By setting up an AD security group you can grant non-Configuration Manager Administrators the ability to read SQL Server Reporting Services (SSRS) reports without having them leverage the bulky Configuration Manager console. This may be useful to you if many people in your organization need to read Warranty Information Reporting’s (WIR’s) SSRS reports.
In order to make this set-up easier, Enhansoft created a new Report Reader tool which will save you time because you won’t need to keep adjusting permissions.
This section will guide you through the step-by-step process.
1. In Active Directory Users and Computers (ADUC), right-click on the appropriate Organization Unit (OU) (Users in this example), point to New and then click Group.
2. Enter the Group name and click OK.
3. Double click on the Group name that was created, next click on the Members tab, and then click Add...
4. Add the appropriate users, then click OK twice.
5. Download the Report Reader permissions tool zip file.
6. After un-zipping and extracting the XML file, open the Configuration Manager console. Browse to Administration | Overview | Security | Security Roles then right-click and select Import Security Role.
7. Browse to the XML file’s location. Select it and click Open.
8. Once imported, browse to Administration | Overview | Security | Administrative Users then right-click and select Add User or Group.
9. Click Browse…
10. Add the Group name and click OK.
11. Click Add…
12. Select Enhansoft Report Readers and click OK.
13. Click OK to continue.
Note: If you want to restrict which computers or users this security group can see, you can do that within the Assigned security scopes and collections section.
With that last step you have now created a security group which has permission to see all of the computers and users within Configuration Manager, and they can access all reports via the web interface to SSRS. The web URL is generally http://<server name>/reports. In the Enhansoft lab environment it is http://cm12-cm4/reports.