April 3, 2009 at 5:29 am
Hi guys hope you can help;
We have our reporting server setup now for the last six months and working fine. As more and more users are starting to run reports of it, to give us better control over access to report folders, we implimented role based secuirty on the report server.
When a new reporting department folder is created on the report server a group for that folder is created in active directory. This group is then applied to the department folder security property. Now any users that require acces to the folder can be mabaged from within AD.
My problem is when i add users to the group using AD it can take up to 5-6 hours for them to get visibility of the folder from within Report Manager, obviously this s not good.
I know it is not a problem with report manager reading AD. I can prove this by creating a group in ad and then adding it to the security property of the folder in report manager- miss spell the group name and you get an error - so it must be checking ad for the existance of the group.
has anyone else encounter this
p
April 3, 2009 at 8:42 am
My problem is when i add users to the group using AD it can take up to 5-6 hours for them to get visibility of the folder from within Report Manager, obviously this s not good.
This is related to the skills of your System Admins who are not creating AD profiles that updates quickly so your only other option is to use Asp.net AD membership provider which uses IIS and LDAP to synch your users with AD.
Kind regards,
Gift Peddie
April 3, 2009 at 9:16 am
not sure if that is the case. why is it then as mentioned, when i create a group in ad report manager recognises that group straight away (this must mean AD has refreshed). it is only when i add users to that group that the delay occurs.
p
April 3, 2009 at 9:25 am
it is only when i add users to that group that the delay occurs.
The group is a new object defined in AD and your users are existing AD objects AD will not change the update to their group membership if there is no code to update it immediately. I worked for a company that let us choose what server to login the main domain updates correctly because those system admins must be skilled while local admins are less skilled. You need to either talk to your system admins or use Asp.net membership if you are in 2005.
Kind regards,
Gift Peddie
April 3, 2009 at 9:34 am
thanks for your imput gif,
that dose make sence, but it dosent just happen when i create new groups. When i update any group (old or new) with users i experience this delay, so is your last post still applicable.
Not sure what you mean by Asp.net membership, could you point me in the right direction to google this
cheers
p
April 3, 2009 at 10:27 am
When i update any group (old or new) with users i experience this delay, so is your last post still applicable.
Yes the reason is AD has a profile object that changes information about all users including password change if there is code or some work is done this changes quickly but if your Admin does not know such operation exist Windows update user infomation when it must update and not when you want it. Here is the Asp.net membership you can use if you are in 2005. You cannot use it in 2008 because it does not use Asp.net by default.
Kind regards,
Gift Peddie
Viewing 6 posts - 1 through 5 (of 5 total)
You must be logged in to reply to this topic. Login to reply