Folder Properties (Permissions Page)
Use this page to set security on a folder. If the folder uses the security settings of a parent folder, you can break security inheritance by setting different permissions on the current folder. By default, the permissions you specify will apply to all items within the folder. In general, you should limit the use of custom security settings to avoid having to track permission differences throughout the report server folder hierarchy.
For instructions on how to secure content, see How to: Create, Delete, or Modify a Role Assignment (Management Studio). For more information about folder security, see Securing Folders.
- Inherit roles from the parent folder
This option specifies that the current folder inherits security settings from its parent. This is the default option.
If you defined different security settings on the current folder, you can click Inherit roles from the parent folder to resume security inheritance from the parent folder. When you select this option, existing permissions that you previously set on the current folder will be replaced with inherited security settings when you click Apply. You will not be able to restore custom security settings, so be sure to write down any setting information that you might want to reference in the future.
This option can be used to define access to folders that you create. It is not available for the Home folder. The Home folder is the root node of the report server folder namespace and has no parent to inherit security from.
- Use these roles for each group or user account
Click Use these roles for each group or user account to modify security settings for this item. Access to the folder will be defined solely by the role assignments that you subsequently define. Role assignments are created by mapping a user or group account to one or more roles.
This option can be used to define access to folders that you create. It is not available for the Home folder. The Home folder is the root node of the report server folder namespace and has no parent.
- Group or User
Specifies which group or user accounts have access to the folder. The group and user accounts are Windows domain accounts if you are using Windows authentication. If you are using forms authentication and custom security, you can specify the security principals that are valid for your authentication provider.
Specify a group or user, and then choose roles for each one to assign roles for that group or user.
You can only specify one group or user account for each role assignment. For example, if you are setting permissions for a user account named contoso\jameswil, all roles for that account must be specified in the single role assignment. You cannot have two role assignments that have contoso\jameswil in the Group or User column.
You can specify role assignments for groups that include user accounts that already have role assignments defined for them. For example, if contoso\jameswil is a member of the sales group, you can specify permissions for contoso\sales. The permissions are cumulative; contoso\jameswil will have permissions granted through the individual user and the group assignments.
Specifies the roles that each group or user account can assume relative to this item. Each role is a collection of tasks that can be performed. By default, predefined role definitions are provided (including Browser, Content Manager, My Reports, and Publisher). You might see different roles depending on how your server is configured.
Note that you cannot specify a system-level role definition on a folder. For more information about creating or modifying Reporting Services roles and setting system-level permissions, see Configuring Security Through Role Assignments.
- Add Group or User
Click Add Group or User to add the group or user account to which you want to grant permissons.
Click Remove to delete the group or user account from the Server Properties page.