Security of SRS Reports

TheMSsForum.com: The Microsoft Software Forum

If browser access is granted in SRS based on the ReportingGroup {GUID} domain
group, how can you limit users of one organization to only see reports for
their org (since all orgs share the same ReportingGroup domain group)? Why
doesn't each org get its own domain security groups?
Top

RE: Security of SRS Reports by RichardRiddle

RichardRiddle
Wed Jul 23 10:12:16 CDT 2008

Being able to see the report is not the same as being able to see the data.
The security of the data is enforced through the Filtered Views, which all
the default reports use to retrieve the data. If a user doesn't have access
to view the data in CRM, that user won't see the data in a report.

If you have found that not to be true, I would like to know your setup so I
can test as well.
--
Richard Riddle
CRM Developer
Autonomix


"Dan" wrote:

> If browser access is granted in SRS based on the ReportingGroup {GUID} domain
> group, how can you limit users of one organization to only see reports for
> their org (since all orgs share the same ReportingGroup domain group)? Why
> doesn't each org get its own domain security groups?
Top

RE: Security of SRS Reports by Dan

Dan
Wed Jul 23 10:42:02 CDT 2008

That is true as long as all of your reports tie back into a filtered view.
It would not work if you had a report that was pulling data from an external
system to display in CRM. I suppose that report could always be published in
a separate folder and have security applied manually, but it would be nice if
you could use the CRM maintained security groups to reduce administrative
work.

Thanks,
Dan

"Richard Riddle" wrote:

> Being able to see the report is not the same as being able to see the data.
> The security of the data is enforced through the Filtered Views, which all
> the default reports use to retrieve the data. If a user doesn't have access
> to view the data in CRM, that user won't see the data in a report.
>
> If you have found that not to be true, I would like to know your setup so I
> can test as well.
> --
> Richard Riddle
> CRM Developer
> Autonomix
>
>
> "Dan" wrote:
>
> > If browser access is granted in SRS based on the ReportingGroup {GUID} domain
> > group, how can you limit users of one organization to only see reports for
> > their org (since all orgs share the same ReportingGroup domain group)? Why
> > doesn't each org get its own domain security groups?
Top

Re: Security of SRS Reports by Dodd

Dodd
Wed Jul 23 18:17:40 CDT 2008

Dan,

The CRM Security Roles only apply to CRM entities, thus, any data
outside of the CRM db will not receive this type of role-based
functionality. It might be possible to create new entities in CRM and
create a real-time integration (using Scribe or BizTalk) between the 2
systems. Now that the data is in CRM, you can take advantage of the
CRM Security Model, Reporting Group in AD, etc.

--MD
Top