Hosted Messaging and Collaboration uses SQL Reporting Services to provide standard reports on system performance. For this solution, the standard reports are made available through Report Manager, a Web interface available on the reporting server at http://<OMSQL01>/Reports/Pages/Folder.aspx. This interface provides access to all the standard solution reports.
Reports can be accessed on-demand by visiting the report manager or through subscription. Some reports may be generated on a scheduled basis and cached. This facility to schedule and cache reports reduces the time that is required for a report to be available to a user because the query in not being run in real-time with every view request.
Security Considerations
Reporting services uses Internet Information Services (IIS) Web site security to authenticate the user's attempt to access the reports. Therefore, integrated Windows security is the default program. You can grant any Windows account access to the Report Manager provided it is from the same domain as OMSQL01 or from a trusted domain.
Basic authentication can also be used to access the Report Manager virtual directory. Digest authentication is not supported. A custom security model can also be applied, especially for Internet or extranet access to reports.
If the user has permission to access Report Manager, he can see all reports. No credentials are required at runtime to access data sources.
New Security Features in Operations Manager 2007
The following sections describe security-related features available in Operations Manager 2007 that were not available in Microsoft Operations Manager (MOM) 2005.
Run As Accounts and Run As Profiles
In MOM 2005, the running of all rules and responses used credentials from a single action account, and therefore, the action account needed sufficient rights for all monitored applications. Operations Manager 2007 introduces Run As Accounts and Run As Profiles. Multiple Run As Accounts can monitor multiple applications or components and allows you to create credentials with the least amount of privileges necessary for the desired task.
Run As Accounts allow you to manage all passwords and accounts for the entire Management Group from one location, the Root Management Server.
User Roles
You can access and manipulate Operations Manager 2007 through several methods, through the Operations Console, Web Console, Windows PowerShell, or through custom applications. In all cases, role-based security ensures that the user credentials supplied are members of a user role in Operations Manager 2007.