rsAccessDenied was all that stood between me and high fives from the customer. The message from SQL Server Reporting Service (SRS) even displayed the clients log on name – so SRS KNEW who it was denying. No impersonation was going to solve this one.
The Redirect string was fine, because it worked in test and on the server for those of us with admin rights. (Yeah, I know -- but this a practical blog -- remember?) So I fired up Report Manager to see what it had to say about the security settings on my report folders. All I saw was the built in administrator and no way to add any more.
Hmmm. At the Home folder level, I could add roles. Since my client had access to the box, she must be in some local group or another, so I added Guests and Users with SRS Browser capacity. I sauntered over to the client and acted as if I expected the report to work now. It did. I took my bows and made my exit with no small relief.
If this stuff was easy, nobody would need developers.