Protected database and Reporting Services.

Note: If you permit access by login you don't need this extension.

Like any other client applications Reporting Services server is also affected by access restrictions (if access restriction applied). DbDefence installs special module that intercepts all database connections from Reporting Services process. It executes unlocking statement before any other SQL commands from report.

The module (.NET assembly) Elitude.ReportingServices.BDataExtension.dll automatically installed to Bin folder of Report Server. You do not need to configure it. Same module copied to Business Intelligence Development Studio/Visual Studio "Common7\IDE\PrivateAssemblies\" to enable access to protected database during design time.

Installer creates additional database source called "Connection To Protected Database". If you already have existing connections configured for SQL Server you can safely change it to "Connection To Protected Database" and leave all options unchanged.

Source "Connection to Protected Database" in web interface:

Connectiontoprotected

In Business Intelligence Studio:

Connectiontoprotectedbi

It behaves absolutely in the same way like Microsoft SQL Server connection and accepts same parameters and credentials. However it accepts additional options to unlock database access.

This data source accepts additional parameters called bdb and bpwd. bdb specifies name of protected database to unlock (if it is not current database); bpwd specifies unlocking password. The same password used for encryption. If Initial Catalog in the connection string is the protected database you may omit bdb parameter.

Bpwd

The extension module unlocks database with the very first command, so all further queries from report run in unlocked database.

Security Considerations

You may want to protect connection string itself. Please refer to Microsoft Documentation.