Skip to main content
cancel
Showing results for 
Search instead for 
Did you mean: 

The ultimate Microsoft Fabric, Power BI, Azure AI & SQL learning event! Join us in Las Vegas from March 26-28, 2024. Use code MSCUST for a $100 discount. Register Now

Reply
Anonymous
Not applicable

Hide reports or pages to users

Hello,

 

I need very important help about a report server instance.

 

This server is used by a lot of people. They all open a report where RLS allow them to see only some data. I have some special users who must see some more information, completely hidden to the previous "not-special" ones, who must not even know they exist.

 

So, I think I have 2 choices:

  • I create only a report for everybody where some of the pages are hidden to the common users and are visible only to the special ones
  • I create a separated report with the information reserved for the special users.

 

I don't think the first one is possible, I read I can't hide pages to users within a report. So, I think I need to choose the second one, but I don't know how to hide the report to the common users. They must not know it exists.

 

I'd hear any other proposal with pleasure, of course. It's a do-or-die aspect I need to fix.

 

Thank you so much for your help.

 

Nick

1 ACCEPTED SOLUTION
Anonymous
Not applicable

Apologies that was bit of a rubbish explanation

 

When you deploy/save a PBIX form PBI Desktop you get to browse the folders on your PBI-ReportServer.

 

You can create folders on your PBI-ReportServer using the web front end. Usually http:\\yourservername\Reports\

 

You could create a folder called MyReportSubjectArea and then inside that folder create another folder called MyReportSubjectAreaSuperUsers. You can set security at folder level so restrict the MyReportSubjectArea  folder to your main users and MyReportSubjectAreaSuperUsers to the more restricted set o users (we use AD groups to do this as it's way easier to add people to AD groups than adding and removing individual users via the SSRS web front end. (SSRS is the underlying server tech for PBI-ReportServer)

 

If you don't have any permissions on a folder you don't see it and can't access the contents even if someone sends you a link.

 

This page is about configuring SSRS security

 

https://docs.microsoft.com/en-us/sql/reporting-services/security/grant-user-access-to-a-report-serve...

 

 

View solution in original post

8 REPLIES 8
Anonymous
Not applicable

Yeah. I think you need a separate report. In a separate folder in SSRS with its own security group/restrictions. This is just simpler to manage, though you may well need to copy logic across the reports...

Anonymous
Not applicable

Hi @Anonymous  and thanks for your answe.

 

Sorry I still don't understand what SSRS is. For what I know, you mean I need to create in PBIRS a separate folder with the special report? And there you tell me I can set security restrictions? What would my common users see? They see the folder but can't open it? Or what else?

 

Thank you very much

 

Nick

Anonymous
Not applicable

Apologies that was bit of a rubbish explanation

 

When you deploy/save a PBIX form PBI Desktop you get to browse the folders on your PBI-ReportServer.

 

You can create folders on your PBI-ReportServer using the web front end. Usually http:\\yourservername\Reports\

 

You could create a folder called MyReportSubjectArea and then inside that folder create another folder called MyReportSubjectAreaSuperUsers. You can set security at folder level so restrict the MyReportSubjectArea  folder to your main users and MyReportSubjectAreaSuperUsers to the more restricted set o users (we use AD groups to do this as it's way easier to add people to AD groups than adding and removing individual users via the SSRS web front end. (SSRS is the underlying server tech for PBI-ReportServer)

 

If you don't have any permissions on a folder you don't see it and can't access the contents even if someone sends you a link.

 

This page is about configuring SSRS security

 

https://docs.microsoft.com/en-us/sql/reporting-services/security/grant-user-access-to-a-report-serve...

 

 

Anonymous
Not applicable

Sorry @Anonymous 

 

I accepted your answer as a solution as I thought it would work, but now I am in trouble again with the same issue. Hope you read my topic once again. I create a folder with my "public" report and then in this folder I create another folder with the "more private" report. I have 2 users: the first is system administrator and has every possible roles in both folders, so he can visualize everything, the second one instead has no role in site settings, he has no roles in folder management too, he just has a row-level role in the "public" report where he sees what's right for him, while he can open the "private" report but no data is shown.

 

It's not good to me, I need the second user not to see the second folder with the private report at all!!

 

Pray you or someone can help me.

 

Thank you so much

Anonymous
Not applicable

Create a new role (site settings security). Add your sysadmin to this role. Now "manage" the "private folder" you created and customise its security so only the new role has access.

 

Your sysadmin shoudl be able to see the folder, your other login shouldn't. Add your other login to the role and the folder shoudl appear for them. Remove them and it shoudl vanish. Sometimes you have to kill the browser to get the fresh permissions as some of this stuff gets cached.

 

regards

 

S

Anonymous
Not applicable

Thank you @Anonymous 

 

Well it doesn't work or I didn't understand your hint.

I can create a new system role, but it depends on what activities I allow it on Reporting Services. Then, where should I add my sysadmin to this role? In Site settings on Report Server on in SQL? I don't know if you mean my super user on Power BI Report Server or SQL sysadmin. I don't even know how to manage the private folder so that only new role has access, as well. I thought I need an item level role, or not?

 

Thank you once again.

 

Nick  

Anonymous
Not applicable

Sorry that was obviously a poor explanation. I can't produce a more detailed guide with screen shots at the moment as I'm no longer working with PBI on premise at my new company and haven't got access to an instance here.

 

It's basically the same as SSSR server so these two links should point you in the right direction.

 

http://www.andrewmosey.com/hiding-ssrs-folders-from-users

 

https://www.youtube.com/watch?v=d2E6B3TTUYg

 

The video is an older version of SSRS so looks pretty different but the fucntionality/approach is the same.

 

This is all about the users on the PBI ReportServer. So you need to log on as that user on a client machine and browse to the PBI ReportServer as that user to see the effect. If you're an admin on the PBI Report Server you get to see pretty much everything all the time.

 

regards

 

Steve

 

Anonymous
Not applicable

We actually use AD groups for this. So we assign the AD group to the role in SSRS/PBI-SSRS and then assign users into the AD group. But for testing it using a specific user login will work. It just gets difficult to maintain with lots of user

Helpful resources

Announcements
Fabric Community Conference

Microsoft Fabric Community Conference

Join us at our first-ever Microsoft Fabric Community Conference, March 26-28, 2024 in Las Vegas with 100+ sessions by community experts and Microsoft engineering.

Top Solution Authors