I'm developing an SSRS 2000 solution that will require allowing anyone in
the company to view certain reports but only a select few to create them
(while I administer the site).
I understand how to add users specifically (Windows NT logins) and assign
them roles, so I'm partway there. What I can't see is how to also enable
anonymous access, either generally or to specific reports or report folders.
If I turn anonymous access on in IIS for the Reports and/or Reportserver
folders, I lose the ability to administer the site. If I turn it off,
anonymous users can't get in. Security seems either black or white and I'm
looking for some shade of grey. I've tried numerous combinations of
settings and nothing has worked. I've added the server's IUSR account to
the SSRS solution but it didn't make any difference. Guest account is
disabled on the server.
What am I missing here? Is it an IAS problem? Note that IAS is on but not
registered in Active Directory for this server (IT is resisting enabling
that) so I hope that's not the problem here.
Thanks all,
Randall ArnoldYou don't have to do individual users. You can also use groups. Almost all
domains have a group that includes everybody (for instance a group called
Users). Just add this group to the browser roll.
Bruce Loehle-Conger
MVP SQL Server Reporting Services
"Randall Arnold" <randall.nospam.arnold@.nokia.com.> wrote in message
news:1158332996.554286@.xnews001...
> I'm developing an SSRS 2000 solution that will require allowing anyone in
> the company to view certain reports but only a select few to create them
> (while I administer the site).
> I understand how to add users specifically (Windows NT logins) and assign
> them roles, so I'm partway there. What I can't see is how to also enable
> anonymous access, either generally or to specific reports or report
> folders.
> If I turn anonymous access on in IIS for the Reports and/or Reportserver
> folders, I lose the ability to administer the site. If I turn it off,
> anonymous users can't get in. Security seems either black or white and
> I'm
> looking for some shade of grey. I've tried numerous combinations of
> settings and nothing has worked. I've added the server's IUSR account to
> the SSRS solution but it didn't make any difference. Guest account is
> disabled on the server.
> What am I missing here? Is it an IAS problem? Note that IAS is on but not
> registered in Active Directory for this server (IT is resisting enabling
> that) so I hope that's not the problem here.
> Thanks all,
> Randall Arnold
>
>|||We have a User group that I tried but no luck. But your general idea should
be sound so I'll keep digging, thanks.
Randall Arnold
"Bruce L-C [MVP]" <bruce_lcNOSPAM@.hotmail.com> wrote in message
news:eQh%23kfO2GHA.1040@.TK2MSFTNGP06.phx.gbl...
> You don't have to do individual users. You can also use groups. Almost all
> domains have a group that includes everybody (for instance a group called
> Users). Just add this group to the browser roll.
>
> --
> Bruce Loehle-Conger
> MVP SQL Server Reporting Services
> "Randall Arnold" <randall.nospam.arnold@.nokia.com.> wrote in message
> news:1158332996.554286@.xnews001...
>> I'm developing an SSRS 2000 solution that will require allowing anyone in
>> the company to view certain reports but only a select few to create them
>> (while I administer the site).
>> I understand how to add users specifically (Windows NT logins) and assign
>> them roles, so I'm partway there. What I can't see is how to also enable
>> anonymous access, either generally or to specific reports or report
>> folders.
>> If I turn anonymous access on in IIS for the Reports and/or Reportserver
>> folders, I lose the ability to administer the site. If I turn it off,
>> anonymous users can't get in. Security seems either black or white and
>> I'm
>> looking for some shade of grey. I've tried numerous combinations of
>> settings and nothing has worked. I've added the server's IUSR account to
>> the SSRS solution but it didn't make any difference. Guest account is
>> disabled on the server.
>> What am I missing here? Is it an IAS problem? Note that IAS is on but
>> not
>> registered in Active Directory for this server (IT is resisting enabling
>> that) so I hope that's not the problem here.
>> Thanks all,
>> Randall Arnold
>>
>|||What I do that simplifies things for me is I create a local group (called
something like Reports). I then add the domain groups and users to it. I
then use this local group to add to a role.
Bruce Loehle-Conger
MVP SQL Server Reporting Services
"Randall Arnold" <randall.nospam.arnold@.nokia.com.> wrote in message
news:1158362815.849245@.xnews001...
> We have a User group that I tried but no luck. But your general idea
> should be sound so I'll keep digging, thanks.
> Randall Arnold
> "Bruce L-C [MVP]" <bruce_lcNOSPAM@.hotmail.com> wrote in message
> news:eQh%23kfO2GHA.1040@.TK2MSFTNGP06.phx.gbl...
>> You don't have to do individual users. You can also use groups. Almost
>> all domains have a group that includes everybody (for instance a group
>> called Users). Just add this group to the browser roll.
>>
>> --
>> Bruce Loehle-Conger
>> MVP SQL Server Reporting Services
>> "Randall Arnold" <randall.nospam.arnold@.nokia.com.> wrote in message
>> news:1158332996.554286@.xnews001...
>> I'm developing an SSRS 2000 solution that will require allowing anyone
>> in
>> the company to view certain reports but only a select few to create them
>> (while I administer the site).
>> I understand how to add users specifically (Windows NT logins) and
>> assign
>> them roles, so I'm partway there. What I can't see is how to also
>> enable
>> anonymous access, either generally or to specific reports or report
>> folders.
>> If I turn anonymous access on in IIS for the Reports and/or Reportserver
>> folders, I lose the ability to administer the site. If I turn it off,
>> anonymous users can't get in. Security seems either black or white and
>> I'm
>> looking for some shade of grey. I've tried numerous combinations of
>> settings and nothing has worked. I've added the server's IUSR account
>> to
>> the SSRS solution but it didn't make any difference. Guest account is
>> disabled on the server.
>> What am I missing here? Is it an IAS problem? Note that IAS is on but
>> not
>> registered in Active Directory for this server (IT is resisting enabling
>> that) so I hope that's not the problem here.
>> Thanks all,
>> Randall Arnold
>>
>>
>
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment