I have a request from a dev team to create a proxy account for SSRS.
Their stated goal is to reduce administrative burden.
They want reports to use a data source with embedded credentials. The account would have permissions on the databases in question to access the data/procedures to fulfill the reports.
I can agree with that. It's easier then ensuring each user has the correct permissions on every table.
They also want this account to be included in the DBO role for every user database. At this point I get nervous.
Is this a standard practice? How are others dealing with this scenario?
Bless it or counter it?