Oy vay. This should have been easy. But no.
Scenario
SfB EE pool. I was operating from FE01. In the same site as the “new” SSRS server.
Using NT Authentication\Network Service to run everything on the SQL install for the SSRS server.
Using an established SFBService account with known passwords.
Using Mixed Windows/SQL authentication.
Using a domain admin account for installs that is CSAdministrator and RTCUniversalServerAdmin as well as added explicitly to the SQL install perms.
Much like fellow MVP Greig Sheridan, we got this error - to quote the install wizard explicitly:
“Could not get objects from namespace root\Microsoft\SqlServer\ReportServer. The RPC server is unavailable. (Exception from HRESULT: 0x800706BA)The RPC server is unavailable. (Exception from HRESULT: 0x800706BA) Cannot get the ReportServerWebService URL. Verify that Reporting Services is deployed and configured properly on the target SQL instance:"fqdn.domain.com", and that WMI is included on the exception list of firewall setting on the server that is running Reporting Services.Invalid parameter”
Fix It.
Unlike Greig, I had no option to use a server in the same site. I was already using a server in the same site. And before you ask the obvious question, yes, it was the same AD DS site and also the same SfB site (and no they do not necessarily line up, but why would they not?)(Why make life tough?)(and yes, there are times that one SfB site might serve several AD DS sites)
We then worked through the various permissions and the frustrations associated with looking at something that should be working but not. I also queried the local system admin team and determined that leaving the server firewall disabled would create strife between them and the local SecPol Gestapo. So that option, which I was sure would fix it, was not a valid choice.
So, rather than dither and whine, I opened some firewall rules one at a time, and got success. And now I know what allows this to work.
Firewall Rules
YMMV
No comments:
Post a Comment