How to configure a Sql Server Reporting Services instance to use Basic authentication

Below the steps to follow:

  1. Open RSReportServer.config in a text editor. The file is located at \Program Files\Microsoft SQL Server\MSRS11.MSSQLSERVER\Reporting Services\ReportServer.
  2. Find
  3. Copy one of the following XML structures that best fits your needs. The first XML structure provides placeholders for specifying all of the elements, which are described in the next section:

If you are using default values, you can copy the minimum element structure:

  1. Paste it over the existing entries for . If you are using multiple authentication types, add just the RSWindowsBasic element but do not delete the entries for RSWindowsNegotiate, RSWindowsNTLM, or RSWindowsKerberos.
    To support the Safari browser, you cannot configure the report server to use multiple authentication types. You must specify only RSWindowsBasic and delete the other entries.
    Note that you cannot use Custom with other authentication types.
  2. Replace empty values for <Realm> or <DefaultDomain> with values that are valid for your environment.
  3. Save the file.
  4. If you configured a scale-out deployment, repeat these steps for other report servers in the deployment.
  5. Restart the report server to clear any sessions that are currently open.


Basic auth type exchanges a base64 encoded password, which assure no protection during the handshake. In order to obtain a good level of security, the whole auth process should only take place behind an SSL secured connection.