1271
Chapter 56: Confi guring and Administering Reporting Services
56
Just as in Report Manager, you need to update any references to shared datasets or shared
Data Sources in SharePoint integrated mode.Managing Security with Reporting Services
Security poses the greatest challenge for most reporting solutions. Sensitive data must be
protected, and the SSRS administrator must leverage features of reporting services to do so.In native mode, it is best to use Report Manager for all content-related management and
permission assignments, and to use SQL Server Management Studio for management of
server properties and role defi nitions. This is because since SQL Server 2008, those respec-
tive interfaces have been streamlined for these purposes.Accessing Remote Data Sources in Reporting
Services
A common infrastructure set up for Reporting Services involves a client consuming reports, a report
server, and a data source, such as an SSAS cube, residing on a separate server. This requires that
the user’s credentials pass from the client to the Report Server and then to the Cube, often called
the Double Hop. A common way to implement this is with Kerberos in Active Directory. Kerberos
is a ticket-based computer network authentication protocol. Kerberos in BI can be explored in
“Kerberos for Microsoft BI” located at http://social.technet.microsoft.com/wiki/contents/
articles/1406.kerberos-for-microsoft-bi-en-us.aspx.To avoid using Kerberos, the data source must be confi gured to specify the credentials to the remote
data source. For more information, see “Specify Credential and Connection Information for Report
Data Sources,” located at http://msdn.microsoft.com/en-us/library/ms160330.aspx.Managing Roles in Native Mode
The security model in Reporting Services leverages Active Directory to grant access to the
Report Manager and to items (folders, reports, shared data sources and sets, and so on)
within the report server. Security is administered by assigning users or groups to roles.
Roles contain selected tasks that enable specifi c actions within the Report Manager appli-
cation. Two types of predefi ned roles and tasks exist: system-level and item-level. Most
Reporting Services installations do not actually require changes to the default roles, but
rather focus on managing membership in those roles via Report Manager.Since 2008 R2, roles can be created, deleted, and modifi ed only inside Management Studio.
Role assignment takes place inside of Report Manager for native mode.c56.indd 1271c56.indd 1271 7/31/2012 10:34:18 AM7/31/2012 10:34:18 AM
http://www.it-ebooks.info