• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 122
  • Last Modified:

Security manage in SSRS

Hello,

I need some advice on setting up security/permissions to users in SSRS.
Here is the requirement
1.      Build one standard report using Report Builder. Publish this report in SSRS.
2.      Provide access to users/groups. Filter the data dynamically based on the department the user belongs to (in active directory we can use the ORGANIZATION_UNIT the user is set to). So for example, If USER A is part of OU A then he/she should only see the data of OU A.
3.      There are some PII data in the report. For example SSN, DOB, ADDRESS etc. Only certain users should be able to view it and by default it should be locked down for all users.
Please let me know
Thank you
0
angel7170
Asked:
angel7170
1 Solution
 
lcohanDatabase AnalystCommented:
1.      Build one standard report using Report Builder. Publish this report in SSRS.

2.      Provide access to users/groups.
This can be done easily via the SSRS "Predefined Roles" and please see https://msdn.microsoft.com/en-us/library/ms157363.aspx for details.

2.1 Filter the data dynamically based on the department the user belongs to (in active directory we can use the ORGANIZATION_UNIT the user is set to). So for example, If USER A is part of OU A then he/she should only see the data of OU A.
I believe you should be able to achieve that fairly easy by using "dynamic parameters" like described here: https://blogs.msdn.microsoft.com/sqlforum/2011/05/03/walkthrough-control-dataset-query-dynamically-based-on-ssrs-report-parameters/
and here where you will see how to add cascading parameters to a report: https://technet.microsoft.com/en-us/library/aa337169(v=sql.100).aspx
a gogle search on "questions/1053396/updating-report-parameters-based-on-perameter-selection-ssrs" and give you more details about what others did to "Updating report parameters based on perameter selection"


3.      There are some PII data in the report. For example SSN, DOB, ADDRESS etc. Only certain users should be able to view it and by default it should be locked down for all users.
Similar to above - so you qould need to define the query that gives you the list of all "Only certain users should be able to view it" and you can create a dataset with that then use that dataset as input to decide further filtering on all report queries.
0

Featured Post

[Webinar] Cloud and Mobile-First Strategy

Maybe you’ve fully adopted the cloud since the beginning. Or maybe you started with on-prem resources but are pursuing a “cloud and mobile first” strategy. Getting to that end state has its challenges. Discover how to build out a 100% cloud and mobile IT strategy in this webinar.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now