About Me

My photo
TsooRad is a blog for John Weber. John is a Skype for Business MVP (2015-2016) - before that, a Lync Server MVP (2010-2014). My day job is titled "Technical Lead, MS UC" - I work with an awesome group of people at CDW, LLC. I’ve been at this gig in one fashion or another since 1988 - starting with desktops (remember Z-248’s?) and now I am in Portland, Oregon. I focus on collaboration and infrastructure. This means Exchange of all flavors, Skype, LCS/OCS/Lync, Windows, business process, and learning new stuff. I have a variety of interests - some of which may rear their ugly head in this forum. I have a variety of certifications dating back to Novell CNE and working up through the Microsoft MCP stack to MCITP multiple times. FWIW, I am on my third career - ex-USMC, retired US Army. I have a fancy MBA. One of these days, I intend to start teaching. The opinions expressed on this blog are mine and mine alone.

2015/06/16

Deploy SfB Monitoring Reports on separate SSRS

Oy vay.  This should have been easy.  But no.

Scenario

SfB EE pool.  I was operating from FE01.  In the same site as the “new” SSRS server.

Using NT Authentication\Network Service to run everything on the SQL install for the SSRS server.

Using an established SFBService account with known passwords.

Using Mixed Windows/SQL authentication.

Using a domain admin account for installs that is CSAdministrator and RTCUniversalServerAdmin as well as added explicitly to the SQL install perms. 

Much like fellow MVP Greig Sheridan, we got this error - to quote the install wizard explicitly:

Could not get objects from namespace root\Microsoft\SqlServer\ReportServer. The RPC server is unavailable. (Exception from HRESULT: 0x800706BA)The RPC server is unavailable. (Exception from HRESULT: 0x800706BA) Cannot get the ReportServerWebService URL. Verify that Reporting Services is deployed and configured properly on the target SQL instance:"fqdn.domain.com", and that WMI is included on the exception list of firewall setting on the server that is running Reporting Services.Invalid parameter

Fix It.

Unlike Greig, I had no option to use a server in the same site.  I was already using a server in the same site.  And before you ask the obvious question, yes, it was the same AD DS site and also the same SfB site (and no they do not necessarily line up, but why would they not?)(Why make life tough?)(and yes, there are times that one SfB site might serve several AD DS sites)

We then worked through the various permissions and the frustrations associated with looking at something that should be working but not. I also queried the local system admin team and determined that leaving the server firewall disabled would create strife between them and the local SecPol Gestapo.  So that option, which I was sure would fix it, was not a valid choice.

So, rather than dither and whine, I opened some firewall rules one at a time, and got success.  And now I know what allows this to work. 

Firewall Rules

image

image

image

YMMV

No comments:

Technical Consulting

Something went through both of my brain cells today. And to keep a long story short, it centers on your approach to the question – whatever ...