Database Reference
In-Depth Information
How to do it...
The steps to create a reporting role for non-administrators use the information in the fol-
lowing table:
Requirement
Information
Description
Active Directory
Group for administrat-
ive users in SCCM
This is a global group with users who need access to SCCM reports using the Report
Manager website. The group name is an example. Follow your approved naming
convention for Active Directory objects.
CM_Report Viewers
The reporting server URL is
http://<SCCM SSRS In-
stance>/Reports
Report Manager web-
site details
This is the reporting server running the Report Manager.
SCCM reporting del-
egation details
This is a copy of the Read-only Analyst role scoped to read site objects and run re-
ports.
Custom—report access only
Report Manager Se-
curity role
ConfigMgr
report users
This is the SSRS reporting role assignment.
Active Directory group for reporting role
In Active Directory, users and computers create a domain global group called
CM Report
Viewers
. Use a universal group for environments where the users reside in a child domain
that is different from the SCCM installation.
Add users that should have access to System Center 2012 Configuration Manager reports
to this group.
The next steps must be performed in the SCCM console using an account with either the
Full Administrator
or
Security Administrators
role.
Creating the Report Only security scope
1. Launch the Configuration Manager console and connect to the standalone primary
or central administration site.
2. Select the
Administration
node. Expand
Security
and select
Security Roles
.
3. In the middle pane, select
Read-only Analyst
and click on
Copy
from the ribbon,
as shown in the following screenshot:
