If you have Reporting Services, SQL and IIS installed on the same server, you may receive an HTTP error 401 that says, “The request failed with HTTP status 401: Unauthorized.” The solution is to “Disable the loopback check” using regedit. Instructions are found on Microsoft KB 896861. Importantly, you may receive this error regardless of which computer you are using to browse the report website. The correct, default permissions in IIS for the Report, and ReportServer virtual directories “directory security” tab, are “Integrated windows authentication” only. You should not enable anonymous access. It’s a very good idea to set up SSL also, and you can also turn on those settings from the Directory Security tab of the Virtual Directory settings in the IIS console.