We want the service account that's running the ReportServer app pool (not the end user account) to use Windows authentication with report data sources when a user runs a report in the ReportViewer.
We don't want the client to use Windows authentication with the data source because we don't want all the domain users' Windows logons to actually have access to the underlying SQL databases. Only the SSRS ReportServer domain account should have access. Additionally, the users may be on a different domain than the SSRS instance.
We can't use the "Credentials stored securely on the report server" option because we will be deploying reports to many different client sites, with different domains, accounts, and credentials....and we obviously can't reconfigure credentials for all report data sources for each client site.
Any idea how to accomplish this?
Thanks.