--- alias: installation-guide-reportserversecurity description: "Manage SQL Server Reporting Services security through centralized configuration and role assignments for access control" --- # Report Server Security This section describes the SQL Server Reporting Services' security configuration from the point of view of SQL Reporting Services' server. Critical Manufacturing provides an integrated security management GUI which allows the security configuration to be managed from a central location. !!! note To access reports from Critical Manufacturing, a domain group must be configured in the report server and the same domain group must be created as a role in Critical Manufacturing. All users that belong to that role will have access to the reports. !!! note The user who is running the Critical Manufacturing Windows service must have administration privileges on the SQL Server Reporting Services server(s). !!! note Due to security restrictions on application servers, it is advisable to open the Report Server Manager in a client computer and not on the server. ## Accessing SQL Server Reporting Services To configure the security settings for Critical Manufacturing's reports, it is necessary to access SQL Server Reporting Services™ by using the browser and providing an URL address in the form: ``http://[server_name]/Reports_[instance_name]`` * The ``[server_name]`` must be replaced by the name of the server where the SQL Server Reporting Services is installed. * The ``[instance_name]`` must be replaced by the name of the instance where the SQL Server Reporting Services is running. In case that the server name is ``dbserver`` and the SQL Server Reporting Services instance name is ``online``, the URL address to access the SQL Server Reporting Services is: ``http://dbserver/Reports_ONLINE`` !!! note Due to security restrictions and browser configurations, adding the Report Server manager URL to the browser trusted sites' list, could be required. ## Assigning or modifying a User/Group to a System Role Follow the steps below to assign or modify a user/group to a system role: 1. Click on **Site Settings**, available in the top right corner. 2. In the left tab, click on **Security**. The roles for each user and group are displayed. 3. To add a new role, click on the **New Role Assignment**, and then enter the Group or User Name and specify the Roles to be assigned. 4. To edit one user or group role, click on the user or group **Edit** link. 5. To delete one or more roles, tick the checkbox and click on **Delete**. ## Defining Role-based security for the Reports Homepage Follow the steps below to define the roles for the home page: 1. In the homepage, click on the **Properties** tab. 2. To add a new role, click on the **New Role Assignment**, and then enter *Group* or *User Name* and specify the Roles to be assigned. 3. To edit one user or group role, click on the user or group **Edit** link. 4. To delete one or more roles, tick the checkbox and click on **Delete**. ## Defining Security by Folder By default, each folder inherits the security definitions from the parent folder. It is possible to change this configuration by following the steps described below: 1. Click on **Folder Settings**. 2. Click on **Edit Item Security** and perform the desired changes. It is also possible to customize each folder with different security settings. In order to do that, follow the steps below: 1. Click on the folder to change the roles. 2. Click on the **Properties** tab. 3. Click on **Edit Item Security** and perform the desired changes. !!! note Click on **Revert to Parent Security** to inherit the father's folder roles again.