What I've done is:
Turned UAC policy off
Added local/domain user to the Administrators group via localhost/Reports
Added the user to users list of SSRS DB.
Result: I can only login to localhost/ReportServer as Adminstrator, not any other user.
Error message:
The permissions granted to user 'mydomain\myAccount' are insufficient for performing this operation. (rsAccessDenied)
However I can login to localhost/Reports and edit Site Settings.
I tried pretty everything from what I found in Google, but nothing help me out. What am I missing?
Just needed to add the user to Folder Settings with all roles (click Role checkbox). I knew I was missing something trivial.
Related
I have had a user with browser role which has been able to make subscriptions but he has not seen CC and BCC fields. Because of that, I added Content Manager role for him to all folders and reports and after that, he cannot make more subscriptions or manage reports in any way. He gets error
"The permissions granted to user 'domain\username' are insufficient for performing this operation". Now he can only see the reports.
Do you have any idea?
Browse to Site Settings, Configure item level role definitions.
Then check what settings you have for Content Manager. Maybe someone removed them.
When I added a role also to the Home folder then it starts working. I don't know why, before this was not needed.
I have deployed some reports. I have a user (among others) which is included in a group. I would like to grant access permission to all the users from this group to be able to execute report (to see the reports deployed). So from Reporting Services administrator page (http://localhost/Reports), I go to site configuration, then Security, and I click on new role assignment, I added the group with "System User" role.
Using a user that belongs to this group, I login into windows, then I open internet explorer browser, put the address:
http://ip:80/ReportServer
A window appear prompting a user and password. I enter one user that is administrator. Then a page with the reports deployed appears. Ok, I can see the reports deployed. So I click on one of them and I get the message error below:
Reporting Services Error
this report requires a default or user-defined value for the report parameter
Then I go to internet explorer options, and I add the address as trusted zone. Then reload the report and it works.
However, when I enter the address and use the user that belongs to the group (and it is not administrator) in the login page, an error is shown and the reports page does not appear:
The permissions granted to user 'domain\username' are insufficient for performing this operation. (rsAccessDenied)
I want to access these reports by using a Simple user account which has not administrator role. In that scenario how we can use this?
Any help will be highly appreciated.
Sounds like they aren't actually being given permission to the Report folders or the report itself. The Site Setting -> Security is only for accessing the report server's site itself. After that they need permission to the folders and reports. With an Admin click Fodler Settings and then Security. Add their security group to the folder and the report by default should inherit the folder's permission. If it doesn't work then check the report itself. To access the report's settings, you'll either need IE to open the dropdown in the folder view, or open the report in any other browser. After it loads in the upper left you should see Home > FolderName > ReportName. Click the report's name and it'll take you to it's setting page where you can change the security.
I am trying to get security on Reporting services set up. I have installed reporting services with all the defaults and I was able to create and publish a report. Using the link [http://server/reports] I was able to view that report. Bearing in mind that i am in the domain administrators group.
I then asked a non domain admin user to review the report but they got the message: • The permissions granted to user 'DOMAIN_ABC\username' are insufficient for performing this operation. (rsAccessDenied)
It then dawned on me that I would need to set up security by assigning the 'Browser' role to DOMAIN_ABC\Domain Users.
At that point I realized that I had no way of interfacing with the security side of things as none of the Home, My Subscriptions, Site Settings tabs were displaying (as is the case with a 2005 RS deployment we have). Thus began my search for how to get the 'admin' view into the environment to enable security and access. I have thus far been unsuccessful so far, I have tried running IE as the 'Administrator', added the server to my 'Trusted' sites list. Checked the RS config file, set the Service Account to 'Local Service' but still no joy. Does anyone know what I may try?
Thanks in Advance,
Jonathan
You can not view the admin settings unless u got that permission.
Only Report manager administrator can create roles and users from report manager url [http://localhost/Reports/] then go to site settings ----> security,----> new role assignment.
If the user in system Administration group then only he can view the site settings option in the home page, If the user is on other group like content manager /System user then he can not view the site settings option.
You need to first add the user in the System Administrator group.then he can view all these settings.
Hope this helps...
I have a SQL 2008r2 report server where, despite having the appropriate ROLE permissions assigned within the RS, you can not view a report/folders Properties, unless you are also a member of the administrator group on the server. You can view the report itself, but not the Properites tab. When viewing the Properties tab, an rsAccessDenied error is shown with the message "The permissions granted to user 'XXX\XXX' are insufficient for performing this operation."
My understanding is that just being a member of the Browser role should be sufficient to view a reports properties, and the account actually is member of all roles (Content Manager, Publisher, Broweser, etc), so that isn't the issue, so why would you also need to be a member of the administrator group on the server?
Given that everything is being done from a browser on a remote computer, I'm at a bit of a loss as to what the Properties tab is doing that requires the extra permissions.
Anyone know what's going on and what needs to be changed so that the user doens't need any permissions on the server itself?
I had a similar problem where I didn't have access to the Properties-tab or the Data Sources-tab but adding my user to Administrators did not solve the issue. However all my role assignments were on a subfolder and when I was added to root/home with role "Browser" it suddenly started working. Even without me being an admin on the RS Server.
According to Microsoft documentation, you need higher privileges to achieve that :
http://technet.microsoft.com/en-us/library/ms157363(v=sql.105)
Browser role only enables you to navigate through folder structure and view/subscribe to reports. You need the "Content Manager Role" to achieve what you want.
I log into hudson as an admin but the left hand column remain the same as a normal non-admin user. I have tried -
Delete the account and create new one with all the admin rights.
delete all cookies
Tried on different browsers
Type in the link for the configuration page, which throw a "missing the ExtendedRead permission" error.
None of the above work, anyone have any suggestion on the issue?
Just to put together what I now so far. Please fill the baps if there are any.
You use the Extended Read Permission Plugin
Configured a user in Hudson. Do you use "Hudson's own user database" than or something else?
The plugin description says it adds a column to the "Matrix-based security" or "Project-based Matrix Authorization Strategy" authorization stream. Do you use one of these two?
Now I am getting confused about what you are missing for an Admin. I use the "Project-based Matrix Authorization Strategy". When I am configured only with the global administration permission. I have full control over Hudson and all jobs running on Hudson.
To be able to help you, please describe you setup as it pertains to the authorization settings in detail. Do you have other plugins installed that might interfere here?