You manage the security in SQL Server 2008 R2 Reporting Services (SSRS).
You create a new role.
You need to grant the following permissions to the role:
View and modify security settings for reports, folders, resources, and shared data sources.
Create and delete reports.
Modify report properties.
Which two actions should you perform? (Each correct answer presents part of the solution.
Choose two.)
A.
Assign Set Security Policies for Items task to the role.
B.
Assign the Consume Reports task to the role,
C.
Assign the Manage Resources task to the role.
D.
Assign the Manage Reports task to the role.
Explanation:
You can modify the My Reports role to suit your needs. However, it is recommended that
you keep the “Manage reports” task and the “Manage folders” task to enable basic content
management. In addition, this role should support all view-based tasks so that users can see
folder contents and run the reports that they manage. Although the “Set security policies for
items” task is not part of the role definition by default, you can add this task to the My
Reports role so that users can customize security settings for subfolders and reports. The
Manage reports task: Add and delete reports, modify report parameters, view and modify
report properties, view and modify data sources that provide content to the report, view and
modify report definitions, and set security policies at the report level. Note:
Reporting Services uses a role-based security model to control access to reports, folders,
and other items that are managed by a report server. The model maps a specific user or
group to a role, and the role describes how that user or group is to access a given report or
item. The security model consists of the following components:
A user or a group account that can be authenticated by Windows security or another
authentication mechanism.
Role definitions that define a set of actions or operations. Examples of role definitions
include System Administrator, Content Manager, and Publisher.
Securable items for which you want to control access. Examples of securable items include
folders, reports, and resources.
The combination of all these elements is characterized as a role assignment. In Reporting
Services, role assignments provide the security context for items and the report server itself.
Note 2:In Reporting Services, tasks are all possible actions that a user or administrator performs.
There are twenty tasks in all. Some examples of tasks include “View reports,” “Manage
reports,” and “Manage report server properties.”
Tasks are predefined. You cannot create custom tasks or modify the ones provided either
programmatically or through a tool.
Each task consists of a set of permissions, which are also predefined. For example, the
“Manage folders” task contains the permissions create and delete folders, and view and
update folder properties. Users never interact with permissions directly. Users are granted
permissions indirectly through the tasks that are included in role definitions. These
permissions allow access to specific report server functionality. For example, users who
have permission to subscribe to reports can use subscription-related pages and buttons in
Report Manager to create and manage subscriptions. Users who do not have permission do
not see subscription-related pages in Report Manager.
To work, a task must be assigned to a role that is actively used in a security policy. A task
that is
not assigned to role has no impact on user actions or security.