I have an SSRS 2008 installation on top of IIS 7 and I need to limit the visibility of certain reports. The reports are deployed under several different folders in the SSRS 2008 instance. Each folder in SSRS is setup with an Active Directory security group with the Browser role assigned to it. Each user that needs access to a certain set of reports is assigned as a member of the appropriate security group. The data source is shared between all the reports and it uses the credentials of a service account to connect to the source data for the reports.
My domain account is an administrator on the local SSRS server, so I have full control and visibility of the Report Manager front-end. But the users in the AD sec groups are not able to see anything when they go the Report Manager URL. What am I doing wrong here? Can anyone point me in the right direction?
I actually figured it out: I needed to give the security groups the Browser role at the root of the Report Manager. Initially I had only given the security groups roles on the folders. Once I applied the security group roles to the root everything started to work as expected.