Our security is driven by Active Directory security groups. Users who discover reports are prompted with a "Request Access" dialogue box that ultimately goes no where because there is no one to see these requests. Once they are discovered, they are just cleared out because of the disconnect on how authority is provided to reportsets and who maintains the area where these requests will appear.
This dialogue box actively prevents users from seeking authorisation through proper channels because it gives that user the illusion that that request is a valid method of seeking authorisation. This creates a poor user experience that could be prevented if we had the ability to disable that request. This would force the user to seek authorisation through the proper channels.