New Feature: Playlist Center! Pick a topic and let our playlists guide the way.

Easy-to-follow video tutorials help you learn software, creative, and business skills.Become a member

Adding users and configuring report security

From: SQL Server Reporting Services in Depth

Video: Adding users and configuring report security

Let's talk about security, and I don't mean the security of the database your report is connecting to. That's all taken care of in the data source, as we have seen. I am talking instead about security inside Reporting Services itself. So who gets to view this Report Manager website? Who could click the link to view a particular report, and who can't? And who could just view a report versus who could edit it and move it and delete it, because every item here--every folder, every subfolder, every single report, every shared data source, every report part--they all have independent security settings, a different list of people that can be allowed to view or edit them.

Adding users and configuring report security

Let's talk about security, and I don't mean the security of the database your report is connecting to. That's all taken care of in the data source, as we have seen. I am talking instead about security inside Reporting Services itself. So who gets to view this Report Manager website? Who could click the link to view a particular report, and who can't? And who could just view a report versus who could edit it and move it and delete it, because every item here--every folder, every subfolder, every single report, every shared data source, every report part--they all have independent security settings, a different list of people that can be allowed to view or edit them.

What you will find is they all have a Security option in the dropdown box. But it is considered a best practice to apply security at a folder level rather than individually on each report or each element, because if you change security on a folder, say the Sales folder here, whatever you put in that folder will take on the same settings, and the very top level, the Home page here that we are looking at, is considered a folder in itself, the top folder, the top container. So right now, everything I am looking at--all the reports, all the folders and everything inside them--takes on the settings that reply to this top-level folder.

So what are those settings? Well, if I have the right permissions, I can click this button up here called Folder Settings and I'll see what's inside Home. Currently, this is what I have set to. It's very simple here. It's working with security groups on this machine, saying that anyone who is in the Administrators group is considered in the role of a content manager, whereas for me, anyone who is considered an Authenticated User, which just means anybody who is logged on to this machine with a valid user ID, is considered a Browser. A Browser is someone who is allowed to view the Reporting Services website, can drill down inside the navigation of it, can actually browse reports, but can't move anything, can't delete anything, can't change security, can't create reports.

A Content Manager can do everything that I just mentioned there. They can create new reports. They can move them, delete them, add data sources, share data sources, and so on. And right now, because I haven't made any other changes, these are applying to every folder and every subfolder. So how would we change that? Well, let's say for example in my Sales folder I don't want everybody to be able to browse these reports. I only want them viewable by people in the Sales group. Well, once I am inside the Sales folder, I can go to my Folder Settings and I have the Security option here.

I can see that what it's doing right now, it's got exactly the same settings as I had in the folder above it. So I am going to click the option to Edit Item Security, and it's going to tell me well, you didn't have particular independent security here. It was being inherited from a parent item, the folder it was contained in, the Home folder. So do I want to apply different security settings here? Yes, I do. So I will click OK. And then what I am going to do is select the Authenticated Users as a Browser and delete it. That means just anybody who is logged on is not allowed to see this folder.

They are not allowed to browse items inside it. I am going to click the option for a new role assignment, and this is showing me the built-in Reporting Services roles. We have got Browser, Content Manager, Report Builder, Publisher, and My Reports. What I am going to do is add a new security group. I can add a group or an individual user. So if I had an individual user that I wanted to allow to view these reports--and I have got someone I know; his username is Hannac-- I can make them a Browser, click OK, and they are added here.

My Report Server is installed and running under a local account for the purposes of recording this course, so I am using local groups and users. In most large organizations you are running under a domain, so you'd need to use domain groups and users. And while we can add individual users, that's kind of high maintenance, so what's more typical is you will add groups. I know there is a group called Sales that contains all the salespeople, so I am going to type that in and select Browser, and now everyone who is in Sales can get into this folder and browse the items in it, but they can't change anything.

So one more thing I am going to do is create a New Role Assignment and say that the Sales Managers are allowed to create and configure new reports. I might wonder, which one should they have. There is an option here called Report Builder, which sounds like it might be the one for people creating and defining new reports, but that's not actually a great role. It doesn't give someone the ability to save a new report to the server. If you wanted someone who could add and create new reports, you'd want at least publisher, although publisher cannot move things around and apply security, so the best one, if you're really getting seriously into it, is the Content Manager Role.

I am going to click OK. So now what we have is anyone in Administrators is a full Content Manager in this Sales folder and any subfolder inside it. Hannac can browse it, as well as everybody inside the Sales group, and all the Sales Managers are also considered Content Managers. Now, when you're working with these roles, they can be changed, deleted, added to, reconfigured, so if you either see or if you need something else, you can talk to your database administrator. But if you are just creating reports and folders, data sources and report parts, the role you need at least is the Content Manager role.

Show transcript

This video is part of

Image for SQL Server Reporting Services in Depth
SQL Server Reporting Services in Depth

40 video lessons · 9473 viewers

Simon Allardice
Author

 
Expand all | Collapse all
  1. 12m 6s
    1. Welcome
      1m 9s
    2. What you need to know
      1m 36s
    3. Exploring SQL Server Reporting Services components
      4m 17s
    4. Reviewing SQL Server versions
      5m 4s
  2. 49m 41s
    1. The elements of a report
      3m 10s
    2. Creating a report with Report Builder
      12m 11s
    3. Grouping table regions on a report
      6m 1s
    4. Joining data from multiple tables
      4m 33s
    5. Formatting report elements
      4m 34s
    6. Using functions in a report
      11m 0s
    7. Displaying data in a matrix
      8m 12s
  3. 24m 9s
    1. Filtering data and adding parameters to a report
      5m 35s
    2. Customizing report parameters
      5m 4s
    3. Sorting data in a data region
      4m 7s
    4. Applying interactive sorting
      4m 57s
    5. Creating a drillthrough action to connect reports
      4m 26s
  4. 49m 57s
    1. Introduction to charting in Reporting Services
      4m 16s
    2. Creating a column chart
      8m 35s
    3. Adding a generated average to a chart
      4m 5s
    4. Creating a pie chart
      8m 19s
    5. Using sparklines
      6m 38s
    6. Adding a sparkline to a drilldown matrix
      14m 34s
    7. Adding data bars
      3m 30s
  5. 21m 48s
    1. Adding indicators to a report
      7m 52s
    2. Using and configuring gauges
      5m 30s
    3. Using maps in Reporting Services
      8m 26s
  6. 38m 14s
    1. Creating modular reports with report parts
      4m 36s
    2. Adding and updating report parts
      4m 37s
    3. Using subreports and nested regions
      4m 28s
    4. Configuring headers and footers
      3m 9s
    5. Printing and exporting reports
      3m 45s
    6. Using page breaks
      5m 37s
    7. Creating and using shared data sources
      8m 11s
    8. Creating and using shared data sets
      3m 51s
  7. 27m 20s
    1. Organizing reports in Report Manager
      3m 1s
    2. Adding users and configuring report security
      5m 24s
    3. Configuring subscriptions
      5m 13s
    4. Creating a linked report
      4m 8s
    5. Using Report Designer in SQL Server Data Tools
      9m 34s
  8. 1m 2s
    1. Goodbye
      1m 2s

Start learning today

Get unlimited access to all courses for just $25/month.

Become a member
Sometimes @lynda teaches me how to use a program and sometimes Lynda.com changes my life forever. @JosefShutter
@lynda lynda.com is an absolute life saver when it comes to learning todays software. Definitely recommend it! #higherlearning @Michael_Caraway
@lynda The best thing online! Your database of courses is great! To the mark and very helpful. Thanks! @ru22more
Got to create something yesterday I never thought I could do. #thanks @lynda @Ngventurella
I really do love @lynda as a learning platform. Never stop learning and developing, it’s probably our greatest gift as a species! @soundslikedavid
@lynda just subscribed to lynda.com all I can say its brilliant join now trust me @ButchSamurai
@lynda is an awesome resource. The membership is priceless if you take advantage of it. @diabetic_techie
One of the best decision I made this year. Buy a 1yr subscription to @lynda @cybercaptive
guys lynda.com (@lynda) is the best. So far I’ve learned Java, principles of OO programming, and now learning about MS project @lucasmitchell
Signed back up to @lynda dot com. I’ve missed it!! Proper geeking out right now! #timetolearn #geek @JayGodbold

Are you sure you want to delete this note?

No

Thanks for signing up.

We’ll send you a confirmation email shortly.


Sign up and receive emails about lynda.com and our online training library:

Here’s our privacy policy with more details about how we handle your information.

Keep up with news, tips, and latest courses with emails from lynda.com.

Sign up and receive emails about lynda.com and our online training library:

Here’s our privacy policy with more details about how we handle your information.

   
submit Lightbox submit clicked
Terms and conditions of use

We've updated our terms and conditions (now called terms of service).Go
Review and accept our updated terms of service.