The minimum is read only against the necessary tables.
My suggestion is to do the following.
1. Make sure you understand how the role based security works. Use the
windows security to grant access the the appropriate roles in RS. I.e. use
windows accounts just to determine who gets to run a particular report(s).
2. Create a single readonly account on your report server (although you can
use a domain user, I run in mixed mode and have a sql user just for
reporting). You give readonly rights to tables and execute on the
appropriate stored procedures.
3. On your report server you will have data sources, set the credentials to
this special read only user.
The reason I suggest this is two fold. First, you don't have to continually
create SQL Server accounts. I create a local group on my report server that
I add domain groups and domain users. Then that local group I assign to the
appropriate role in RS.
Another reason this is good is it allows the magic of connection pooling to
work for you.
--
Bruce Loehle-Conger
MVP SQL Server Reporting Services
[quoted text, click to view] "Ryan Mcbee" <RyanMcbee@discussions.microsoft.com> wrote in message
news:190B07E0-7878-4516-A5DE-B7B486137919@microsoft.com...
>I understand that SSRS only works with windows security and not sql. Does
> the windows account need to be created on the sql server in security
> logins?
> What is the minimum security for the windows account on sql if so? I am
> trying to get a few windows authentication accounts access to a report. I
> see how to add the user or group in the localhost/reports.
>
>
> Thanks,
> Ryan
