What if you want to give a console user the rights to only run reports? This blog post will show how to create an SCCM report viewer role.
Microsoft doesn’t have include a way to only view reports in SCCM.
You could grant access to the Read-only Analyst role which will be enough to run a report but maybe you don’t want them to see all nodes.
In SCCM, role-based administration combines security roles, security scopes, and assigned collections to define the administrative scope for each administrative user. An administrative scope includes the objects that an administrative user can view in the SCCM console and the tasks related to those objects that the administrative user has permission to perform. Role-based administration configurations are applied at each site in a hierarchy.
Create a Report Viewer Role in SCCM
Here’s what to do to achieve this:
- SCCM Console / Administration / Security / Security Roles
- Right click on Read-only Analysts
- Select Copy
- Go throught each node and keep only Run Reports and Read to YES
- At the end, it should look like this
- Click OK and all you need to do is add your user to the role you just created
Let us know if this tip was helpful for you by using the comments section.
Founder of System Center Dudes. Based in Montreal, Canada, Senior Microsoft SCCM Consultant, 5 times Enterprise Mobility MVP. Working in the industry since 1999. His specialization is designing, deploying and configuring SCCM, mass deployment of Windows operating systems, Office 365 and Intunes deployments.