Registered: 1277744318 Posts: 117
Reply with quote
Security setup in Management Reporter can be a daunting task. That can usually be said about setting up security in any application though. It is always tedious to make sure that users should only be able to see the data to which they should really have access. It is a little scary, too, wondering if you have set security up correctly for everyone. In this article, we will try to alleviate some of the tediousness and the worry as we look at a few of the main security setup areas in Management Reporter.
The three main areas of security in Management Reporter are the Security section, column L in Reporting Trees for Unit Security and Permissions in Report Viewer for Library folders. While there are other security items in Management Reporter, we will focus on these three for this article. Users, Groups, Companies and Roles In Report Designer, the Security section has windows for Users, Groups and Companies. Users are typically imported automatically from the general ledger ERP system and that also determines company access and Role (we will discuss ERP security settings for Management Reporter in a later article). There are only four Roles in Management Reporter: Administrator, Designer, Generator and Viewer. Administrators can do everything. Designers can do everything except security settings. Generators can only run reports - they cannot build reports. Viewers can only view reports already generated. A little caveat about Administrators is that they cannot view reports to which they have not been granted Unit Security if Reporting Unit Unit Security is being used by that report. User Licenses Microsoft has been very generous with Management Reporter users lately with many installations having unlimited users. If your license key has a limited number of users though, Management Reporter will import your users from the general ledger until it reaches that limit. There is no alert or warning that some users are not being imported from the general ledger so you could have all of the settings correct in the GL but the users never make it to Management Reporter. Security Groups Probably one of our biggest suggestions when setting up users and security in Management Reporter is to use Security Groups. Security Groups allow you to place numerous users in a single Group and then use that Group to set security on Reporting Units in Reporting Trees and for folders in the Report Library. Should user permissions need to be changed later, you can move users within the Groups without having to go to every Reporting Tree and every Library folder to add or remove individual users. For this very significant reason, we suggest Groups being setup even if just for one person. This will save you a great deal of time in the future. Reporting Tree Unit Security After Groups are setup and populated, assign those Groups to Reporting Units in Reporting Trees using Unit Security in Column L. Multiple Groups may be assigned to Reporting Units. These are separated by semi-colons. It is also important to note, as mentioned earlier, that Management Reporter Administrators will not be able to open a report for any Reporting Unit to which they have not explicitly been granted access. Therefore, the Admin Group is usually assigned to every Reporting Unit in a Reporting Tree. Report Library Permissions The third security area to consider are permissions on the folders in the Report Library. In Report Viewer, all generated reports can be organized into folders. These are not folders on the network like those in Windows Explorer. These are just ways to group reports in the SQL database. You may create as many folders as you like with any naming convention. Use the Permissions button to set security on folders or on individual reports. Any folder or report allows permissions to be set for View, Edit, Create and Delete. Closing Points Keep these last few points in mind when setting up security in Management Reporter: There is a Public folder to which all Management Reporter users have access due to the built-in 'Everyone' Group. The 'Everyone' Group only includes Management Reporter users and may be granted permission to any folder created in the Library. New Management Reporter users are automatically included in the 'Everyone' Group. Setup a 'Preliminary' folder to generate all of your reports and then move any final reports to the monthly folders if you want to keep them. Unit Security settings in Reporting Trees override Library folder permissions for viewing reports. Other tips like these for Management Reporter are posted to our Twitter account ( http://www.twitter.com/msxgroup) under the #ManagementReporterTip hashtag. We will be glad to take any comments on this topic and for news of any updates as Microsoft releases new versions, cumulative updates and hot fixes.
__________________ Noah C. Moseley MSX Group Senior Consultant and Certified Instructor Noah.Moseley@MSXGroup.com http://www.MSXGroup.com Email me if you need help installing, implementing or just need training on Microsoft Forecaster, Management Reporter or FRx. Plus, Prospero for Financial Reporting and Budgeting is now available. See our introductory video at http://msxgroup.com/prospero_video_introduction
Management Reporter | Prospero | Forecaster | FRx Training | Consulting Services | Software Support