diff --git a/services/common/src/main/java/org/collectionspace/services/common/ServiceMain.java b/services/common/src/main/java/org/collectionspace/services/common/ServiceMain.java
index dbd183ddd4..2388cb7a92 100644
--- a/services/common/src/main/java/org/collectionspace/services/common/ServiceMain.java
+++ b/services/common/src/main/java/org/collectionspace/services/common/ServiceMain.java
@@ -117,6 +117,8 @@ private static void mirrorToStdOut(String str) {
     private static final String DROP_OBJECTS_SQL_COMMENT = "-- drop all the objects before dropping roles";
 	private static final String CSPACE_JEESERVER_HOME = "CSPACE_JEESERVER_HOME";
 
+	private static final String CSPACE_UTILS_SCHEMANAME = "utils";
+
     private ServiceMain() {
     	// Intentionally blank
     }
@@ -770,7 +772,7 @@ public void firePostInitHandlers() throws Exception {
                     Object o = instantiate(initHandlerClassname, IInitHandler.class);
                     if (o != null && o instanceof IInitHandler){
                         IInitHandler handler = (IInitHandler)o;
-                        handler.onRepositoryInitialized(JDBCTools.NUXEO_DATASOURCE_NAME, repositoryName, cspaceInstanceId,
+                        handler.onRepositoryInitialized(JDBCTools.CSADMIN_NUXEO_DATASOURCE_NAME, repositoryName, cspaceInstanceId,
                         		sbt, fields, props);
                         //The InitHandler may be the default one,
                         //  or specialized classes which still implement this interface and are registered in tenant-bindings.xml.
@@ -957,7 +959,8 @@ private HashSet<String> createNuxeoDatabases() throws Exception {
 							JDBCTools.createNewDatabaseUser(JDBCTools.CSADMIN_DATASOURCE_NAME, repositoryName, cspaceInstanceId, dbType, readerUser, readerPW);
 						}
 						// Create the database
-						createDatabaseWithRights(dbType, dbName, nuxeoUser, nuxeoPW, readerUser, readerPW);
+						createDatabaseWithRights(dbType, dbName, nuxeoUser, nuxeoPW, readerUser);
+						createUtilsSchemaWithRights(dbType, nuxeoUser, repositoryName, cspaceInstanceId);
 						initRepositoryDatabaseVersion(JDBCTools.NUXEO_DATASOURCE_NAME, repositoryName, cspaceInstanceId);
 					}
 					nuxeoDBsChecked.add(dbName);
@@ -984,7 +987,7 @@ private HashSet<String> createNuxeoDatabases() throws Exception {
 	 * @throws Exception
 	 */
 	private void createDatabaseWithRights(DatabaseProductType dbType, String dbName, String ownerName,
-			String ownerPW, String readerName, String readerPW) throws Exception {
+			String ownerPW, String readerName) throws Exception {
 		Connection conn = null;
 		Statement stmt = null;
 		
@@ -1009,30 +1012,56 @@ private void createDatabaseWithRights(DatabaseProductType dbType, String dbName,
 				}
 				// Note that select rights for reader must be granted after
 				// Nuxeo startup.
-			} else if (dbType == DatabaseProductType.MYSQL) {
-				sql = "CREATE database " + dbName + " DEFAULT CHARACTER SET utf8";
-				stmt.executeUpdate(sql);
-				sql = "GRANT ALL PRIVILEGES ON " + dbName + ".* TO '" + ownerName + "'@'localhost' IDENTIFIED BY '"
-						+ ownerPW + "' WITH GRANT OPTION";
+			} else {
+				throw new UnsupportedOperationException(String.format("", dbType));
+			}
+		} catch (Exception e) {
+			String errMsg = String.format("The following SQL statement failed using credentials from datasource '%s': %s",
+					JDBCTools.CSADMIN_DATASOURCE_NAME, sql);
+			logger.error("createDatabaseWithRights failed on exception: " + e.getLocalizedMessage());
+			if (errMsg != null) {
+				logger.error(errMsg);
+			}
+			throw e; // propagate
+		} finally { // close resources
+			try {
+				if (stmt != null) {
+					stmt.close();
+				}
+				if (conn != null) {
+					conn.close();
+				}
+			} catch (SQLException se) {
+				se.printStackTrace();
+			}
+		}
+	}
+	
+	/*
+	 * For a specific repo/db, create a schema for misc SQL functions
+	 */
+	private void createUtilsSchemaWithRights(DatabaseProductType dbType, String ownerName,
+			String repositoryName, String cspaceInstanceId) throws Exception {
+		Connection conn = null;
+		Statement stmt = null;
+		
+		String sql = null;
+		try {
+			conn = JDBCTools.getConnection(JDBCTools.CSADMIN_NUXEO_DATASOURCE_NAME, repositoryName, cspaceInstanceId);
+			stmt = conn.createStatement();
+			if (dbType == DatabaseProductType.POSTGRESQL) {
+				sql = "CREATE SCHEMA IF NOT EXISTS " + CSPACE_UTILS_SCHEMANAME + " AUTHORIZATION " + ownerName;
 				stmt.executeUpdate(sql);
 				if (logger.isDebugEnabled()) {
-					logger.debug("Created db: '" + dbName + "' with owner: '" + ownerName + "'");
-				}
-				if (readerName != null) {
-					sql = "GRANT SELECT ON " + dbName + ".* TO '" + readerName + "'@'localhost' IDENTIFIED BY '"
-							+ readerPW + "' WITH GRANT OPTION";
-					stmt.executeUpdate(sql);
-					if (logger.isDebugEnabled()) {
-						logger.debug(" Granted SELECT rights on: '" + dbName + "' to reader: '" + readerName + "'");
-					}
+					logger.debug("Created SCHEMA: '" + CSPACE_UTILS_SCHEMANAME + "' with owner: '" + ownerName + "'");
 				}
 			} else {
-				throw new UnsupportedOperationException("createDatabaseWithRights only supports PSQL - MySQL NYI!");
+				throw new UnsupportedOperationException("CollectionSpace supports only PostgreSQL database servers.");
 			}
 		} catch (Exception e) {
 			String errMsg = String.format("The following SQL statement failed using credentials from datasource '%s': %s",
-					JDBCTools.CSADMIN_DATASOURCE_NAME, sql);
-			logger.error("createDatabaseWithRights failed on exception: " + e.getLocalizedMessage());
+					JDBCTools.CSADMIN_NUXEO_DATASOURCE_NAME, sql);
+			logger.error("createUtilsSchemaWithRights() failed with exception: " + e.getLocalizedMessage());
 			if (errMsg != null) {
 				logger.error(errMsg);
 			}
diff --git a/services/common/src/main/resources/db/postgresql/grant_pahma_reporters_privileges.sql b/services/common/src/main/resources/db/postgresql/grant_pahma_reporters_privileges.sql
index 7bee1875d9..11540b4a0e 100644
--- a/services/common/src/main/resources/db/postgresql/grant_pahma_reporters_privileges.sql
+++ b/services/common/src/main/resources/db/postgresql/grant_pahma_reporters_privileges.sql
@@ -4,7 +4,8 @@ BEGIN
       SELECT *
       FROM   pg_catalog.pg_group
       WHERE  groname = 'reporters_pahma') THEN
-
-      GRANT SELECT ON ALL TABLES IN SCHEMA public TO GROUP reporters_pahma;
+   ELSE
+      CREATE ROLE reporters_pahma with nologin;
    END IF;
+   GRANT SELECT ON ALL TABLES IN SCHEMA public TO GROUP reporters_pahma;
 END $$;
diff --git a/services/report/3rdparty/jasper-cs-report/src/main/resources/tenants/pahma/payloads/2021NAGPRASAMPLE.xml b/services/report/3rdparty/jasper-cs-report/src/main/resources/tenants/pahma/payloads/2021NAGPRASAMPLE.xml
new file mode 100644
index 0000000000..f25a7db202
--- /dev/null
+++ b/services/report/3rdparty/jasper-cs-report/src/main/resources/tenants/pahma/payloads/2021NAGPRASAMPLE.xml
@@ -0,0 +1,64 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<document name="collectionobjects">
+    <ns2:collectionobjects_common xmlns:ns2="http://collectionspace.org/services/collectionobject" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+        <objectNumber>2021NAGPRASAMPLE</objectNumber>
+    </ns2:collectionobjects_common>
+    <ns2:collectionobjects_nagpra xmlns:ns2="http://collectionspace.org/services/collectionobject/domain/nagpra" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+        <graveAssocCodes>
+            <graveAssocCode>urn:cspace:pahma.cspace.berkeley.edu:vocabularies:name(pahmaNagpraCodeLegacies):item:name(pahmaNagpraCodeLegacies10)' 10: not reportable'</graveAssocCode>
+        </graveAssocCodes>
+        <repatriationNotes>
+            <repatriationNote>Repat notes for MN 2021NAGPRASAMPLE</repatriationNote>
+        </repatriationNotes>
+        <nagpraCategories>
+            <nagpraCategory>urn:cspace:pahma.cspace.berkeley.edu:vocabularies:name(nagpraPahmaApplicabilities):item:name(nagpraPahmaApplicabilities01)'affiliated human skeletal remains (HSR)'</nagpraCategory>
+        </nagpraCategories>
+        <nagpraReportFiledGroupList>
+            <nagpraReportFiledGroup>
+                <nagpraReportFiledWith>urn:cspace:pahma.cspace.berkeley.edu:orgauthorities:name(organization):item:name(NAGPRA1611346562666)'NAGPRA'</nagpraReportFiledWith>
+                <nagpraReportFiledNote>RH note for PAHMA-NAGPRA Staff</nagpraReportFiledNote>
+                <nagpraReportFiledDate>
+                    <scalarValuesComputed>true</scalarValuesComputed>
+                    <dateEarliestSingleCertainty/>
+                    <dateEarliestSingleQualifierUnit/>
+                    <dateDisplayDate>1/1/2001</dateDisplayDate>
+                    <dateLatestScalarValue>2001-01-02T00:00:00.000Z</dateLatestScalarValue>
+                    <dateEarliestSingleQualifierValue/>
+                    <datePeriod/>
+                    <dateLatestEra/>
+                    <dateEarliestSingleDay>1</dateEarliestSingleDay>
+                    <dateEarliestSingleQualifier/>
+                    <dateEarliestSingleYear>2001</dateEarliestSingleYear>
+                    <dateLatestCertainty/>
+                    <dateAssociation/>
+                    <dateLatestDay/>
+                    <dateEarliestSingleMonth>1</dateEarliestSingleMonth>
+                    <dateEarliestSingleEra>urn:cspace:pahma.cspace.berkeley.edu:vocabularies:name(dateera):item:name(ce)'CE'</dateEarliestSingleEra>
+                    <dateLatestYear/>
+                    <dateLatestQualifierUnit/>
+                    <dateNote/>
+                    <dateLatestQualifierValue/>
+                    <dateLatestQualifier/>
+                    <dateEarliestScalarValue>2001-01-01T00:00:00.000Z</dateEarliestScalarValue>
+                    <dateLatestMonth/>
+                </nagpraReportFiledDate>
+                <nagpraReportFiled>true</nagpraReportFiled>
+                <nagpraReportFiledBy>urn:cspace:pahma.cspace.berkeley.edu:orgauthorities:name(organization):item:name(PAHMANAGPRAStaff1611346539517)'PAHMA-NAGPRA Staff'</nagpraReportFiledBy>
+            </nagpraReportFiledGroup>
+        </nagpraReportFiledGroupList>
+        <nagpraCulturalDeterminations>
+            <nagpraCulturalDetermination>PAHMA cultural determination notes for 2021NAGPRASAMPLE</nagpraCulturalDetermination>
+        </nagpraCulturalDeterminations>
+        <nagpraInventoryNames>
+            <nagpraInventoryName>urn:cspace:pahma.cspace.berkeley.edu:vocabularies:name(nagpraPahmaInventoryNames):item:name(nagpraPahmaInventoryNames01)'AK-Alaska'</nagpraInventoryName>
+        </nagpraInventoryNames>
+        <nagpraDetermGroupList>
+            <nagpraDetermGroup>
+                <nagpraDetermType>urn:cspace:pahma.cspace.berkeley.edu:vocabularies:name(nagpradetermtype):item:name(unknown1)'unknown1'</nagpraDetermType>
+                <nagpraDetermBy>urn:cspace:pahma.cspace.berkeley.edu:personauthorities:name(person):item:name(NatashaJohnson1611346486489)'Natasha Johnson'</nagpraDetermBy>
+                <nagpraDetermNote>CD note for 2021NAGPRASAMPLE</nagpraDetermNote>
+                <nagpraDetermCulture>urn:cspace:pahma.cspace.berkeley.edu:orgauthorities:name(organization):item:name(KaagwaantaanClanofKlukwan1611346415910)'Kaagwaantaan Clan of Klukwan'</nagpraDetermCulture>
+            </nagpraDetermGroup>
+        </nagpraDetermGroupList>
+    </ns2:collectionobjects_nagpra>
+</document>