solving sql server problems for millions of dbas and developers since 2006



SQL Server DBA Tips SQL Server Developer Tips SQL Server Business Intelligence Tips SQL Server Career Tips SQL Server Tip Categories SQL Server Tutorials SQL Server Webcasts SQL Server Whitepapers SQL Server Tools SQL Server Questions and Answers MSSQLTips Authors About MSSQLTips SQL Server User Groups MSSLQTips Giveaways MSSQLTips Advertising Options

MSSQLTips Facebook Page MSSQLTips LinkedIn Page MSSQLTips RSS Feed MSSQLTips Twitter Page MSSQLTips Google+ Page

Top SQL Server Tools








SSRS report server permissions when integrated with SharePoint

By: | Read Comments | Print

Scott has a passion for crafting BI Solutions with SharePoint, SSAS, OLAP and SSRS.

Related Tips: More

Problem

After successfully integrating SharePoint 2010 and Reporting Services and deploying my first Report Server Report to a SharePoint "Reports" repository using Abin Jaik Antony's MSSharePointTips article SQL Server Reporting Services Integration with SharePoint, what Repository or List permissions and security are required for report developers, publishers, and end users?  Check out this tip to get this question and more answered.

Solution

Within a SharePoint 2010 repository, report definition files (rdl), report model files (smdl), shared data sources (rsds/rsd), and report part files (rsc) can easily be deployed and need to be secured. The permissions used to secure these objects are set in SharePoint Permission Levels. Out of the box, when a new site is created, SharePoint assigns a set of default permission levels to the 3 default users groups: Owners, Members, and Visitors. Upon the creation of a new "Reports" Library, these default groups inherit permissions from the parent site. By default, the Owners' group has full control which means that Members of this group can create, manage and set security on all report server items, while the Members group has the authority to add or publish reports and report builder models. Of course, both of these groups can view reports, and furthermore, members of the Visitors group can run reports and create user defined subscriptions. The MSDN articles Using Built-In Security in Windows SharePoint Services for Report Server Items and Sites and List Permission Reference for Report Server Items both have details references which match the SharePoint Groups to the SharePoint Permission Levels to the related Report Server Access items.

Configuring SharePoint Library Permissions

However, what do you need to do to adjust those permissions?  For instance what if you do not want the Visitors group to be able to view reports or you do not want the members' group to publish reports?  In order to change permissions for a Report Library / Repository, you will use the Ribbon > Library Tools > Library Permissions area. This tool is part of the standard Library Ribbon. To get to the Ribbon and the Library Tools menu, first navigate to navigate to your SharePoint site, and then to your Report Server Library; in the upper portion of the window, the Ribbon will appear similar to the below figure.

Library Tools

Next Click on the Library button which will open the full Library Ribbon; a partial view of this ribbon is pictured below. To access these Library Tools, a user will need to belong to a group which has either Full Control or Design permissions. Please note, these instructions pertain to SharePoint 2010 only.

Library Tools 2

Next, you would click on a particular group, as shown in the blue area in the screen shot below. Clicking on a group opens the Edit Permissions Window, the white area in the figure; this window permits you to assign or remove specific Permission levels. So for instance, if you wanted to grant Full Control Access to the Members group, you would check the Full Control box and then click the OK button.

Library Permissions for Group

Granular SharePoint Permissions

In some cases, you will want more granular control over the permissions you grant. In these cases, you could grant individual permissions such as Read access to a particular user or group that is not part of the 3 default groups. To make these type of changes, first navigate to your Report Server Repository and again click on Library Tools Ribbon.

Library Permissions Ribbon1

Again Select Library Permissions.

Library Permissions

Now Select the Grant Permissions option.

Library Permissions 3

You can now add a user utilizing the below form. Following the preceding example, you could grant Read access to a particular group or user by entering their information in this form and then clicking OK.

Grant Access

Create a Permission Level for SQL Server Report Server

Last, if you have very specific permission needs, you can create a specific Permissions Level which caters to your exact Reporting Services needs. You will need Full Control permissions or belong to the Owners group to make the changes in the next few instructions. First, from your main SharePoint home page, Top Ribbon, Click on Site Actions and then Site Permissions.

Individual Permissions 2

Within Site Permissions, the Permission Tools Ribbon will display, and you will want to click on Permission Levels as noted in the below figure.

Library Group Edit

The Permission Levels screen is a bit confusing in that the Edit function is only available if you click on the existing Permission Levels, such as Full Control, Design, or Contribute. Certainly, you could add a new level also, but in this example, just click on one of the existing Permission Levels.

Individual Permissions 2

Now to adjust the permissions for a new or existing level, you would use the below screen. For instance, you could create a new permission level, which could be used to prevent a group or user from deleting reports, models, and other documents. Once this permission level is created you would assign it to the appropriate group using the instructions at the beginning of this tip. As you add Permission Levels, be sure to remove / uncheck the unwanted Permission Levels.

Library Permissions

Integrating SQL Server Reporting Server with SharePoint 2010 allows users to navigate to one site for both their reporting and collaboration needs. When you integrate these two systems, you will need to setup SharePoint Security so users, publishers and developers of reports have the access they need to complete their jobs.

Next Steps



Related Tips: More | Become a paid author


Last Update: 2/15/2012

Share: Share 



Free SQL Server Learning


Introduction to SQL Azure

Join Herve Roggero on Wednesday, June 13 @ 3:00 PM EST to learn more.



Comments and Feedback:


Post a Comment or Question

Keep it clean and stay on the subject or we may delete your comment.
Your email address is not published. Required fields are marked with an asterisk (*)

*Name   *Email   Notify for updates
Comments
*Enter Code refresh code


 
Sponsor Information
Try the award winning SQL diagnostic manager as a free 14-day trial!

Time-strapped database professionals use SQL Monitor to look after their servers. Try it online.

SQL Servers keeping you up at night? Contact the Edgewood SQL Server consultants for a Health Check.

Free Trial: Get Proactive Insight with SpotlightŪ for SQL Server Enterprise.

Solving SQL Server problems for millions of DBAs and Devs since 2006. Join now.

Demystify TempDB Performance and Manageability

Copyright (c) 2006-2012 Edgewood Solutions, LLC All rights reserved
privacy | disclaimer | copyright | advertise | about
authors | contribute | feedback | giveaways | user groups
Some names and products listed are the registered trademarks of their respective owners.

Edgewood Solutions LLC | MSSharePointTips.com | MSSQLTips.com