Rights for clickonce Report Builder access?

I'm attempting to grant rights to Report Builder as deployed as part of my TFS install. My problem is that I have to add my users to the builtin\admin group in order for them to see the report builder button on the SQL Server Reporting homepage & then have rights to launch the ReportBuilder click once app. I obviously do not want make users admins on the box, but I've tried adding them to all of the other groups having to do with SQLServer to no avail. How can I grant users access to launch the Report Builder app?

Users need to have the Report Server system permission "Execute Report Definitions" in order to see the Report Builder icon in Report Manager.

1. access Report Manager Site Settings page: http://%machine%/Reports/Pages/Settings.aspx

2. click "Configure site-wide security"

From here you can either modify an existing RS role assignment or create a new one, and give the applicable users permissions to "Execute Report Definitions".

BTW, the Windows security groups created by SQL Server setup aren't used for RS security. Members of the local Administrators get some built-in permissions, which is why making your users local Administrators caused the Report Builder icon to show up.

|||I started with that: the users see the report builder Icon, but then they are prompted with a Sql server logon when the click the report builder icon. I've granted datareader on the sql databases 'tfswarehouse' and 'reportServer' for that user. Is it a sql rights thing?|||

No, I don't think that's going to make a difference. The data that's used in the Report Builder reports is accessed using credentials as per the data source object in Report Server that's bound to the model that Report Builder is consuming.

Making sure I have the right repro:

1. click Report Builder icon in Report Manager

2. see a SQL Server logon dialog

You never see a model selection pane or a design surface?

|||

That's correct. If I give box admin rights to user, all looks and acts normally. With Report builder admin rights & no box admin rights the user sees report builder icon but when he goes to lauch the app he gets security dialog.

|||

Resolved it. Maybe it was me being dense, but the report builder site security page does not make any sense to me. You need to first of all create a group (box or domain) and add the users to it. then use that group name in the security page granting the content manager right. It makes total sense to me now that it's done, but it's not clear on the security page that that is what you need to do. I'd suggest making that page more clear... or the documentation... or both!