SQL Database access permissions for Reporting Services

Dear Team,

I’m not too experience with access permission of SQL Servers and I’m currently in need of some advice.
We have a team of about 2 or 3 employee’s which are going to be using SQL reporting services and accessing a selection of databases in our sql server. I would like to know what is the best method to give them permissions to use this tool against only the selected databases they’re going to be using. (If possible so that they won’t see the other databases either.)
There are databases in the sql server that are very critical for the company and we would like to do this as safe as possible.

Thank you.
LVL 2
exTechnologyAsked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
Vitor MontalvãoConnect With a Mentor MSSQL Senior EngineerCommented:
GRANT SELECT ON <database name> TO <username>

This will give the user read only access on the desired database.
0
 
MarcjevConnect With a Mentor Commented:
There are 2 levels of security in place here which you have to consider: security at the sql level and security in the reporting server level.

In the SQL security you can grand access to tables based on user and/or groups. This will allow users to see data in tables and/or modify them accordingly.

This security is taken into account when you opt to run the 'data connection' to sql server as the user that is running/viewing the report. Thus, you would need security at the database level.

Second, you can have the designer of the report use some other credentials which have been configured in SQL server, for example read access in the database overall.
Second you can grant or limit access to this report in reporting services. So at the report level you can grant access to who may open and look at the report.

So it's very granular what you can do.

The most simple solution is to let the reports be designed by a competent designer and let other users only run the reports they are granted access to. Granting rights at the database/user/table level is more secure, but also much more complicated to manage. Often limiting access to certain reports is enough security.
0
 
Vitor MontalvãoMSSQL Senior EngineerCommented:
exTechnology, your issues has been solved?
0
All Courses

From novice to tech pro — start learning today.