Managed Reporting (MR) has many features that enable security integration with your business at the enterprise level. If security integration is not your immediate concern, you can skip this section because Managed Reporting is installed out of the box with its own built-in user repository.

The first step in an enterprise Managed Reporting deployment is to identify roles and responsibilities. It is possible in a large enterprise that there are different people charged with the following roles:

• WebFOCUS Administrator. This role has access to the WebFOCUS Administration Console and can configure global settings including Managed Reporting security, multi-language support and data server access. You can access the iServer Console from the WebFOCUS Administration Console.
• Reporting Server Administrator. This role has access to the Reporting Server Console and has rights to configure adapter settings and also global settings such as server security. They can also identify and set access rights for other individuals who can use the Reporting Server Console.
• Reporting Server Application Administrator. This role has access to the Reporting Server Console and has rights to create metadata and application resources. For a complete description of this and other Reporting Server privilege levels, consult your Server documentation.
• Managed Reporting Administrator. This role has access to the Managed Reporting Administration interface. They can create and managed MR users, groups, domains, and roles, and define which reports are available to each different group of users. Administrators can also delegate limited administrative capabilities by assigning the MR Security Object Manager, MR Group Authorization Manager, or the Managed Reporting Group Administrator roles.
• MR Security Object Manager. This role can create and manage domains, groups, roles, and users. Users created by a MR Security Object Manager are assigned the No Privilege role, which means that they have no functional capabilities. They can also access View Builder with the same capabilities as a Managed Reporting Administrator.
• MR Group Authorization Manager. This role can perform specific tasks for the groups that they are a member of. They manage access to Managed Reporting application content by assigning users and domains to the groups they manage, as well as manage a functional capabilities of a user by assigning a user a role and privileges. The MR Group Authorization Manager cannot create or delete Managed Reporting Security Objects (domains, groups, roles, and users) and they cannot manage a user who is a member of a group to which the MR Group Authorization Manager is not a member.
• Managed Reporting Group Administrator. This role can add and remove users from the groups to which they are granted administration rights, and can create users with some limitations. Group Administrators can also access the View Builder to create and update Group Views for groups they administer.
• Managed Reporting Developer. This role can use the Developer Studio (Windows) Dashboard and Domain Builder (Java applet) interfaces to create report content for MR domains. This includes Reporting Objects which enable end users to create their own ad-hoc reports. If granted access, these users can create metadata on the server.
• Managed Reporting Users. Based on their role and privilege settings, Managed Reporting users can create and run reports and access other features such as Report Library.

Before deploying Managed Reporting, an enterprise may follow the process described in the following image.

After you have identified roles and responsibilities, the WebFOCUS Administrator should decide how users will be authenticated and authorized to use Managed Reporting (MR). For example, users authenticated by Active Directory are configured in the WebFOCUS Administration Console. Likewise, the Managed Reporting Administration interface supports user maintenance in a relational DBMS. To configure this security option, use the WebFOCUS Administration Console. It is possible to grant authorized personnel access to the WebFOCUS Administration Console, so that MR security settings can be made by the MR administrator. For more information, see the WebFOCUS Security and Administration manual.