-
Title
How to give users access to the Spotlight on Messaging Web Reports or prevent users from accessin -
Description
How can I give certian users access to the reports and prevent other users from accessing them?
-
Resolution
There are two types of security that can be implemented, Role Based Security and File System Based Security.
Role Based Security
Role-based security provides an initial layer of security for your reports. Three local security groups, each with specific permissions, are created when MessageStats Reports is installed:
- Web Report Administrators
- Web Report Authors
- Web Report Users
The effect of role-based security is uniform for all reports. All three security groups have access to the report site and to all reports. The roles (Administrator, Author, and User) provide different permissions that can restrict the ways reports can be manipulated.
The default membership to these security groups places administrators in the Web Report Administrator role, and all others in both the Web Report Authors and Web Report Users roles.
To customize the memberships, you can add or remove users from the default groups. Administrators can specify which users belong to which roles by modifying their membership in these local groups. The role-based security scheme is easier to manage than the file-system permissions security scheme, as the changes to these security groups immediately affect all reports.
To find the actions associated with each role go to the MessageStats report and select the Help Menu and search for Role Based Security.
File-System Based Security
In addition to the Web Report security roles, you can set an additional level of security using a file-based permissions scheme. At minimum, the role-based security scheme allows all roles to view all reports.
Alternately, a file-based permission scheme can restrict the available reports to some users. Explicit permissions are applied on a per-group or per-user basis, and assigned to individual files, folders, and reports. You can configure the settings so that different groups, such as executive management, the help desk, and Exchange administrators can see different report nodes and reports.
System administrators can create more sophisticated security schemes by modifying the file permissions for reports and folders in the file system on the web server. Report files and folders are normally located in the following path: c:\inetpub\wwwroot\MessageStatsReports\Reports. By restricting the reports that are available to all users, you can protect sensitive analytical data from users that do not require that information.
Users connecting through a web browser can only see report files and folders for which they have read access permissions, and folders for which they have list permissions in the file system