Authorizing Report Server Access Through Role Assignments
Reporting Services provides a role-based authorization model to control access to report server content and operations. In Reporting Services, all roles can be modified, including the predefined roles that are configured during setup. You can rename the predefined role definitions or replace them with custom definitions.
Roles are defined for system-level and item-level security. Item-level roles are used to grant access to items stored on a report server. System-level roles are used to grant access to items and operations that are available throughout a report server site (for example, shared schedules).
To manage security effectively, use predefined roles and permission inheritance to minimize the number of security policies, and then follow the principle of "setting security by exception," (that is, change or add security to accommodate special cases, but not otherwise).
To configure security for Reporting Services, you create role assignments for securable items on the report server as follows:
Navigate to the item that you want to secure. You can secure folders in the folder hierarchy; child items inherit their parent's security.
Create a role assignment that specifies a user or group account.
Assign to that user or group a role that contains the set of tasks that can be performed.
Because role-based security is context-sensitive, you must navigate to a specific item, such as a folder or a report, before you create a role assignment.
For specific instructions about creating role assignments, see How to: Set Permissions on Report Server Items (Management Studio) and How to: Modify or Delete a Role Assignment (Report Manager).
Set security for specific reports or resources.
Set security for specific report models.
Set security for specific folders.
Set security for My Reports.
Control access to ad hoc reporting functionality available through Report Builder.
Set security for shared data sources.
Create role definitions that describe access for particular classes of users.
Add users or modify access for current users.
Change system level security.
TasksHow to: Modify or Delete a Role Assignment (Report Manager)
How to: Create, Delete, or Modify a Role (Management Studio)
ConceptsManaging Permissions and Security for a Native Mode Report Server
Security and Protection (Reporting Services)
Tasks and Permissions
Other ResourcesHow to: Set Permissions on Report Server Items (Management Studio)
How to: Create, Delete, or Modify a Role (Report Manager)