SSRS database permissions db_owner necessary

Question

Running some reports through SQL SSRS and everything is largely fine. Problem is that I had to make the group that my users belong to have a the role db_owner for the databases that I'm running reports on.

Is this necessary? Seems like overkill to me. I'd like the reporting group I've created to have minimal permissions. If I take it down to db_datareader then I get permissions errors when I run the reports.

Any help or additional insights inton the security model would be greatly appreciated

Answer 1

Just give execute permission to the reporting group you created to all the stored procedures that are used in your report. Example:

GRANT EXECUTE ON spName TO ReportingGroup;
GO

Answer 2

If the reports are based on stored procedures, you might try specifically allowing those users execute permissions on the stored procedures.