Reporting services maintain role based security. When a user logs into reporting services, a Report Manager (whose duty is to maintain security of Reporting Services) first checks the identity of user and then determine what rights he have to perform on report.

Report Manager manages the security at 2 levels –

1. System-level – Administer the report server globally

2. Item-level – Security at report and dataset level

System-level roles are:-

1. System Administrator – can manage report server and report manager security

2. Site User - view basic information like report properties and schedules.

Item-level roles – User can use any of predefined item-level roles or create their own roles by using combination of predefined item-level roles.

Pre-defined Item-level roles are:-

1. Browser – can navigate to report and run them.

2. My Reports – these users’ rights is restricted to reports present in their MyReports folder. However, they can create, view and manage reports in their folder.

3. Publisher – As name suggest, publisher user has rights to publish reports to Reporting Server database.

4. Content Manager – has all permission at item-level.