Configuring Security Through Role Assignments
In Reporting Services, all roles can be modified, including the predefined roles that are configured during setup. You can rename the predefined role definitions or replace them with custom definitions. Suppose your organization is already familiar with a set of roles in use for another application, such as System Administrator, Subscriber, Document Administrator, and Document Author. If these roles correspond to how you think users will access a report server, you can apply the more familiar nomenclature to report server roles. You can either rename the predefined roles or create new role definitions that correspond to the roles that you already know.
Note
Although you can use any intellectual work or analysis you may have already done for other role-based applications in use at your organization, you cannot import the security constructs into Reporting Services.
This section explains how to modify default security to support additional users, groups, and access requirements. You can change system-level security or item-level security.
To manage security effectively, use the default security and supplement it with a minimum set of role assignment that provide access to report users, and then follow the principle of "setting security by exception," (that is, change or add security to accommodate special cases, but not otherwise).
Security Configuration Process
To configure security for Reporting Services, you create role assignments for securable items on the report server as follows:
- Navigate to the item that you want to secure. You can secure folders in the folder hierarchy; child items inherit their parent's security.
- Create a role assignment that specifies a user or group account.
- Choose a role that describes how you want that user or group to access the item.
Because role-based security is context-sensitive, you must navigate to a specific item, such as a folder or a report, before you create a role assignment.
For specific instructions about creating role assignments, see How to: Create, Delete, or Modify a Role Assignment (Management Studio) and How to: Create, Delete, or Modify a System Role Assignment (Report Manager).
In This Section
| Topic | Description |
|---|---|
Set security for specific reports or resources. |
|
Set security for specific report models. |
|
Set security for specific folders. |
|
Set security for My Reports. |
|
Control access to ad hoc reporting functionality available through Report Builder. |
|
Set security for shared data sources. |
|
Create role definitions that describe access for particular classes of users. |
|
Add users or modify access for current users. |
|
Change system level security. |
See Also
Tasks
How to: Create, Delete, or Modify a Role Assignment (Management Studio)
How to: Create, Delete, or Modify a System Role Assignment (Report Manager)
How to: Create, Delete, or Modify a Role (Management Studio)
How to: Create, Delete, or Modify a Role (Report Manager)
Concepts
Managing Permissions and Security for Reporting Services
Securing Reporting Services
Tasks and Permissions in Reporting Services