Lesson 18: Managing SSRS Security
Session 21 : Managing SSRS Security
As soon as you install SSRS 2008 R2, in your server and hit http:///reports, by default the the system administrators get access to the report manager.
But if you wish to let other people see the reports that you deploy, you need to explicitly provide access to these reports.
Providing access to reports is very simple and can be done at an item level( report level) or a folder level.
Lets look at a very simple example.
I have installed a SSRS 2008 R2 report server, on my local machine and have created a folder called Sandbox, in which i have added a report called Hello World.
By Default all admins in the system can access this report.
Lets say, we add more reports to this folder and we need to grant access to these reports.
This can be done, by clicking on Folder Settings and then clicking on security
Click on New role assignment.
This is the place where you define your role assignments.
If you need to grant all users of your domain access, then you may need to add 'Domain\DomainUSERS' and assign appropriate roles.
There are mainly 5 types of roles, that you can assign to an user or a group.
These roles are:
a. Browser
b. Content Manager
c. My Reports
d. Publisher
e. Report Builder.
Descriptions for each of these roles are provided in the UI itself.
If you wish to add just a particular user of your domain for your report, type the username and select the appropriate role for the same.
Click OK, and your security is set.
Providing access to reports is very simple and can be done at an item level( report level) or a folder level.
Lets look at a very simple example.
I have installed a SSRS 2008 R2 report server, on my local machine and have created a folder called Sandbox, in which i have added a report called Hello World.
By Default all admins in the system can access this report.
Lets say, we add more reports to this folder and we need to grant access to these reports.
This can be done, by clicking on Folder Settings and then clicking on security
Click on New role assignment.
This is the place where you define your role assignments.
If you need to grant all users of your domain access, then you may need to add 'Domain\DomainUSERS' and assign appropriate roles.
There are mainly 5 types of roles, that you can assign to an user or a group.
These roles are:
a. Browser
b. Content Manager
c. My Reports
d. Publisher
e. Report Builder.
Descriptions for each of these roles are provided in the UI itself.
If you wish to add just a particular user of your domain for your report, type the username and select the appropriate role for the same.
Click OK, and your security is set.
Now that the group Domain\DomainUSERS is assigned to folder Sandbox, how do you make Active Directory aware of 'Domain\DomainUSERS' so users under AD have access to the SSRS folder and reports?
ReplyDelete