About Management Reporter security (PerformancePoint Server)

Microsoft Office PerformancePoint 2007 Management Reporter security ensures that only authorized users can access the program. Security limits the tasks each user can perform. The installation program creates a user with the role of administrator. The administrator can log on to create other users and groups.

In this topic

Users

Groups

Permissions

Users

Users are assigned one of four roles: Administrator, Designer, Generator, and Viewer. By default, all new users are assigned the role of Viewer. Before setting up new users, some planning is required. List the tasks that each user performs, and assign the role that is appropriate for each user. By default, the roles can perform the following tasks.

Role

Report Design tasks

Report Viewing tasks

Administrator

The administrator is allowed full access to all Management Reporter tasks.

The administrator is allowed full access to all Management Reporter viewing tasks.

Designer

The designer is allowed to design, generate, edit, and view reports, and report building blocks. Designers can also be given other tasks, as determined by the administrator.

The designer is allowed to delete, edit, create folders, rename reports and folders, and view reports to which the designer has been granted access.

Generator

The generator is allowed to generate reports and modify parameters for the reports. Generators can be given other tasks, as determined by the administrator.

The generator is allowed to delete, edit, create folders, rename reports and folders, and view reports to which the generator has been granted access.

Viewer

The viewer is not granted access to the report designer.

The viewer is allowed to view reports to which the viewer has been granted access.

Top of Page

Groups

You can create user groups and grant access to an entity based on groups. By using groups, you can give users access to many entities without having to change each user's permissions. Groups are also helpful when you want to send a report to many people. You can create a report and select one group rather than dozens or hundreds of individual users. For example, instead of selecting each manager in an entity, you can create a Managers group and then add managers to this group. Then, when you create a report, you can e-mail the report to everyone in the Managers group.

You can grant group access to reporting units in reporting tree definitions. You can also grant group access to a report library location.

Top of Page

Permissions

Management Reporter defines the following permissions. Each of these permissions is associated with one or more roles. In some cases, the Management Reporter administrator can add or subtract permissions for a user or group.

Designer Permission s

Description

Default Roles Allowed

Generate and distribute reports

Allows generating reports from within Report Designer to include all output types as well as sending an e-mail message at the time of generation.

Administrator, Designer, Generator

Exporting capability in Management Reporter Report Viewer

Allows exporting, printing, and e-mailing from within Report Viewer.

Administrator, Designer, Generator

Create reports

Allows the creation of new report definitions in Report Designer.

Administrator, Designer

Report library administration in Management ReporterReport Viewer

Allows modifications to the security settings (view/edit/create/delete access) on folders, items, and report versions in the report library.

Administrator, Designer

Account set access

Allows modifications (create, edit, delete) to account sets. View account sets from the Edit menu while viewing a row definition. Users without this permission can see the list of account sets but cannot change them.

Administrator, Designer

All entities access

Allows report generation and access to the data for all entities in Management Reporter. Users without this permission can be granted access to specific entities (on the Entity Access tab). Users with no access to any entity cannot log on to Management Reporter.

Administrator, Designer, Generator

Entity and building block group administration

Allows modifications (create, edit, delete) to entities and building block groups. View entities and building block groups from the Entity menu. Users without this permission can see the list of entities and building block groups but cannot change them.

Administrator, Designer

Security administration

Allows modifications (view/edit/create/delete for users/groups/entities) to security settings within Report Designer.

Administrator

Undo building block checkout

Allows undoing a building block checkout. View the list of building block checkouts from the Tools menu. Users without this permission can see the list of building block checkouts but cannot change them.

Administrator

Unprotect protected building blocks

Allows unprotecting a building block. Unprotect building blocks from the Tools menu while viewing a building block. Users without this permission can protect a building block to which they have modification access, but these users cannot unprotect any building blocks.

Administrator

Top of Page

Share Facebook Facebook Twitter Twitter Email Email

Was this information helpful?

Great! Any other feedback?

How can we improve it?

Thank you for your feedback!

×