Click here to monitor SSC
SQLServerCentral is supported by Red Gate Software Ltd.
 
Log in  ::  Register  ::  Not logged in
 
 


 
     
Recent Posts
   
Popular Topics
Home   
Search
    Members    Calendar    Who's On

Home » SQL Server 2008 » SQL Server 2008 Administration » Permission on reporting server
Add to briefcase

Permission on reporting server Expand / Collapse
Rate Topic
Display Mode
Topic Options
Author
Message
sqlfriends
Posted Tuesday, December 18, 2012 11:38 AM
SSCommitted

SSCommittedSSCommittedSSCommittedSSCommittedSSCommittedSSCommittedSSCommittedSSCommitted

Group: General Forum Members
Last Login: Yesterday @ 6:13 PM
Points: 1,610, Visits: 2,794
I would like to setup a windows group of people to view reports on a SSRS report server.
They can navigate the folders and view the reports.

I know I need to setup item-level permission to the folder and give them browser permission.

My question is: do I also need to add them to system level as a system user?
Is that a required step for permission to work?

Thanks
Post #1397964
MyDoggieJessie
Posted Tuesday, December 18, 2012 8:18 PM


SSCrazy

SSCrazySSCrazySSCrazySSCrazySSCrazySSCrazySSCrazySSCrazy

Group: General Forum Members
Last Login: 2 days ago @ 2:19 PM
Points: 2,037, Visits: 3,761
do I also need to add them to system level as a system user?
Do you mean on the SQL Server box itself? If so, no. If you are using Active Directory and the Windows group has been added and granted the appropriate permissions, it will suffice.

______________________________________________________________________________
"Never argue with an idiot; They'll drag you down to their level and beat you with experience"
Post #1398118
sqlfriends
Posted Wednesday, December 19, 2012 10:17 AM
SSCommitted

SSCommittedSSCommittedSSCommittedSSCommittedSSCommittedSSCommittedSSCommittedSSCommitted

Group: General Forum Members
Last Login: Yesterday @ 6:13 PM
Points: 1,610, Visits: 2,794
But I read from this site: http://msdn.microsoft.com/en-us/library/aa337385(v=sql.105).aspx
it says: Each user who requires access to a report server should have a system-level role assignment
also: b.Assign the System User role to all other users

Here I don't quite understand when it says requires access to report server, if I only want to grant permission to people to view the reports on the report server, does it mean "require access to report server", and do they have to be granted system_level access, then they can browse reports?

Thanks
Post #1398533
MyDoggieJessie
Posted Wednesday, December 19, 2012 10:40 AM


SSCrazy

SSCrazySSCrazySSCrazySSCrazySSCrazySSCrazySSCrazySSCrazy

Group: General Forum Members
Last Login: 2 days ago @ 2:19 PM
Points: 2,037, Visits: 3,761
Have you read through these two articles (related)
http://msdn.microsoft.com/en-us/library/aa337491(v=sql.105).aspx
http://msdn.microsoft.com/en-us/library/ms156034(v=sql.105).aspx

______________________________________________________________________________
"Never argue with an idiot; They'll drag you down to their level and beat you with experience"
Post #1398553
sqlfriends
Posted Wednesday, December 19, 2012 10:59 AM
SSCommitted

SSCommittedSSCommittedSSCommittedSSCommittedSSCommittedSSCommittedSSCommittedSSCommitted

Group: General Forum Members
Last Login: Yesterday @ 6:13 PM
Points: 1,610, Visits: 2,794
I did, but I still did not get my question answered.

In the above article you give me:
it also says:

The two types of roles complement each other and should be used together. For this reason, adding a user to a report server is a two-part operation. If you assign a user to an item-level role, you should also assign them to a system-level role

So my understanding is even I just want to grant users to view reports, which is item-level access, I still need to add the users to system -level,

is this correct?

thanks
Post #1398562
slim.richard
Posted Thursday, December 20, 2012 8:09 PM
Grasshopper

GrasshopperGrasshopperGrasshopperGrasshopperGrasshopperGrasshopperGrasshopperGrasshopper

Group: General Forum Members
Last Login: 2 days ago @ 8:16 PM
Points: 12, Visits: 211
I manage permissions using ad groups to specific folders and none of them are system users and have had no complaints. Would be interested to see if I am doing something wrong though.
Post #1399155
MyDoggieJessie
Posted Thursday, December 20, 2012 9:17 PM


SSCrazy

SSCrazySSCrazySSCrazySSCrazySSCrazySSCrazySSCrazySSCrazy

Group: General Forum Members
Last Login: 2 days ago @ 2:19 PM
Points: 2,037, Visits: 3,761
I'm not certain where the disconnect is happening but again, I just set users up via the report manager granting the permissions I'd like them to have at the folder level (role assignments)

I'd created an Accounting Reporting folder, then grant permissions based upon the Windows Active Directory security group that contains just the members I want to have access to it

Example: MYDOMAIN\Accounting Reporting
Role(s): Browser

______________________________________________________________________________
"Never argue with an idiot; They'll drag you down to their level and beat you with experience"
Post #1399170
« Prev Topic | Next Topic »

Add to briefcase

Permissions Expand / Collapse

 
 
Copyright © 2002-2013 Simple Talk Publishing. All Rights Reserved. Privacy Policy. Terms of Use. Report Abuse.