OpsMgr: Restricting SSRS Report Access & Scope for a Custom User Role

In Operations Manager, a user role that is based on the Report Operator Profile grants members the ability to view reports according to the configured scope.

Out of the box, a user role based on the Report Operator Profile is created during setup – Operations Manager Report Operators – with a global scope.

Assigning a user to the Operations Manager Report Operators user role will allow the user to access and view all reports available in the Reporting workspace.

However, these reports WILL NOT be visible to a user assigned to a newly created custom user role based on the Report Operator Profile. The association and permissions will also need to be configured in SSRS as follows:

First, after creating the custom user role based on the Report Operator profile, copy the ID in the Identity tab.

Then, add that ID into OpsMgr SSRS website under Root Folder Settings –> Security:

After that, the user assigned to the custom user role associated to the ID will have access to all the reports available in the Reporting workspace.

To restrict the user from accessing reports in specific folders, remove the ID from Security options on all other reports except for Reports of interest:

The list of reports in the Reporting Workspace for the user assigned to the custom user role will look something like this:

     
     
          
     
    

Disclaimer:
All information on this blog is provided on an as-is basis with no warranties and for informational purposes only. Use at your own risk. The opinions and views expressed in this blog are those of the author and do not necessarily state or reflect those of my employer.