Home Dashboard Directory Help
Search

Why do stored credentials require local logon permissions by MSDN Student


Status: 

Active


12
0
Sign in
to vote
Type: Suggestion
ID: 749322
Opened: 6/15/2012 10:58:31 AM
Access Restriction: Public
0
Workaround(s)
view

Description

We have enabled SSRS on our SP2010 farm. The hope was that each site collection owner can create report libraries by adding SSRS content types and then do reporting in a fairly autonomous fashion.

The problem however is that if we want to use subscriptions etc we have to use stored credentials and stored credentials require local logon permissions.

Now SSRS is deployed on a central IT managed server. Giving local logon permission just to make a feature like subscription work doesn't make sense from an IT perspective because end users should only be able to use SSRS they should not have permissions at the OS level on a IT managed server.

This will kill the adoption of the product because in financial institutions this requirement that end users should have local logon rights would lead to an IT audit and un-necssary explations on why such rights were granted.

Ideally windows and sql server should be able to impersontate the user without local logon rights because again from an IT perspective each time a user wants to use SSRS, now we need to give rights on the centrally managed SSRS Server.

This obviously makes no sense from an IT persptive (makes life of SSRS server admin hard) and is an unneccassary risk.
Details
Sign in to post a comment.
Sign in to post a workaround.