For more information about creating symmetric keys, see Initialize a Report Server (Report Server Configuration Manager). For more information, see Delete and Re-create Encryption Keys (Report Server Configuration Manager). If for some reason you cannot restore the encryption key (for example, if you do not have a backup copy), you must delete the existing key and encrypted content. If this occurs, you might need to delete all encrypted values if you cannot restore a valid key. If you restore a copy that is not valid, the report server cannot access the encrypted data currently stored in the report server database. The symmetric key must be the same one that locks and unlocks encrypted data currently stored in the report server database. If you have the key and the password, you can run the Reporting Services Configuration tool or rskeymgmt utility to restore the key. You must also know the password that unlocks the stored copy. To restore the encryption key, you must have a copy of the encryption key on file. The previously stored symmetric key data (for example, key information that was already in the report server database from a previous deployment) is deleted. The encrypted symmetric key is stored in the report server database. The symmetric key is encrypted using the public key of the Report Server Windows service. The symmetric key is opened from the password protected backup file. Restoring encryption keys results in the following actions: Restoring an encryption key replaces an unusable key with a copy that you previously saved to disk. Restoring the symmetric key overwrites the existing symmetric key that is stored in the report server database. The following example illustrates the arguments you must specify: rskeymgmt -e -f d:\rsdbkey.snk -p You must use the -e extract argument to copy the key, provide a file name, and specify a password. Run rskeymgmt.exe locally on the computer that hosts the report server. Consider storing the file on a disk separate from the report server.īack up encryption keys -rskeymgmt (Native Mode) Specify a file to contain the stored key. Start the Report Server Configuration Manager, and then connect to the report server instance you want to configure.Ĭlick Encryption Keys, and then select Back Up. For more information, see the "Key Management" section of Manage a Reporting Services SharePoint Service Application Back up encryption keys -Report Server Configuration Manager (Native Mode) Backup SharePoint Mode Report Serversįor SharePoint mode report servers you can either use PowerShell commands or use the management pages for the Reporting Services service application. SharePoint mode: SharePoint Central Administration pages or PowerShell. Native mode: Either the Report Server Configuration Manager or the rskeymgmt utility. To backup the symmetric key, you can use the following tools: After the file is created, you must store it in a secure location and remember the password that is used to unlock the file. The symmetric key can never be stored in an unencrypted state so you must provide a password to encrypt the key when you save it to disk. Each report server instance will need its copy of the symmetric key to lock and unlock data in the report server database.īacking up the symmetric key is a process that writes the key to a file that you specify, and then scrambles the key using a password that you provide. Although you only need to back up one copy, you might need to restore the key multiple times if you are running multiple report servers in a scale-out deployment model. There is a one-to-one correspondence between a report server database and a symmetric key. You only need to back up one copy of the symmetric key. Recovering a report server installation due to hardware failure. Migrating a report server installation or configuring a report server to use a different report server database. Renaming the computer or instance that hosts the report server (a report server instance is based on a SQL Server instance name). Periodically changing an account password does not require you to reset the symmetric key. Only password resets require symmetric key restoration. Password resets are performed by a system administrator when you forget or do not know a particular password. A password reset requires permission to overwrite account information on the domain controller. Resetting the password is not the same as changing the password.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |