Please start any new threads on our new
site at https://forums.sqlteam.com. We've got lots of great SQL Server
experts to answer whatever question you can come up with.
| Author |
Topic |
|
tpoulos
Starting Member
3 Posts |
 Posted - 2008-11-17 : 16:42:30
|
| I would like to setup multiple department folders on our SQL 2005 report server and limit access to each of these folders to only members of the department. I can accomplish this through item level security, but am running into an annoying issue that I hope can be worked around.In order for the users to even see the folder for their deparment I need to grant 'Brower' access to the top level. This then sets 'Browers' level to all of the subfolders (i.e. 'Accounting', 'Technology', etc.) by default. When a new folder or user group is added to the server then each individual sub-folders needs to have it security permissions edited to remove the 'Browser' setting for any user group that shouldn't see those folders, which is quickly becoming very time consuming.Is there a more time efficient way in which I should be setting up these users/folders?Any suggestions would be greatly appreciated.Thanks. |
|
|
visakh16
Very Important crosS Applying yaK Herder
52326 Posts |
Posted - 2008-11-19 : 11:15:59
|
| cant you use seperate datasources for each dept reports and give access to datasource only for relevant people? may be add application roles for each department and give access to corresponding datasources for them. SO that whoever belonging to a department just wants to have his/her name added to application role account for department to access that department's reports. |
 |
|
|
tpoulos
Starting Member
3 Posts |
Posted - 2008-11-19 : 11:50:22
|
| It's not really the data sources that are the issue, it's the actual reports themselves. I've segregated them into the appropriate department level folders and can control access to individual reports based on the user if necessary. My issue is that for the users to even see their appropriate department folder I need to grant them access to the top-level folder, which then by default grants them access to each sub-folder. So, each time I add a new folder to the server I need to manually go into the security settings and remove the groups that shouldn't be able to view this folder. |
|
|
|
|
|
|
Item Level Security Settings