Deployment Considerations for Server Reports
All users who run your application and require access to a report must have permission to access the report server. The client application must connect to the SQL Server Reporting Services report server. The client application must ensure that the ReportViewer control is configured to connect as a user with sufficient permissions to view the report. You can provide a single set of credentials that all users use.
Applications that include reports that are stored on a report server must provide a valid URL for a remote SQL Server Reporting Services instance and path information to the report. You can specify the reference in the ReportViewer Tasks smart tags panel when you add the control to a form or Web page. You can also specify this information programmatically if the server location is unknown at design time.
If you are deploying a server report, the ReportViewer control connects to the report server as the thread user. If the thread user is not authorized to view the report, you must supply a IReportServerCredentials object to the ReportViewer Web server control. This object provides credentials used to connect to the server. If you are using the ReportViewer Windows Forms control, use the ReportServerCredentials property on the ServerReport object.
ASP.NET deployment introduces additional considerations. If ASP.NET is not configured for impersonation, you will need to develop a strategy for user access to computers and data sources.
For more information, see Specifying Connections and Credentials for the ReportViewer Web Server Control.
In Reporting Services, reports that are published to a report server may retrieve data from external servers. To retrieve data from those servers, users may be prompted to provide a user name and account. Whether a user is prompted for credentials depends on how data source properties are configured for the report. Reports can be configured to use stored credentials, integrated security, prompted credentials, or no credentials. If you include a report that uses integrated security, all users who require access to the report must have access to the data source used by the report. For more information, see "Specifying Credential and Connection Information for Report Data Sources" and "Managing Report Data Sources " in SQL Server Books Online.