The permissions granted to user 'Domain\UserName' are insufficient for performing this operation.

Published: 2007-03-22


Last Updated: 2018-03-20


Applies To




When running the Data Maintenance Application for Guard1 Plus or Guard1 Plus SE version 5




When attempting to view a Guard1 Plus or Guard1 Plus SE Reporting Services report, you receive one of the following Reporting Services errors in the browser:



- or -



Where Domain\UserName is the PC or domain name and the user name of the Windows User Account that is currently logged in to the PC.



If you try to browse to the Report Server Home Page (http://ReportServerName/Reports or http://ReportServerName/Reports_GUARD1PLUS) a similar error is returned:








Verify that you are using a supported default browser such as Internet Explorer, Chrome or Firefox.  Windows 10 users must change their default browser to something other than Microsoft Edge when using Guard1 Plus. Edge will work on Guard1 Plus SE Client workstations when connecting to a Report Server on another PC.


If you are trying to view the report on Windows Server OS, you must turn Internet Explorer Enhanced Security off via Server Manager.


If browsers other than Edge return the error, it's most likely due to insufficient permissions on the Report Server. Microsoft Reporting Services requires that all users of a report are identified by their Windows login account in Report Manager. By default, Reporting Services grants access to Administrators only.



Users must have Content Manager permissions to the Guard1 Plus reports folder.


To configure Reporting Services permissions:

  1. Log in to Windows as an Administrator.
    • Note: in an Active Directory environment, the account used must be a Reporting Services System Administrator.
  2. Open your Web Browser and type one of the following in the Address Bar, then press Enter:
    • For Guard1 Plus , enter: http://PCName/Reports_GUARD1PLUS (where PCName is the name of the computer).
    • For Guard1 Plus SE, enter: http://ReportServerName/Reports (where ReportServerName is the name of the SQL Reporting Services server (typically the same as the SQL Server).
  3. At the SQL Server Reporting Services Home page, click Folder Settings on the menu bar.
  4. On the Folder Settings page, click Security in the left pane.
  5. Click New Role Assignment.
  6. In the Group or user name field, enter the name of the User or Group (e.g. JSmith or Users (for a local account or group) or Domain\JSmith or Domain\Domain Users (for a domain account or group)).
    • Guard1 Plus: If the PC is not a member of a domain, add the local PC Users group (i.e. Users). If the PC is a member of a domain, add the local PC Users group and the Domain Users group (i.e. Users and Domain\Domain Users).
    • Guard1 Plus SE: At minimum, all users that will be using Guard1 Plus should be added.
  7. Select the Content Manager role.
  8. Click OK.
  9. Repeat steps 4-8 for other Users or Groups you'd like to add.
  10. Click Home at the top right of the screen.
  11. If the G1PSE folder is present, continue to Step 12.  If it is not present, no further action with Reporting Services is necessary. Run the Data Maintenance Application to deploy the G1PSE folder and its contents.
  12. Click the dropdown arrow for the G1PSE folder and select Security. (G1PSE is the default name for the Guard1 Plus reports folder; Guard1 Plus SE allows you to specify a custom name).
  13. On the menu bar, click Revert to Parent Security.
  14. Click OK. This will propagate the top level folder security settings applied above to the entire G1PSE folder structure.
  15. When finished, exit the browser. Users should now be able to run the Data Maintenance Application and view Guard1 Plus reports without error.




















Copyright © TimeKeeping Systems, Inc.