Saturday, October 20, 2012

SSMS Report Security Bug

To view SSMS reports there are few security roles you need to grant. In SSMS there are three types of reports.

1. Server Reports

2. Database Reports

3. SQL Server Agent Reports

To view Server Reports you need VIEW SERVER STATE permission. To view database reports, you need db_datareader permissions. However, if you have any other permissions, following is what you see.

image

As expected, Standard Reports are disabled but reports which were opened before are in the list!! and you can run those reports as well.