By Garth Jones
Unlike Configuration Manager 2007 where you would grant permission on the report itself using the web interface, in System Center 2012 Configuration Manager you will need to perform a few more steps to grant a non-admin access to a single SSRS report.
First, create a security role. In this example, I call it, “Site Read.” This role only has rights to read from the site server. See below for the link to a security role that I created which you may download and import. /downloads/cm12/site read.zip
Second, assign the user access to the security role.
Third, assign the user permission to the report itself.
Fourth, browse to the report, right-click on it, and then click properties.
Fifth, unselect “Inheriting rights from parent object,” and then click Add…
Sixth, add the user by selecting the ConfigMgr Report Users check box. Click OK twice.
Now you are done! The user will have access to the selected report.
- In order for the user to access the report, you will need to provide them with a direct link to the report. They will NOT be able to see the folder with the report in it. In this example, I provided “abeckman” with the following url:
- The user will get the following error message if they try to drill down to other reports:
The permissions granted to user ‘GARTEK\abeckman’ are insufficient for performing this operation. (rsAccessDenied)