March 30, 2010 at 4:32 am
Hi ,
Can any one of you help me...
I need to setup the access for the new user to the view the reports which are deployed in the report server ,
where and all i need to add the user name ,so that he can view the reports.
First he should be able to login to the Report server (see some of the folders in the home page)
second the user should be able to open and view the reports .
Plz provide me the solutions
Thanks & Regards
jaya
March 30, 2010 at 7:21 am
you can do that either through the reports web page or via SSMS, its just a matter of adding them to the correct Role.
---------------------------------------------------------------------
March 30, 2010 at 8:14 am
Here is a link to the section of Books Online (SQL Server's help files) which deals with setting up security on a Report server... http://msdn.microsoft.com/en-us/library/ms156014.aspx
In general what I'd suggest is you set up some local or Active Directory Groups, assign the groups to roles on your Report server and then add the individual users to the groups. In this way once you set up the security you never really need to deal with it again, you just manage the groups and the directory services take care of everything for you.
-Luke.
April 2, 2010 at 10:42 am
In general what I'd suggest is you set up some local or Active Directory Groups, assign the groups to roles on your Report server and then add the individual users to the groups. In this way once you set up the security you never really need to deal with it again, you just manage the groups and the directory services take care of everything for you.
SSRS 2005 is IIS dependent so the above could make reports to timeout based on number of users if Asp.net AD provider is not implemented.
Kind regards,
Gift Peddie
April 2, 2010 at 11:01 am
Gift Peddie (4/2/2010)
In general what I'd suggest is you set up some local or Active Directory Groups, assign the groups to roles on your Report server and then add the individual users to the groups. In this way once you set up the security you never really need to deal with it again, you just manage the groups and the directory services take care of everything for you.
SSRS 2005 is IIS dependent so the above could make reports to timeout based on number of users if Asp.net AD provider is not implemented.
I'm somewhat confused by this. Can you be a bit more specific? Admittedly I don't work in a large shop, so I may not understand the ramifications of allowing SSRS Roles mapped to Domain groups and having them timeout when there are too many users. My understanding was that was what the SSRS Roles were there for. Using Integrated Windows Authentication by putting users in groups and giving the groups access to roles on the SSRS and similar have been best practices for maintenance and security for some time, not just for SSRS but for all network resources (files/printers/etc). The idea is you manage the groups not the individual users.
I don't see what the ASP.Net AD provider has to do with this unless that is not what SSRS/IIS uses to do the authentication against AD? I can see it coming into play if you are using a custom authentication scenario or custom front end or are using the ReportServerControl inside of another app, but I don't think that is what the OP is asking about here. Perhaps the OP can provide a bit more detail about their environment?
-Luke.
April 2, 2010 at 11:12 am
Using Integrated Windows Authentication by putting users in groups and giving the groups access to roles on the SSRS and similar have been best practices for maintenance and security for some time, not just for SSRS but for all network resources (files/printers/etc). The idea is you manage the groups not the individual users.
The above is correct without an application context because AD primary task is to resolve users to the network and file/print server.
I don't see what the ASP.Net AD provider has to do with this unless that is not what SSRS/IIS uses to do the authentication against AD? I can see it coming into play if you are using a custom authentication scenario or custom front end or are using the ReportServerControl inside of another app, but I don't think that is what the OP is asking about here. Perhaps the OP can provide a bit more detail about their environment?
The Asp.net runtime does not resolve users through AD when the application users are above a few thousand, that is the reason AD provider uses either IIS or the standardized LDAP. Please check the SSRS security config file in the SSRS folder.
Kind regards,
Gift Peddie
Viewing 6 posts - 1 through 5 (of 5 total)
You must be logged in to reply to this topic. Login to reply