Normally, a user cannot see reports containing fields they don't have access to. For example, if you set the User groups property of the Salary field to "Managers," any report using that field doesn't show up in the Reports Explorer for users that aren't in the Managers group. This field-level security allows you to control which users can see sensitive information.

One downside of this is that if you want a report showing employee information but only managers should see the salary, you have to create two reports: one without Salary for most users and one with Salary for managers.

The Allow Access to Reports When No Access to Fields configuration setting can help with this. The default behavior is false, meaning that users who aren't managers can't see any report containing Salary. If you change it to true, however, you only need to create one report, which includes Salary. Users who aren't managers can see and run the report, but it acts as if the Salary field wasn't added to the report. They aren't allowed to edit the report. For users who are managers, Salary appears on the report as expected.