Permission on reporting server

  • I would like to setup a windows group of people to view reports on a SSRS report server.

    They can navigate the folders and view the reports.

    I know I need to setup item-level permission to the folder and give them browser permission.

    My question is: do I also need to add them to system level as a system user?

    Is that a required step for permission to work?

    Thanks

  • do I also need to add them to system level as a system user?

    Do you mean on the SQL Server box itself? If so, no. If you are using Active Directory and the Windows group has been added and granted the appropriate permissions, it will suffice.

    ______________________________________________________________________________Never argue with an idiot; Theyll drag you down to their level and beat you with experience

  • But I read from this site: http://msdn.microsoft.com/en-us/library/aa337385(v=sql.105).aspx

    it says: Each user who requires access to a report server should have a system-level role assignment

    also: b.Assign the System User role to all other users

    Here I don't quite understand when it says requires access to report server, if I only want to grant permission to people to view the reports on the report server, does it mean "require access to report server", and do they have to be granted system_level access, then they can browse reports?

    Thanks

  • Have you read through these two articles (related)

    http://msdn.microsoft.com/en-us/library/aa337491(v=sql.105).aspx

    http://msdn.microsoft.com/en-us/library/ms156034(v=sql.105).aspx

    ______________________________________________________________________________Never argue with an idiot; Theyll drag you down to their level and beat you with experience

  • I did, but I still did not get my question answered.

    In the above article you give me:

    it also says:

    The two types of roles complement each other and should be used together. For this reason, adding a user to a report server is a two-part operation. If you assign a user to an item-level role, you should also assign them to a system-level role

    So my understanding is even I just want to grant users to view reports, which is item-level access, I still need to add the users to system -level,

    is this correct?

    thanks

  • I manage permissions using ad groups to specific folders and none of them are system users and have had no complaints. Would be interested to see if I am doing something wrong though.

  • I'm not certain where the disconnect is happening but again, I just set users up via the report manager granting the permissions I'd like them to have at the folder level (role assignments)

    I'd created an Accounting Reporting folder, then grant permissions based upon the Windows Active Directory security group that contains just the members I want to have access to it

    Example: MYDOMAIN\Accounting Reporting

    Role(s): Browser

    ______________________________________________________________________________Never argue with an idiot; Theyll drag you down to their level and beat you with experience

Viewing 7 posts - 1 through 6 (of 6 total)

You must be logged in to reply to this topic. Login to reply