Search This Blog

Thursday, 5 March 2015

List SSRS items Permissions using PoweShell




If we pull SSRS Items security using ReportServer database using following query then we get stale information. It includes those users as well that has been deleted/deactivated in Active directory.

select C.UserName, D.RoleName, D.Description, E.Path, E.Name
from dbo.PolicyUserRole A
   inner join dbo.Policies B on A.PolicyID = B.PolicyID
   inner join dbo.Users C on A.UserID = C.UserID
   inner join dbo.Roles D on A.RoleID = D.RoleID
   inner join dbo.Catalog E on A.PolicyID = E.PolicyID
order by C.UserName

So instead of using query at ReportServer Database, we can use reportservice2005.asmx GetPolicies method. Following is the Powershell Script that writes the SSRS Folders permissions in SSRSSecurityOutput.csv. Just copy and paste the following code in a .ps1 file like SSRSPermissions.ps1.
.Ps1 is file extension for poweshell script.

$ReportServerUri = 'http://<ReportServer>/ReportServer/ReportService2005.asmx'
$InheritParent = $true
$SourceFolderPath = '/'
$outSSRSSecurity=@()

$Proxy = New-WebServiceProxy -Uri $ReportServerUri -Namespace SSRS.ReportingService2005 -UseDefaultCredential
$items = $Proxy.ListChildren($sourceFolderPath, $true)|Select-Object Type, Path, Name|Where-Object {$_.type -eq "Folder"};
foreach($item in $items)
{
Add-Member -InputObject $item -MemberType NoteProperty -Name UserName -Value '';
foreach($policy in $Proxy.GetPolicies($item.path, [ref]$InheritParent))
{
                $objtemp=$item.PsObject.Copy();
                $objtemp.UserName=$policy.GroupUserName;
                $outSSRSSecurity += $objtemp;
                $objtemp.reset;
}
}
$outSSRSSecurity|Export-csv SSRSSecurityOutput.csv -NoTypeInformation;

4 comments:

  1. Thank you for your wonderful script. It works perfectly to only see the current Active Directory usernames, which is exactly what I needed!

    ReplyDelete
  2. @Rebecca Barron: good to know that you found this script helpful.

    ReplyDelete
  3. Great script. Wonderful.
    Very useful

    Thanks in advanced.

    ReplyDelete