tags:

views:

357

answers:

2
+1  Q: 

How can I determine what AD security groups the current user is in from within an SSRS report?

I have a need to determine what security group(s) a user is a member of from within a SQL Server Reporting Services report. Access to the report will be driven by membership to one of two groups: 'report_name_summary' and 'report_name_detail'. Once the user is executing the report, we want to be able to use their membership (or lack of membership) in the 'report_name_detail' group to determine whether or not a "drill down" should be allowed.

I don't know of any way out of the box to access the current user's AD security group membership, but am open to any suggestions for being able to access this info from within the report.

+2  A: 

You can add custom code to a report. This link has some examples.

Theoretically, you should be able to write some code like this, and then use the return value to show/hide what you want. You may have permissions problems with this method, though.

Public Function ShouldReportBeHidden() As Boolean
Dim Principal As New System.Security.Principal.WindowsPrincipal(System.Security.Principal.WindowsIdentity.GetCurrent())
If (Principal.IsInRole("MyADGroup")) Then
    Return False
Else
    Return True
End If
End Function

Alternatively, you could add your detail report as a subreport of your summary report. Then you could use the security functionality built in to SSRS to restrict access to your sub report.

PJ8  2008-11-12 22:22:00
I had a "head slap" moment yesterday when I realized how easy it would be to do this with custom code similar to what you have there. It works great, either referenced/called from an external assembly or as embedded code within the report properties. No permissions issues yet.
Jesse Taber  2008-11-14 16:15:45
A: 

I have tried this and it works great in the Visual Studio Development environment but once the report is published to SSRS.

Public Function DataAccess() As String Dim Principal As New System.Security.Principal.WindowsPrincipal(System.Security.Principal.WindowsIdentity.GetCurrent()) If (Principal.IsInRole("Chris")) Then Return "Admin" Else Return "Not Admin" End If End Function

This function checks to see if the user is in the 'Chris' security group and returns 'Admin' if true.

Running the report in SSRS, #ERROR is displayed instead of 'Admin' or 'Not Admin'

This is a security problem somewhere I'm sure. Any idea what to do to make this work???

Thanks Alan

Alan Douglas  2009-12-16 22:49:30

related questions

Strip HTML from string in SSRS 2005 (VB.NET)
SQL Server 2008 Reporting Services Control
How do I resolve a System.Security.SecurityException with custom code in SSRS?
Sending e-mail from a Custom SQL Server Reporting Services Delivery Extension
How to aggregate data from SQL Server 2005
Is there a Box Plot graph avalible for Reporting Services 2005?
How do I set a textbox to multi-line in SSRS?
SQL 2005 Reporting Services custom report item (CRI) - what are the limits?
SQL Reporting Services viewer for webpage - can you move the View Report button?
Custom font in SQL Server 2005 Reporting Services
I can share a SQL Server Reporting Services Data SOURCE... what about a Data SET?
Enterprise Reporting Solutions
Internationalization in SSRS
Easy way for Crystal Reports to MS SQL Server Reporting Services conversion
SSRS - Post Publishing Tasks
SSRS - Process dies/goes to sleep after not being used
SSRS - RSS Feeds
SSRS - Uninstall Trial Version of VS Business Intelligence
Optimizing the PDF Export of Huge Reports in Sql Reporting Services 2005
SSRS scheduled reports not working.
Using Parameters in MS Reporting Services (SQL 2008) against an ODBC data source
Conditional Visibility and Page Breaks with SQL Server 2005 Reporting Services
How do you handle audit logging with SSRS?
Reading recommendations for: SQL Server 2005 Reporting Services
How can I dynamically center an image in a MS Reporting Services report?