Prev: SUMming in RS2005
Next: occurence of charcter no of times
From: Bruce L-C [MVP] on 18 Dec 2009 10:48
One additional point. Your 2005 reports should work as is but because of my
2000 to 2005 experience I went through and converted my reports to 2008. By
that I mean I opened up each report in RS 2008 report designer which
converts the reports and then I redeploy. Might be overkill but I prefer to
limit any potential issues.

--
Bruce Loehle-Conger
MVP SQL Server Reporting Services

"Mecn" <mecn(a)yahoo.com> wrote in message
news:eOD93E$fKHA.2184(a)TK2MSFTNGP04.phx.gbl...
> Thanks a lot Bruce.
> Is it still OK to upgrade from SSRS2005 to SSRS2008 instead of Migrate/
> install
>
>
> "Bruce L-C [MVP]" <bruce_lcNOSPAM(a)hotmail.com> wrote in message
> news:ebRM97%23fKHA.5564(a)TK2MSFTNGP06.phx.gbl...
>> Do you mean upgrade from RS 2000 to RS 2005. That upgrade was quite easy.
>> The upgrade to RS 2008 is more difficult because they made major
>> architectural changes that cause the upgrade to be more of an install and
>> migration rather than an upgrade.
>>
>> As far as security you need to be more specific. I am not aware of
>> security issues. BUT, it depends on what you mean by it.
>>
>> The way I look at security for my site, if you have rights to a report
>> you have rights to the data in the report. But, in a few cases where that
>> isn't true then I use the User!UserID global variable to restrict the
>> access to a report.
>>
>> Now, if you have data that you need to restrict and you are doing it by
>> the parameter being passed into the report, then that can be modified.
>>
>> The way to look at it is that RS uses role based security and is giving
>> rights to run a report. The data behind the report it is up to you on how
>> restrictive to make it. You can use User!UserID, you can use the login
>> user in the data source. By that I mean you add the user as a login to
>> SQL Server and then the credentials used for the data source is the user
>> viewing the report.
>>
>> I don't do that. I have SQL Server in mixed mode and have a login that
>> has read only rights and give that use execute rights on appropriate
>> stored procedures. Then all reports use this special user for the
>> credentials. The person running the report is only used by RS to
>> determine if they have the right to run the report.
>>
>>
>> --
>> Bruce Loehle-Conger
>> MVP SQL Server Reporting Services
>>
>> "Mecn" <mecn(a)yahoo.com> wrote in message
>> news:eu63k1#fKHA.5792(a)TK2MSFTNGP05.phx.gbl...
>>> Hi,
>>>
>>> We are trying to have SSRS2005 ready for production and I heard that
>>> SSRS2005 upgrade to SSRS2005 is very difficult and SSRS2005 securty is
>>> very
>>> poor.
>>> IS that True?
>>>
>>> Thanks,
>>>
>
>
From: Mecn on 18 Dec 2009 10:52
Thanks very much...


"Bruce L-C [MVP]" <bruce_lcNOSPAM(a)hotmail.com> wrote in message
news:eC%23Ufl$fKHA.5608(a)TK2MSFTNGP05.phx.gbl...
> If you have done an install from 2000 to 2005 keep in mind this is totally
> different. 2000 to 2005 allowed an in place upgrade. 2005 to 2008 does
> not. Part of the reason for this is that RS 2008 no long uses IIS. It can
> coexist with IIS being installed but it does not use it. Read up carefully
> on this. I found it to be a bit convoluted.
>
> That being said, RS 2008 is a great product and well worth the hassle of
> upgrading.
>
> --
> Bruce Loehle-Conger
> MVP SQL Server Reporting Services
>
> "Mecn" <mecn(a)yahoo.com> wrote in message
> news:eOD93E$fKHA.2184(a)TK2MSFTNGP04.phx.gbl...
>> Thanks a lot Bruce.
>> Is it still OK to upgrade from SSRS2005 to SSRS2008 instead of Migrate/
>> install
>>
>>
>> "Bruce L-C [MVP]" <bruce_lcNOSPAM(a)hotmail.com> wrote in message
>> news:ebRM97%23fKHA.5564(a)TK2MSFTNGP06.phx.gbl...
>>> Do you mean upgrade from RS 2000 to RS 2005. That upgrade was quite
>>> easy. The upgrade to RS 2008 is more difficult because they made major
>>> architectural changes that cause the upgrade to be more of an install
>>> and migration rather than an upgrade.
>>>
>>> As far as security you need to be more specific. I am not aware of
>>> security issues. BUT, it depends on what you mean by it.
>>>
>>> The way I look at security for my site, if you have rights to a report
>>> you have rights to the data in the report. But, in a few cases where
>>> that isn't true then I use the User!UserID global variable to restrict
>>> the access to a report.
>>>
>>> Now, if you have data that you need to restrict and you are doing it by
>>> the parameter being passed into the report, then that can be modified.
>>>
>>> The way to look at it is that RS uses role based security and is giving
>>> rights to run a report. The data behind the report it is up to you on
>>> how restrictive to make it. You can use User!UserID, you can use the
>>> login user in the data source. By that I mean you add the user as a
>>> login to SQL Server and then the credentials used for the data source is
>>> the user viewing the report.
>>>
>>> I don't do that. I have SQL Server in mixed mode and have a login that
>>> has read only rights and give that use execute rights on appropriate
>>> stored procedures. Then all reports use this special user for the
>>> credentials. The person running the report is only used by RS to
>>> determine if they have the right to run the report.
>>>
>>>
>>> --
>>> Bruce Loehle-Conger
>>> MVP SQL Server Reporting Services
>>>
>>> "Mecn" <mecn(a)yahoo.com> wrote in message
>>> news:eu63k1#fKHA.5792(a)TK2MSFTNGP05.phx.gbl...
>>>> Hi,
>>>>
>>>> We are trying to have SSRS2005 ready for production and I heard that
>>>> SSRS2005 upgrade to SSRS2005 is very difficult and SSRS2005 securty is
>>>> very
>>>> poor.
>>>> IS that True?
>>>>
>>>> Thanks,
>>>>
>>
>>


From: Scho on 18 Dec 2009 11:10
Just to add to what Bruce has said, we've migrated from 2005 to 2008
here where I work (entire environment incl. SSIS and SSRS) and had no
major issues. Reporting was fairly easy to configure and all the
reports worked, although like Bruce, we opened them all in Visual
Studio 2008 and let it convert them and then checked they still worked
and looked okay before deploying them.

If in doubt, put them in VS08 and see what happens! :o)

HTH,
Scho
From: Mecn on 18 Dec 2009 12:12
Since SSRS 2008 no longer use IIS What consequences are there without the
use of IIS?
IS there a an issue of security without IIS?

Thanks again


"Scho" <Schodoodles(a)hotmail.com> wrote in message
news:ed44af7f-5ad2-45bb-b6c9-df4054ae57af(a)n35g2000yqm.googlegroups.com...
> Just to add to what Bruce has said, we've migrated from 2005 to 2008
> here where I work (entire environment incl. SSIS and SSRS) and had no
> major issues. Reporting was fairly easy to configure and all the
> reports worked, although like Bruce, we opened them all in Visual
> Studio 2008 and let it convert them and then checked they still worked
> and looked okay before deploying them.
>
> If in doubt, put them in VS08 and see what happens! :o)
>
> HTH,
> Scho


From: Scho on 18 Dec 2009 12:31
I don't think so, as far as I'm aware it was moved 'into' SSRS 2008 as
people were having issues installing RS on servers without IIS
installed/enabled on and as such took a lot more effort than normal to
get things working.
I believe the security is fairly good although it's all co-dependent
on various issues; I'd check the BOL as I'm sure it will be outlined
there.

Scho
First  |  Prev  |  Next  |  Last
Pages: 1 2 3
Prev: SUMming in RS2005
Next: occurence of charcter no of times