none
SSRS 2012 Not Applying Security RRS feed

  • Question

  • Hello All,

    Here's the setup:

    Brand new virtual machine running Windows Server 2012 Standard (Build 9200).  Nothing else installed.  Domain Firewall is disabled.

    I Installed SQL Server 2012 Standard SP1 (Server / Cal), and included Reporting Services (Native) in the setup.  Everything installs fine.

    I left all the config options as default.  The authentication method is windows (NTLM).  Everything looks fine.

    Then I navigate to the URL http://(server)/reports from another machine, and the report manager comes up.  Everything seems great so far.  I deploy a few basic reports from Visual Studio 2010 to try out the new report service.  They shows up and run great.

    Here's the problem:

    EVERYONE has Administrative access to the report manager, no matter what I do.  I remove Builtin\Administrators from the site settings security, and add ONLY me as a System Administrator.  Doesn't matter - EVERYONE can still access ALL the reports, change security, change report names, basically do whatever they want.   I've specifically added my test user as a browser to a report, and they STILL have full administrative access.  I've tried every combination of adding and removing roles and groups and profiles imaginable, to no avail.  No matter what I do, if I log in under a basic user account I still have full administrative access to the whole site, every report, etc.  Is there some very basic setting that I'm missing here?  I've tried changing the authentication mode to negotiate, and the same problem persists. I've tried changing the service account to a domain account, no difference.  Nothing I do makes SSRS apply the user security that it's supposed to be applying.  Any help would be appreciated.

    Cheers,

    Tony

    Friday, July 5, 2013 6:36 AM

Answers