Browse
Tools
Categories

Troubleshooting IIS and the Reporting Web Site

Reference Number: AA-00520 Views: 18253 Last Updated: 11-10-2020 12:19 PM 0 Rating/ Voters
Troubleshooting IIS and the Reporting Web Site

This article describes problems related to IIS and the Reporting Web Site and provides solutions.

Here is a list of those problems:

Reporting Web Site option disabled in installer

Symptom: The option to install the Reporting Web Site (Access Reports via a browser) is unavailable during installation.


Cause: IIS is not installed on the computer where the installer is run.

Solution: Prepare IIS for the Reporting Web Site.

Page cannot be found

Symptom: The web browser indicates that the Reporting Web Site cannot be found.

Causes:

  1. The firewall is not configured to allow traffic through the needed port (typically port 80).
  2. The Default.aspx page is not in the list of pages in the web site properties, Documents tab.
  3. The web site is not configured with ASP.NET 4.0

Solutions:

  1. Configure the firewall to allow the needed traffic. If the Web server (IIS) is outside the firewall, this is outbound traffic. If the Web server is inside the firewall, this is inbound traffic. 
  2. Ensure that in IIS, ASP.NET is allowed. If default.aspx still does not exist, add it manually as shown here: 

        
  3. Configure the Reporting Web Site to allow ASP.NET 4.0.30319 if using SiteAudit version 5.2 or later. Otherwise, use 2.0.50727 for version 5.1 and earlier.

Error Message: We Were Unable to Satisfy Your Request

Symptom: SiteAudit displays the error message: We're Sorry. We are unable to satisfy your request. No other details are provided. 
NOTE: If the error message contains additional information, then see other troubleshooting options below

Cause: There are a few possible causes for this error message.

  1. The Reporting Web Site has not been configured to point to a database
  2. Credentials must be entered into application pool identity
  3. Anonymous authentication is enabled
  4. ASP.NET Impersonation is enabled

Solution

  1. Configure a database for the Reporting Web Site.  Open the SiteAudit Viewer. Select Setup > Web Site Database Configuration. Click the Test button to verify access to the database is successful. Click OK to close the dialog
  2. Enter credentials in the ReportingWebSiteAppPool identity.  Common scenarios in which this solution is required includes:
    • Integrated security is used to access the database and the SQL server is on a remote machine
    • The Reporting Web Site is installed on Windows 8, server 2012 or later
    • The database is installed on SQL Server 2012 or later

      Select ReportingWebSiteAppPool from the Application Pools then click Advanced Settings from the menu options on the right
      Enter the credentials of the user who is the dbowner of the SiteAudit database. Typically, these are same credentials as those of the user who is logged onto the machine.
      The image below shows the Identity is that of a domain user. This user has dbowner access to the SiteAudit database.
    •      
  3. Disable Anonymous authentication. Open IIS Manager and navigate to the Reporting Web Site. Double-click the Authentication icon and disable Anonymous Authentication


  4. Disable ASP.NET Impersonation

Reporting Web Site reports not available over the network

Symptom: With SQL Server and IIS on different computers, you can see reports on the computer where IIS is installed. On other computers, the site looks normal until you try to view a report; then an error message is displayed (indicating that the database schema version is -1).

Cause: You use integrated security for database access, and IIS does not pass the user's credentials to SQL Server. This is called the "double hop" problem. 

Solution: In the application pool, set credentials that have owner access to the database. Users can then connect to the Reporting Web Site using their own domain credentials, but the Reporting Web Site uses the credentials supplied in the application pool when communicating with SQL Server. 

Quick Test

This quick test can determine whether you are seeing the "double-hop" problem. As an alternative, you can just employ one of the workarounds described below without confirming that your problem is the double hop problem.

  1. Set the ASPX page security mechanism to use Basic Authentication only.  
    The image below shows how to enable this feature if it is not already enabled.

        

  2. Use a client to browse to the ASPX page, and then provide domain credentials when prompted. 

If this works, the double-hop issue is probably the problem.

Warning: Basic Authentication

Basic authentication is not secure as user credentials are passed to the server in clear text

Workaround #1

Disable ASP.NET impersonation and set the Application pool identity to an account that is known to have access to the SQL database: 

    

You must also disable impersonation in the web.config file by modifying the identity tag:    

<identity impersonate="false" /> 

This example application pool includes an identity with access to a remote SQL Server database:

    

Reboot the computer or restart the IIS service by running iisreset at a command prompt.  

Workaround #2

Use basic authentication between the browser and IIS. Disable Windows Authentication and enable Basic Authentication on the IIS server.

    

Reporting Web Site reachable by IP address but not DNS name

Symptom: Users can open the remote Reporting Web Site in a browser using the IP address but not using the DNS name.

Cause: There is likely an NTLM authentication issue.

Solution: Force NTLM Authentication

Forcing NTLM authentication is typically required only if the server where IIS is installed does not do DNS or WINs resolution.

  1. Click Start > All Programs > Administrative Tools > Internet Information Services (IIS) Manager.

        

  2. Right-click the local computer and click Properties:

        

  3. Select the Enable Direct Metabase Edit check box, and click OK:

        
  4. In Notepad, open the file MetaBase.xml in %systemroot%\system32\inetsrv:

        

  5. Locate the section <IISWebServer> and add the following property and value:
    NTAuthenticationProviders="NTLM"

    Example
         <IIsWebServer        Location ="/LM/W3SVC/1"
         AppPoolId="DefaultAppPool"
         DefaultDoc="Default.htm,Default.asp,index.htm,iisstart.htm,Default.aspx"
         NTAuthenticationProviders="NTLM"
         ServerAutoStart="TRUE"

         ServerBindings=":80:"
         ServerComment="Default Web Site"
         ServerSize="1">
         </IIsWebServer>

  6. Save and close the MetaBase.xml file.

Error 500 - Internal server error is displayed

Symptom: The browser reports Error 500 - Internal server error.

Cause: You use Integrated Security, and the application pool identity has a custom account, but impersonation is permitted.

Solution: Set impersonation to False.

  1. Using Notepad, open the web.config file for the Reporting Web Site. This file is in the root folder of the site, typically C:\Program Files\Netaphor\SiteAudit\ReportingWebSite.
  2. Locate the identity tag and set impersonation to false:
    <identity impersonate="false" />  

Service unavailable error message is displayed

Symptom: The message "Service unavailable" appears when a user tries to browse to the Reporting Web Site.

Cause: The user specified in the application pool identity is not a member of the IIS_WPG group.

Solution: Add the application pool user to the IIS_WPG group as described above under "Reporting Web Site reports not available over the network."

Web.config error message is displayed

Symptom: A standard ASPX error message about the web.config file displays when the browser loads a page.

Cause: The correct version of ASP.NET is not installed.  

Solution: Configure the Reporting Web Site to allow ASP.NET 2.0.50727 if running SiteAudit version 5.1 or earlier. Configure this to allow ASP.NET 4.0.30319 if running version 5.2 or later.

Error message is displayed: Login failed for anonymous user

Symptom: An error message indicates a failed login for anonymous user when a user tries to run a report on the Reporting Web Site.


Cause: Impersonation is enabled on the Reporting Web site.  

Solution: Disable impersonation as described above under "Reporting Web Site reports not available over the network."

Error message is displayed: Login failed for the specific user

Symptom: An error message indicates a failed login for the computer.


Causes:

  1. The application pool identity is set to NETWORK SERVICE, and the SQL server is located on a remote computer. 
  2. The user specified in the application pool identity is not a member of the IIS_USR or IIS_WPG group, in the case of IIS 6.

Solutions:

  1. Configure the application pool as described above under "Reporting Web Site reports not available over the network."

Error message 500.19, Internal Server Error, is displayed

Symptom: The browser displays 500.19, Internal Server Error.

Cause: A problem with the web.config file. Typically, the error details provide a hint to the problem. For example, this error might appear: 

    

The details indicate that the Default.aspx reference is a duplicate and that the error exists on line #120.

    

Solution: Edit web.config. In the case of the above example, remove the offending entry. In the example above, remove line 120.

Login succeeds when using Reporting Web Site IP address but fails when using DNS name

Symptom: Users can log in to the Reporting Web site using the IP address, but is not using the DNS name.

Cause: NTLM authentication is not being enforced.  

Solution: Force NTLM authentication as described above under "Reporting Web Site reports not available over the network."

Error message 404 is displayed

Symptom: When a user browses to the Reporting Web Site, error 404 displays.

Cause: The correct ASP.NET Web Service Extension is not installed.

Solution: Configure the Reporting Web Site to allow ASP.NET 2.0.50727 if using SiteAudit version 5.1 or earlier and ASP.NET 4.0.30919 if using SiteAudit version 5.2 or later.

Access to path is denied

Symptom: A user viewing the Reporting Web Site sees an "Access to path denied" error message.

Cause: Internet Explorer settings are blocking the site.

Solution: In Internet Explorer, disable protected mode for your intranet.

  1. In Internet Options, click the Security tab.
  2. Click Local intranet, and clear the Enable Protected Mode check box.

        

Solution #2:  Provide read/write access to the specified folder


Images do not appear on Reporting Web Site

Symptom: Images do not appear on the Reporting Web Site.

Cause: Static content is not enabled in the Common HTTP Features. 

Solution: Enable static content as described in Preparing IIS for the Reporting Web Site.

Cannot connect to SQL Server

Symptom: A yellow warning bar appears in Internet Explorer, and a message indicates that an error occurred while establishing a connection to SQL Server.

Cause: Intranet settings do not permit the connection

Solution: Click the warning bar and select Enable Intranet Settings. The text in the browser's status bar changes from Internet | Protected Mode: On to Local intranet | Protected Mode: Off.


Internet Explorer prompts for credentials

Symptom: Internet Explorer prompts for user name and password even though the user is logged on using a domain account. 

Cause: An advanced setting in Internet Explorer, Prompt for user name and password, requires this prompt.

Solution: Change the user authentication setting in Internet Explorer. 

  1. In Internet Options, click the Security tab.
  2. Click Local intranet, and click Custom Level.
  3. Scroll to the User Authentication section and click Automatic logon only in Intranet zone.

        

Note: If a different user must log in to the Reporting Web site from a computer where a domain user has logged on, you should enable Prompt for user name and password so the user can enter the credentials. 

Reporting Web Site Page is Blank - No Errors Displayed

Symptom: Navigating to the Reporting Web Site produces a blank page. No error messages are displayed.

Cause: .NET patches have been installed and are not compatible with .NET 4.6

Solution: Remove patches per Microsoft KB article 3118750


Web Site Database Configuration Requires Elevation

Symptom: When configuring the database for the Reporting Web Site an error message appears indicating one must close the Viewer and run 'As administrator'

Cause: The SiteAudit Viewer was not run with administrator privileges, which are required to update the web.config file to point to the desired SiteAudit database

Solution: Run SiteAudit with administrator rights.
Close the SiteAudit Viewer. Right-click on the SiteAudit icon and select Run as administrator. Then repeat the configuration process.


Unable to Publish Reports

Symptom: When configuring the database for the Reporting Web Site an error message appears indicating one must close the Viewer and run 'As administrator'

Cause: The SiteAudit Viewer was not run with administrator privileges, which are required to update the web.config file to point to the desired SiteAudit database

Solution: Run SiteAudit with administrator rights. 
Close the SiteAudit Viewer. Right-click on the SiteAudit icon and select Run as administrator. Then repeat the configuration process.

Solution 2: If the solution above does not work, then it is always possible to manually copy the template to the Reporting Web Site directly.

  1. Save a copy of your template (.view file)
  2. Copy and paste your template into the desired folder Reporting Web Site/App_Data/MyReports



HTTP Error 500.52 - URL Rewrite Module Error

HTTP Error 500.52 - URL Rewrite Module Error. Outbound rewrite rules cannot be applied when the content of the HTTP response is encoded ("gzip")