tailieunhanh - Microsoft SQL Server 2008 R2 Unleashed- P228

Microsoft SQL Server 2008 R2 Unleashed- P228:SQL Server 2005 provided a number of significant new features and enhancements over what was available in SQL Server 2000. This is not too surprising considering there was a five-year gap between these major SQL Server 2008 is not as much of a quantum leap forward from SQL Server 2005 | 2234 CHAPTER 53 SQL Server 2008 Reporting Services In addition if you want your users to see the Report Manager home folder you need to add their principals to the Browser role in the home folder. Because permissions are inherited unless inheritance is specifically broken the members of that group then have permission to the entire content of the Report Server. To remove permissions on a specific folder navigate to it using Report Manager select Security on its hover menu click Edit Item Security and then remove the respective role assignments. Management and Security SSRS provides a set of useful tools for managing and securing all reporting objects. The following sections discuss tools and the overall security model in detail. Securing Reports As we ve seen in previous examples SSRS has a built-in role-based security system. All operations done on the server are subject to permissions. Access to SSRS is controlled through security roles and role assignments. A security role is a collection of permissions for example the permission to create reports in a folder the permission to view a certain report or a folder. A role assignment is a set of permissions represented by the role given to a principal on a certain report or folder in the Report Server catalog. For example the permissions on a folder called Data Sources contain the local administrators group with all permissions contained in the Content Manager role. Permissions on folders are inherited to all items present in that folder unless security inheritance is intentionally broken and the item is given its own permissions. Built-in Roles and Permissions SSRS comes with a set of built-in roles. Each role is a collection of permissions normally used in tandem to enable a functional scenario. Following are some of the built-in roles Browser This role is a collection of read-only permissions that is useful for navigating the Reporting Services namespace and viewing reports and resources. Content Manager This role