Module 6: Administering Reporting Services

Overview

Server AdministrationPerformance and Reliability MonitoringDatabase AdministrationSecurity Administration

Lesson: Server Administration

Configuration File SettingsAssigning Server Accounts

Configuration File Settings

Configuration File Settings

RSReportDesigner Rendering, data source, and designer extensions

RSWebApplication Delivery extensions and active user request limits

RSReportServer Data connection strings, SMTP server settings, rendering, and delivery extensions

ReportingServicesService

Trace level and log files

Assigning Server Accounts

Report server database connection account choices Windows authentication

SQL authentication

Report server Windows service account choices Local System account (recommended)

Domain account

Network service account (Windows Server 2003 only)

Lesson: Performance and Reliability Monitoring

Using Trace FilesControlling Trace FilesLogging Report ExecutionUsing Performance CountersApplying TimeoutsSuspending Jobs

Using Trace Files

Records information about Report Server operations System information

Event logging

Exceptions and warnings

Inbound and outbound SOAP envelopes

HTTP header, stack trace, and debug information

Different trace files for each componentCreated daily but never deleted

Controlling Trace Files

DefaultTraceSwitch in ReportingServicesService.config controls trace levelTrace level options:

0 = Disable tracing

1 = Exceptions and restarts

2 = Exceptions, restarts, warnings

3 = Exceptions, restarts, warnings, status messages(default setting)

4 = Verbose mode

Logging Report Execution

Report execution logs to the Report Server database, and allows: Monitoring of execution performance over time

Viewing frequency of report requests and the users who request them

Logs information including: Data retrieval, processing and rendering times, and report source

Set up execution logging in Report Manager to: Enable or disable logging globally

Specify removal frequency of log entries

Use supplied DTS package to browse log information

Using Performance Counters

Performance counters provide statistical information about Reporting Services applicationsReport server counters include:

Active Sessions

Reports Executed/Sec

Total Cache Hits

Total Requests

Scheduling and Delivery Processor counters include: Deliveries/Sec

Total Processing Failures

Applying Timeouts

Source query timeouts Apply to the query execution time

Configured per data set query

Return a failure when timeout is exceeded

Report execution timeouts Apply to the total report execution time

Configured globally or per report

Return a failure when timeout is exceeded

Suspending Jobs

Disabling shared data sources disables: Report execution

Data-driven subscription processing

Pausing shared schedules disables: Scheduled report execution

All subscription processing

Scheduled cache expiration

Lesson: Database Administration

Understanding Database StorageDetermining Disk Space RequirementsDefining a Backup and Restore Strategy

Understanding Database Storage

ReportServer database stores: Reports, folders, shared data sources, and meta data

Resources

Snapshots

Report history

ReportServerTempDB database stores: Session cache

Cached instances

ChunkData tables consume a large percentage of both databases

Determining Disk Space Requirements

Steps to estimate database sizes:

1. Estimate total number of reports

2. Examine intermediate report size

3. For ReportServer database, factor in intermediate report persistence

4. For ReportServerTempDB database, factor in caching

Defining a Backup and Restore Strategy

Data backup and restore Use SQL Server backup and restore

ReportServer database - essential

ReportServerTempDB database - optional

Encryption key backup and restore Public and symmetric keys needed for passwords and

connections

Use encryption key management utility

Lesson: Security Administration

The Reporting Services Authorization ModelAssigning RolesWorking with Item-Level Role DefinitionsSecuring ItemsWorking with System-Level Role DefinitionsSecuring the System

The Reporting Services Authorization Model

Relies on role-based security Roles categorize user interaction with a specific system or

resources into groups

Facilitates administration of user permissions

Provides flexible management of role membership

Requires underlying network authentication Windows authentication is the default model

Custom or third-party authentication via security extensions is supported

Assigning Roles

Base roles on tasks that users can performTasks are: Predefined within the system Categorized as either item or system

Assignment consists of three components: Windows user account or group Role definition - collection of item or system tasks Securable object - item or system-level object

Use Report Manager to assign roles

Working with Item-Level Role Definitions

New item-level roles can be addedPredefined item-level roles can be modified

Predefined Role Description

Browser View reports, resources, and folders

My Reports Manage own My Reports folders

Publisher Add content to the report server database

Content Manager

Deploy reports, manage data source connections, determine how reports are used

Securing Items

Secure individual items such as reports, data sources, or resourcesOr group items together by using a folder – simplifies administrationLink user or group to item-level role for each item

1. Edit the Security properties of the item

2. Click New Role Assignment

3. Enter user or group name and select roles

Working with System-Level Role Definitions

New system-level roles can be addedPredefined system-level roles can be modified

Predefined Role Description

System User View basic information about the report server

System Administrator Administer report server but not content

Securing the System

Report server site itself is the securable objectUsers or groups Similar to item security - local or domain accounts Local administrators are automatically system

administratorsLink user or group to system-level role1. In Site Settings, click Configure site-wide security2. Click New Role Assignment3. Enter user or group name and select roles

Demonstration: Item Security

In this demonstration you will see how to:Create a new roleSecure an item

Review

Server AdministrationPerformance and Reliability MonitoringDatabase AdministrationSecurity Administration

Lab 6: Administering Reporting Services

Exercise 0: Deploy the Demonstration ReportsExercise 1: Securing the SiteExercise 2: Securing Items