Monday, November 24, 2014

Personalize Deploy Reports folder permission in SQL 2012

Personalize Deploy Reports tutorial in SQL Reporting Server 



1. Overview:

SQL Server Reporting Services 2012 (SSRS) is a feature included in the SQL Server 2012 product.  We use SSRS to design, develop, and deploy reports.  SSRS was originally slated to be released with SQL Server 2005 but it wound up being released a little bit ahead of SQL Server 2005.  SSRS leverages the Business Intelligence Development Studio (BIDS) developer tool for all aspects of authoring and deploying reports.  BIDS is included with SQL Server 2012.

In this tutorial we will setup a topic that you need to grant permissions for each user to view the report without have access to other reports.

2. Configuration:

First we have our reports deployed: Report 1, Report 2, Report 3


I created 6 users in Active directory each 2 users are members in 3 groups: Group A, Group B, Group C.


Each Group must view his own report folder.

We need to access to Reporting services with SQL Admin to create a new role


Go to Security - Roles

Click on New Role

Give a name to the role and select View tasks

Now we need to access to Reporting web page with Admin.
Click "Folder Settings"


In security add the 3 Groups and assign the role we created in the previous step


All groups can view all the folders report, we need to remove Groups that they don't need to access to other folders.

Select the folder and go to "Security"

In Report 1 folder we need only Group A, so we remove Group B and C

Do same thing for folder 2 but this time we keep Group B to access


We access to reporting web page with User.One


Now let's try to open a report

We got an error, no worries, that's because reporting services uses the user authentification who hasn't permission in SQL Server

Go back to Reporting web with Admin, enter to Data Sources Folder and edit the Source connection

Select "Credentials stored securely in the report", enter Admin login/password and check "use as Windows credentials"

Access again with User.One and open the report

Let's try with another user


No comments:

Post a Comment