April 2, 2016 at 9:42 am
We have a customer who changed their admin password. The admin account was used as the logon identity of the SSRS service. When the password changed, SSRS stopped working.
Is there an appropriate way to change the password of the Windows account, rather than having to re-install SSRS?
April 4, 2016 at 6:55 am
I make changes via reporting services config. manager, ideally you should have different accounts for different components ( SSRS, SSAS etc) so you know that if a password change is going to be done you then know what will be affected.
April 4, 2016 at 7:16 am
We have tried that in our test environment but that doesn't work. Now, since we had a SQL Server 2016 RC1 test system already configured, we are testing with SQL 2016. Not sure if the SQL version matters, but this test environment, like our customer's environment, complains when starting up. This is the error I believe was logged:
The report server cannot access the private key for the service account. This key is used to decrypt the symmetric key that protects content in the report server database. This condition might occur after the password is reset for the report server service account. You must either restore a backup key or delete all encrypted content. ---> Microsoft.ReportingServices.Library.KeyStateNotValidException: The report server cannot access the private key for the service account. This key is used to decrypt the symmetric key that protects content in the report server database. This condition might occur after the password is reset for the report server service account. You must either restore a backup key or delete all encrypted content. ---> System.Runtime.InteropServices.COMException: Key not valid for use in specified state. (Exception from HRESULT: 0x8009000B)
So, we have been experimenting with restoring the backup keys, to no avail. Seems there should be written instructions for this outside of this error message.
April 4, 2016 at 8:39 am
Did someone create a backup copy of the symmetric key?
April 4, 2016 at 8:47 am
The customer did not. We are experimenting with that on our test environment so we can be explicit in our documentation to recommend to customers how to install SSRS. But that is where we are hitting a wall.
April 12, 2016 at 1:47 pm
If changing the password is not an option, is there a best practice where the recommendation is to use a well-known account, like Network Services, rather than a user account?
Viewing 6 posts - 1 through 5 (of 5 total)
You must be logged in to reply to this topic. Login to reply