We need to expose a Report Manager URL to open internet. Hence we have configured Reporting Service in a web server and from there we are connecting to the SQL box where reporting database resides.
The issue is we are not able to control the access through the report manager security settings.
When we are setting the service account in Reporting Services Configuration Manager with an account which is having sysadmin access on the SQL box, everyone is able to access the report manager page irrespective of people having access or not and they are able to tweak security settings like can add or delete a person or can give any kind of access in Report Manager.
When we are setting the service account with an account which is not having required access, nobody is able to access the URL irrespective of any level of access provided through the Report Manager.
This means the whole authentication is happening through the service account under which the report service is running in web server, not through the individual credential which one is passing while being prompted at the time of the hitting the Report Manager URL.
The same configuration is working fine if we configure reporting service on a db box and hitting the same db box for reporting db. I mean if I give a person only browser access s/he is able to only browse a report and if s/he hits “Folder settings” tab, it does not go anywhere and the same page reloads.
Let me know in case any further information is needed. Please help me in order to resolve this authentication issue.
Thanks
Soumyadeb