Walkthrough: Restrict the users to see only their folders via Reporting Services web services

In reporting Services security management, we often want the users to see only their folders. If there are 3 or 10 folders under report manager, it is fine thought the steps described at https://msdn.microsoft.com/en-us/library/aa337491.aspx . However, the operations mentioned in the above link make the current folder inherit security settings from its parent, it really painful job because we need to delete some users from each folder. This article introduces how to grant an user proper permissions under a specified folder and the user only can see his folders.

Create a visual basic project

• 1.Createa new console application in visual studio using Visual Basic language.
• 2. In Solution Explorer, right-click the Project folder, and then click Add Web Reference.
• 3. In the URL Textbox, type https://ServerName/ReportServer/ReportService2005.asmx?wsdl, and then click Go.

One Web service -ReportService  is found at the URL.

See https://msdn.microsoft.com/en-us/library/ms155398(v=SQL.100).aspx for more details about report server web services endpoints.

• 4. In the Web Reference Name text box, replace the default value with ReportService.

The Add Web Reference dialog box looks like this:

 

• 5. Click Add Reference.

The Web reference is now added to the solution.

 

• 6. Double-click the SetPoliciesprgm.vb file in the Solution Explorer, and write your code to set the scenario.

The sample code looks like this:

 

        Public Sub Main()

        rs.Credentials = System.Net.CredentialCache.DefaultCredentials

        'Prompt reporting services admin to enter itempath,usergroup and roles.

        Console.WriteLine("You need to provide the following information.")

        Console.Write("The full path of the item:")

        Dim inputitempath As String = Console.ReadLine()

        Console.Write("The name of a group or user:")

        Dim GroupUserName As String = Console.ReadLine()

        Console.Write("The roles that are associated with the group or user:")

        Dim inputRolestr As String = Console.ReadLine()

        Console.WriteLine("Please waiting......Processing......")

 

        'system process the setpolicies request.

        Dim mypolicyarr As Policy() = New Policy(0) {}

 

        '1)The roles that are associated with the group or user

 

        Dim rolearr As String() = Nothing

        Dim count As Integer = 0

        Dim splitchart As Char() = {","c}

        rolearr = inputRolestr.Split(splitchart)

        Dim mypolicy As New Policy()

        Dim myroles As Role() = New Role(rolearr.Length - 1) {}

 

        For count = 0 To rolearr.Length - 1

            Dim myrole As New Role()

            myrole.Name = rolearr(count)

            myroles(count) = myrole

        Next

        mypolicy.Roles = myroles

 

        '2)The name of a group or user

        mypolicy.GroupUserName = GroupUserName

        mypolicyarr(0) = mypolicy

 

        '3)Set the policies with the above information

        If inputitempath <> "" Then

            Dim itemarr As String() = Nothing

            Dim i As Integer = 0

            Dim itempath As String = Nothing

            Dim splitchart1 As Char() = {"/"c}

            itemarr = inputitempath.Split(splitchart1)

            For i = 0 To itemarr.Length - 1

                itempath = itempath & itemarr(i) & "/"

                If i = 0 Then

                    rs.SetPolicies(itempath, mypolicyarr)

                Else

                    rs.SetPolicies(itempath.Substring(0, itempath.Length - 1), mypolicyarr)

 

                End If

            Next

        End If

        Console.WriteLine("Permissions granted successfully.")

        Console.ReadLine()

        End Sub 'Main

 

 

 

Save the above code as sample script with rss extension

• 1. Open notepad and create a new a text file.
• 2. Copy and paste the above code into it, and save it as SetPolicies.rss extension.
• 3. Copy the rss file onto somewhere, for example, it is placed on E:\RS.

Run the script using rs utility

 By default, rs.exe is located at \Program Files\Microsoft SQL Server\100\Tools\Binn.

• 1. Open a command prompt: On the Start menu, click Run, type cmd in the text box, and then click OK.
• 2. Navigate to the directory that contains the rs utility. Your screen look like this:

 

• 3. At the command prompt, type the appropriate command to run the sample script file. For example, type the following command in it:

 

 rs -i E:\RS\SetPolicies.rss -s https://ServerName/ReportServer                                                   

 

• 4. Press Enter to execute the command

 

• 5. Type the full path of the item you want to specify for your user, and then press Enter to continue. The screen looks like this:

 

• 6. Type the name of a group or user as requested, and then press Enter to continue. The screen looks like this:

 

• 7. Please type the roles that are associated with the user or group, for example, Browsers, Report Builder. The screen looks like this:

 

• 8. Press Enter to run. After a while, the console will tell the result with a message, for example, "Permission granted successfully" indicates it completes successfully.

 

• 9. Now, the user "fareast\v-jernee" only can see the Folder3 folder under Home page in report manager.

 

See https://msdn.microsoft.com/en-us/library/ms162839(v=SQL.100).aspx for more details about using RS utility in reporting services.