This blog is owned and operated by the ANZ ConfigMgr Premier Field Engineer team.
Ian BartlettMatt ShadboltGeorge Smpyrakis
This post will step you through the process of creating custom reports in ConfigMgr 2012 R2 that will enforce your Role Based Access Control (RBAC) policies. Configuration Manager reports are now fully enabled for role-based administration. The data for all reports included with Configuration Manager is filtered based on the permissions of the administrative user who runs the report. Administrative users with specific roles can only view information defined for their roles. TechNet reference
Using SQL Management Studio, confirm your SQL query against the new fn_rbac table views passing through the ('disabled') parameter to bypass the requirement of passing through a user SID
Confirm you can see Dataset values and select the type of Report you want to create
Create a New Dataset
NOTE: If you do not see the REFERENCES option, try and run your report, it will fail however will present the References parameters
To test I have granted an admin account "sccm2012r2\Ian" that is limited only to the collection called "Ian's Collection"
Launch the ConfigMgr console using SCCM2012R2\Ian