any feedback on our support, please click
  here.
  Wendy Fu
  TechNet Community Support

• What report is run in SAP to get the DATE on which Users are locked ?

  Hello,
  What report is run in SAP to get the DATE on which Users are locked ?
  I have tried with RSUSR200 ,-- last logon ,last password change , but i did not get a option to find the date on which are Users are locked .
  Can anyone suggest what report should be executed to get the date on which Users are locked and by whom ?
  As a alternate , i  am usig SUIM to get extract this data but i am looking for a report .
  thanks & regards
  Ganesh

  Hi Ganesh,
  You can try the below link where many of the options are described:
  How i can check at what date perticular user was locked and who lock it?
  Regards,
  Nilanjan

• The current user has insufficient permissions to perform this operation when trying to add Term stored managed navigation.

  Hi,
  i am getting this error "The current user has insufficient permissions to perform this operation." when trying to add the Term store managed navigation like the following screen shot. i am the Farm
  administrator and as well managed services account. also noticed, cannot delete the service application, saying you don't have enough permission to delete the db. but using this account i was able to do everything before in my environment. is anyone already
  face this kind of error, so what will be the way to resolve this?
  Appreciated!

  event though its a farm admin,It should provide the access to MMS.please find the below link for more details and the solution for the issue.
  Go to SharePoint Central Administration Site –> Application Management –> [Service Applications] –> Manage service applications
  2.   Highlight the Managed Metadata Service that your web application is associated with. (Do not click on the link, just click somewhere else on that row to highlight it)
  3.   Click on Permissions button in the ribbon area.
  4.   Add the application pool account used by your web application and give it  ‘full Access to Term Store’
  5.   Click OK.
  http://expertsharepoint.blogspot.de/2014/08/managed-metadata-service-or-connection.html
  Anil Avula[MCP,MCSE,MCSA,MCTS,MCITP,MCSM] See Me At: http://expertsharepoint.blogspot.de/

• Not all users are displayed for log on after a reboot or startup...

  Problem summary: Not all users are displayed for log on after a reboot or startup...
  This problem only occurs after a fresh start-up or restart. The only users displayed are the initial (admin user) and "Guest". Two other (non-admin) users are not shown for log on.
  To work around this problem and get them to log on we have to log on as the admin user, then we can see the other users in the Fast User Switching menu (top right-hand corner of the screen), listed under the current logged on user. After selecting the non-admin user we can log in and use the laptop as normal.
  If we lock the screen, use fast user switching or log out all users; all users are available for log in, until a reboot is done; at which point the non-admin users disappear again and we have to log in as the admin user and use fast user switching again.
  The laptops are both brand new MacBook Airs. The initial configuration of Mac OS X Yosemite was done using the Apple ID of the purchaser (parent) and then the OS was patched, immediately, through the App store (no further updates available as of the date of this posting). After this Family Sharing was activated and new users set up for the two children who will be using these laptops.
  Has anybody else experienced this problem with Yosemite?
  Cheers,
  David.

  David,
  Users not enabled for FileVault unlock are only able to log into the computer after an unlock-enabled user has started or unlocked the drive. Once unlocked, the drive remains unlocked and available to all users, until the computer is restarted.
  FileVault has to be On.
  To Enable the users to be able to unlock FileVault Go to:
  System Preferences > Security & Privacy > FileVault ( Tab ) > Click the Lock in the bottom left > Put in your administrator password > Should see an option to Enable Users > Enable User.
  Hope that helps,
  Weston
  Supporting Articles,
  OS X: About FileVault 2 - Apple Support

• Logon rejected for Unable to obtain Terminal Server User Configuration. Error: Not enough resources are available to complete this operation.

  Error: Logon rejected for  Unable to obtain Terminal Server User Configuration. Error: Not enough resources are available to complete this operation.
  The problem is that the SharePoint server will
  function just fine for a week or so and then suddenly when a new user tries
  to log on they get an error message indicating that not enough resources areavailable to
  log them on and also user will to credential prompt while accessing share point site . 
  Raj

  Hi,
  According to the error message, please use performance monitor to diagnose if it is a memory-related bottleneck and you can use the counters of the memory part in the article below:
  https://technet.microsoft.com/en-us/magazine/2008.08.pulse.aspx
  In addition, it may be due to thousands of open connections to the server are in a TIME_WAIT state. You can run "netstat -an" command on the affected server and client. If you see mutiple connections in the TIME_WAIT state, you can follow the article
  to increase the number of TCP/IP connections:
  https://msdn.microsoft.com/en-us/library/ee377084(v=bts.70).aspx
  Furthermore, if you are running windows server 2003, please make sure that you have installed the KB 948496 and stop all services that you don't need.
  Best regards,
  Susie
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact [email protected]

• The logged in user does not have permissions to perform this operation

  OIM 11.1.2.0.4
  Connector: Microsoft Active Directory User Management 11.1.1.5.0
  Action: revoke a provisioned AD account (logged in user is XELSYSADM member of SYSTEM ADMINISTRATIONS role)
  Error message: IAM-2050243 : Orchestration process with id 5756, failed with error message IAM-4065011 : An error occurred in oracle.iam.provisioning.spi.DOBProvisioningMechanism/revoke(Account) while revoking account with id 1 for the user with key 43 and the cause of error is The logged in user does not have permissions to perform this operation..

  The problem is missing entries into table AAD, Provisioning API uses table AAD to check administrator's scope on the user's organization.
  TEST: following SQL statement should return at least a value
  select aad_write, aad_delete
  from aad aad
  , usr usr
  where aad.act_key = usr.act_key
  and usr.usr_key = <user_key_of_user_you_wanto_to_revoke>
  and aad.ugp_key in (
  select ugp.ugp_key
  from ugp ugp
  , usg usg
  where ugp.ugp_key = usg.ugp_key
  and usg.usr_key = <user_key_of_xelsysadm>
  BUG (in my case): if you create an Organization using a OIM user that does not have any Role (except default ALL USERS Role) the system does NOT add right entries into AAD table, so you can revoke account of users that are members of this Organization
  WORKAROUND: manually insert entries for all Organizations (ACT_KEYs) for the user XELSYSADM into AAD table
  FIX: always create an Organization using a OIM users with at least one Role except ALL USERS role

• No Logged on Office Users are configured for IRM

  Setup:
  AD RMS on 2012 configured with https Crypto 1
  Exchange 2010 SP3 RU6
  Office 2013
  I can open OWA and use IRM to protect a document but any Office application I open and try to protect gives me an error like this:
  No Logged on Office Users are configured for Information Rights Management (IRM).
  I have googled and taken a look at all of the options out there and everything seems to be configured correctly.
  Any ideas or other troubleshooting tips I can do???

  Hi JerHiggs123,
  It seems that this is a known bug. 
  Please try the following fix:
  Open regedit
  Go to HKEY_CURRENT_USER\Software\Microsoft\Office\15.0\Common\Identity\Identities\[email protected]
  Delete the registry key “SignedOut”=dword:00000001
  If there is no such key, add it as name "SignedOut", type of REG_DWORD and value of "00000001"
  Did my post help you or make you laugh? Don't forget to click the Helpful vote :) If I answered your question please mark my post as an Answer.

• How many concurrent users are allowed for an Azure Virtual Machine?

  How many concurrent users are allowed for an Azure Virtual Machine?
  Please share the details with the Azure VM size. Currently I have Standard VM of size D13(4 cores, 28GB RAM)

  Hi SanPSK,
  Thanks for posting here.
  I suggest you to check this article for Azure VM size
  https://msdn.microsoft.com/en-us/library/azure/dn197896.aspx
  For the concurrent users on VM - A maximum of 2 concurrent connections are supported, unless the server is configured as a Remote Desktop Services session host.
  Girish Prajwal