You receive an error message when you use SQL Server 2008 Reporting Services: "HTTP 401.1 - Unauthorized: Logon Failed"


Consider the following scenario that occurs when you use Microsoft SQL Server 2008 Reporting Services:
  • You try to access Report Manager or Report Server by using a URL that resembles one of the following URLs:
    Note The name placeholder is not the name of the computer on which Report Server and Report Manager are deployed. However, the DNS Client service, the computer's hosts header files, or the computer's Lmhosts files that are located in the C:\WINDOWS\system32\drivers\etc folder are configured to send requests to name back to the report server computer.
  • You try to access Report Server directly by using one of the following URLs. When you do this, you experience no problems. Additionally, you can browse the Report Server namespace and view all reports by using the following URLs:
  • The ReportServerUrl element is specified in the Rsreportserver.config file and is set to resemble one of the following URLs:
  • You try to access Report Manager by using one of the following URLs:
In this scenario, you receive what resembles the Report Manager user interface. However, where you expect to see a list of reports, you receive the following error message:
HTTP 401.1 - Unauthorized: Logon Failed
Note If you use SharePoint Integrated mode, you receive the error message on the SharePoint Web pages. The symptoms in this scenario are most likely to occur when one of the following conditions is true:
  • Reporting Services is deployed in a scale-out deployment.
  • Reporting Services is accessed by using a user-friendly name that does not match the computer name.


This problem occurs because Windows includes a loopback check security feature that helps prevent reflection attacks on your computer. Therefore, authentication fails if the FQDN or the custom host header that you use does not match the local computer name.


To resolve this problem, specify the host name. To specify the host names that are mapped to the loopback address and that can connect to Web sites on your computer, follow these steps:
  1. Click Start, click Run, type regedit, and then click OK.
  2. In Registry Editor, locate and then click the following registry key:
  3. Right-click MSV1_0, point to New, and then click Multi-String Value.
  4. Type BackConnectionHostNames, and then press ENTER.
  5. Right-click BackConnectionHostNames, and then click Modify.
  6. In the Value data box, type the host name or the host names for the sites that are on the local computer, and then click OK.
  7. Exit Registry Editor, and then restart the computer.

More Information

The name placeholder is considered a host header. It is an alternative name for the computer on which Reporting Services is installed. You must add the NetBIOS and the Fully Qualified Domain Name (FQDN) for name to the BackConnectionHostNames list that is stored in the Windows registry.

For example, if name is a Windows computer name, such as contoso, the name can likely also be referenced in FQDN form as You must add both representations to the list in BackConnectionHostNames.


For more information, click the following article number to view the article in the Microsoft Knowledge Base:

896861 You receive error 401.1 when you browse a Web site that uses Integrated Authentication and is hosted on IIS 5.1 or IIS 6


ID articolo: 956158 - Ultima revisione: 11 mag 2010 - Revisione: 1