December 22, 2009 at 10:48 pm
Hi,
We have SQL Server 2005 reporting services with SP3 and the server is in workgroup. The reporting services is running under local service and I have installed database engine and reporting services using windows authentication by using an administrative account sqladmin. Now there is local administrator account 'devteam' on the server. Now the account devteam has all access to Reporting services i.e that account can delete reports uploads reports. But as SQL DBA, I want to restrict them to just view the reports. How can I do that?
Please advice..
December 22, 2009 at 11:09 pm
Either remove the devteam account from the local admins group
-or-
Remove local admin group from access to SQL Server ReportingServices Instance, then add the devteam to just the roles for which you want it to have access.
Jason...AKA CirqueDeSQLeil
_______________________________________________
I have given a name to my pain...MCM SQL Server, MVP
SQL RNNR
Posting Performance Based Questions - Gail Shaw[/url]
Learn Extended Events
December 22, 2009 at 11:41 pm
thank you,
I have connected to Reporting services from Management studio and I went to Home->Right click->Properties->here, I can see 'BUILTIN\Administrators' and 'servername\devteam' accounts. So from here for servername\devteam, just I need to give "browser" permissions right?
and one more thing, why servername\devteam is added here automatically? Is that normal? I'm suspecting some body has added this account here
please advice
December 23, 2009 at 9:09 am
gmamata7 (12/22/2009)
Hi,We have SQL Server 2005 reporting services with SP3 and the server is in workgroup. The reporting services is running under local service and I have installed database engine and reporting services using windows authentication by using an administrative account sqladmin. Now there is local administrator account 'devteam' on the server. Now the account devteam has all access to Reporting services i.e that account can delete reports uploads reports. But as SQL DBA, I want to restrict them to just view the reports. How can I do that?
Please advice..
If you do that and did not create an account that can allow them to deploy reports the deploying task becomes your job. I remember connecting to report manager with view permissions and reported the incident, when a developer cannot perform assigned task for permissions reasons the job in most cases is added to the DBA who restricted it.
Kind regards,
Gift Peddie
Viewing 4 posts - 1 through 4 (of 4 total)
You must be logged in to reply to this topic. Login to reply