ConfigMgr Reporting Services Point with complex SQL | Quisitive
Managed Detection and Response Header Image - a woman checks in on security reports and data models for a client using
ConfigMgr Reporting Services Point with complex SQL
August 26, 2015
So, what happened?

In a new ConfigMgr 2012 R2 SP1 environment the Reporting Services point was proving a bit challenging to install. After setting all of the required permission it was finally happy.

Required Permissions On the SQL Server Reporting Services server, an account (in this case a domain user “functional” or “service” account) needed the following:

Membership in the server’s local Administrators group SSRS Site Settings -> System Administrator, System User SSRS Folder Settings on the root folder

-> Browser, Content Manager, My Reports, Publisher, Report Builder Scenario Details This ConfigMgr environment has a complex configuration with 3 different SQL servers in play.

Server1: ConfigMgr Primary Site server

Server2: server running SQL Server Database Engine role and configured as the ConfigMgr Site Database server

Server3: server running SQL Server Reporting Services role

Server4: server running SQL Server Database Engine role with only the ReportServer database With Server1 (ConfigMgr) and Server2 (SQL DB) configured and most functionality working (software deployment, software update deployment, OS deployment, inventory, etc.) it was time to install Reporting Services point.

We created a new ConfigMgr Site Server for Server3 using a domain user account. However, when attempting to install the Reporting Services point the following error was encountered: Unable to locate any configured SRS instances on the server.

Verify SRS is installed, accessible, and correctly configured. The “Reporting Services server instance” is blank.

We knew that SSRS was installed, configured, and working as there were two other applications already using the SRS instance in a production capacity.

We verified the domain user account could actually access the SSRS website from Server1 (the ConfigMgr server) and discovered the account was a member of the local Administrators group the account had System Administrator rights to the SSRS Site the account could not see any existing reports or report folders and the following message displayed: ” User ‘

‘ does not have required permissions. Verify that sufficient permissions have been granted and Windows User Account Control (UAC) restrictions have been addressed. ” As the screen shot shows, UAC was actually disabled already. Once the domain user account was given rights to the root folder, the Reporting Services point role could see the Reporting Services server instance the the role installed without issue. After the role installed, ConfigMgr reset its own permissions to give the domain user account only “ConfigMgr Report Users, ConfigMgr report Administrators” roles. Also, the logs for the Reporting Services point are on the SSRS server (Server3 in this case), and located at C:SMSlogs