Setting Security for SSRS

This is part of a series of posts about SSRS reporting in Microsoft Dynamics GP®. GP Reports made using SQL Reporting Services are easier to make than you might think. Stay tuned all week and drop us a line if there’s any great ideas we missed.

We covered deploying SSRS reports for Microsoft Dynamics GP. If you’re logged in as an administrator you’ll be able to see the reports immediately, but there’s a few steps to let users get to the reports and then run them.  First we’ll handle the security in the report manager, leaving data security for the our next installment.The thing to bear in mind when handling security is that SQL Server Reporting Services handles security using your Active Directory login, while GP uses SQL authentication.  That means we can can set security by user down to the individual report. You know, if we’re crazy.

There’s countless way to secure reports, but here’s our recommendation: create an active directory group for each of the folders you see in SSRS.

SSRS Folders

So if you implemented every single module in Microsoft Dynamics GP you’d have nine different groups.  That’s a fair number, but hardly ridiculous.  If you aren’t running any one module, then feel free to delete that folder of reports and skip that piece of the security.

So our recommendation would be to make the groups you need, then assign your users to one or more groups.  If employees changes jobs in your company, just add them to the additional groups or take them out of others as needed.  As you hire new people the IT departments is setting them up on the network anyway so it’s not too much trouble to add the users to one or more groups. And don’t forget that you can give access to people who don’t otherwise have security to GP.

Makes sense? Great! So let’s get into the security!

SSRS Site Settings
Go to the Site Settings area of SSRS as shown above.
SSRS Security
In Site Settings we pick security (#1) and then role assignment (#2).
SSRS Roles
Then we add each of the Active Directory we defined previously.  For the site settings we get to add them all.
SSRS Folder Settings

SSRS Setting SecurityThen, as shown above, we go to folder security and again add all our groups.  Don’t forget – this might seem like a lot, but we only have to do this once!  Almost done!  Now, we go into the individual folders and assign security there. This is where we want to assign just the one SSRS active directory group that matches the folder.

You may get a message about child security not matching the parent – this is OK, we’re fine with that.

You’ll do this for each of the folders.  On the Data Source Folder, also give everyone rights there.

Now we’re done!  If users navigate to the folders they will be able to see the folder structure and get to the individual reports.

There’s just one catch: if they try to run the reports they won’t get any information. 🙁

But that’s OK… we’ll cover DATA security another time.

1 reply

Trackbacks & Pingbacks

  1. […] already covered how to deploy SSRS reports for Microsoft Dynamics GP and how to handle folder security. We even have a handy video showing how to make an SSRS report from scratch in under 15 minutes.  […]

Comments are closed.