Manage Users (Azure SQL Reporting)
Updated: May 9, 2014
|SQL Reporting will discontinue service on October 31, 2014. See this FAQ for details. For reporting on Microsoft Azure, visit Virtual Machines on WindowsAzure.com.|
When you create the Windows Azure SQL Reporting server, you specify a server administrator. That user can create additional users with different permission levels.
To allow others access to the service, you first create new users and then assign roles. A report user must be unique on the service. You cannot import report user information from other services via the portal. Each report user must be created manually in the system.
Initially, all users are assigned to a single role that determines the permission level on the root node. Any role you assign to a report user at the root node is automatically inherited by other items throughout the folder hierarchy. Below the root node, on individual items, you can assign further roles to get additional permissions.
Remember that role assignments are cumulative. If a report user is created as a Content Manager on the root node, you will have to break permission inheritance if you want to trim permissions for that user on items below the root node.
To create a user and assign roles
Open a Web browser, and launch the Azure Platform Management Portal by specifying the appropriate Microsoft Azure credentials. Open the SQL Reporting server.
Note Currently, you must use the management portal to create report users. After report users are created, roles can be assigned programmatically.
Click Users at the top of the page.
Click Create at the bottom of the page.
Enter user name and password, select one or more item roles that encompass the type of tasks this user is allowed to perform.
Create user accounts for individuals or groups of users who need access to the service. You cannot create groups explicitly, but you can create a generic user account, such as ReportReader, and then distribute the username and password to anyone who needs view access to a report.
Note User names must be unique. User name requirements include at least 3 characters, of which one must be a letter. If you provide a duplicate name, an error message displays and you cannot continue until you change the user name to one that is unique.
Choose a role for the user. This role sets the permissions on the root node.
Note After you create a user account, you cannot update a user’s role assignment from the portal. If you make a mistake, you will need to recreate the user and choose a different role assignment. Alternatively, you can update users’ role assignments programmatically by using the Reporting Services SOAP API. For more information, see ReportingService2010.SetSystemPolicies Method (http://go.microsoft.com/fwlink/?LinkId=248988) in the Reporting Services API.
Provides read access to reports and shared data sources.
Conveys permission for uploading content, such as .rdl or .rds files, but without permission to delete content.
Provides the highest level of permissions on the service, including the ability to delete content and add or change permissions and user accounts.
Roles are similar to those available on a native mode report server, except that system roles, and the My Reports and Report Builder item roles, are not applicable in SQL Reporting. Furthermore, within a role, tasks for creating and managing models, schedules, report history, and subscriptions do not apply to SQL Reporting. For more information, see Using Predefined Roles, Role Assignments, and Tasks and Permissions.
Click the checkmark to save the user account.