Context
I have an Oracle 11g database instance and a SQL Server 2012 instance installed on 2 different servers in the same domain. The Oracle database is configured to accept connection with Integrated Security (ie. Active Directory authentication). SQL Server has the Reporting Services feature installed and configured. Reporting Services will connect to Oracle database using the Oracle .NET data provider from Microsoft.
Issue
When creating a data connection to the database in Visual Studio I have no problem to connect to the Oracle database using Integrated Security. I configured the connection with this connection string:
Data Source=INSTANCE_NAME;Integrated Security=True;Unicode=True
But whenever I try to create a data source in Reporting Services from the SSRS website, from Report Builder or from BIDS, I am getting a login error:
ORA-01017: invalid username/password; logon denied
I tried copying the exact same connection string but the result is always the same. It looks like Reporting Services is ignoring the Integrated Security=True
option for an unknown reason.
Notes
The same issue occurs with SQL Server 2008 R2.
Oracle .NET data provider from Oracle cannot be used with Reporting Services.
I finally found what was the problem. When you need to pass credentials that needs to be transmitted to another server (Client -> SSRS -> DB), the default authentication system (NTLM) won't be enough because it can't perform double hop authentication. You need to give the rights to the report server to delegate authentication through Kerberos on the DC. So that means that you also have to enable RSWindowsNegotiate as the default authentication system for your report server and that you define SPNs for SSRS and its service account.
More details can be found here: https://serverfault.com/q/378096/85935