Continuing from my problems with installing reporting services, I now turn to configuring reporting services running on Server 2008. I have a total of four front end web servers, two for staging and two for production. Each pair points to the staging and production databases respectively. I was following this Microsoft document on how to install and configure for server 2008, but still ran into some errors. Both errors where displayed in IE when trying to browse to http://localhost/reports (the report manager site).

Error #1: rsReportServerNotActivated

This turned out to be an error with the encryption keys. I searched for documentation on setting up a web farm, and from what I found, there really was no mention on syncing the encryption keys, but ultimately that's what I ended up doing to get both front end web servers to show as initialized.

Starting with my staging servers, I looked in the ReportServer.Keys table, and saw that I had two entries, one for each web server. However, run of them was missing data in the SymmetricKey column. I exported the key using the Reporting Services Configuration tool from one server, and imported that key (again using the Configuration tool).  This fixed the error on my staging server, but led be to Error #2 (see below).

On my production servers, I had web100 showing as activated, but web101 showing as not activated (nor would it activate). There was a row in the keys table for web100 and web101, but I couldn't export the key from web100 like I could in staging. Attempting to export the key from web101 gave me an error saying it couldn't export the key, which made sense since it didn't have one. I tried using TSQL to copy the contents of the row for web100 in the Keys table to web101, but while it executed, it didn't fix the problem. I was a little frustrated at this point and just deleted all three rows from the keys table.

Wait a minute, where did the 3rd row come from? Back in the configuration tool, neither server was shown as activated, in fact, neither server was shown at all! Turns out that 3rd row has some dummy data in it that must be used somewhere. In case anyone did what I did, you can just add the row back in. All columns are null except InstallationID = 00000000-0000-0000-0000-000000000000, and Client = -1.

I went back to the configuration tool on web101 and under encryption keys, I hit delete. Looking back in the Keys table I saw I had a row for web101 again, and I was able to export this key. I promptly imported this key in on web100 and both servers activated.

After a quick reboot to verify that everything worked still, I was able to move onto the staging servers and Error #2. Yes, I did backup both encryption keys to a safe location for DR purposes.

Error #2: The report server is not responding. Verify that the report server is running and can be accessed from this computer.

I was getting Error #2 on web200 (figure out our naming convention yet?). This server was also showing an error in the event log: Report Manager cannot create the trace log %Program Files%\Microsoft SQL Server\MSSQL.1\Reporting Services\LogFiles\ReportServerWebApp__06_06_2008_14_40_25.log. This indicates a problem with permissions somewhere I'm guessing.

For all of my web servers, I've created a new SqlRsAppPool set to classic mode, which runs as a domain account. This domain account is specified in the configuration tool as the account to use when connecting to the ReportServer database as well. The web service setting in the configuration tool is configured to use the Local Service account. Had I not had 3 other servers running correctly, I would have tried setting the web service to the domain account as well.

Reporting Services uses to local groups named SQLServer2005ReportingServicesWebServiceUser$MachineName$Instance and SQLServer2005ReportServerUser$MachineName$Instance, and I compared those groups between my two staging servers, and the users were the same (WebServiceUser had my domain account and ReportServerUser had Local Service). I next comapred the permissions on the folders in %Program Files%\Microsoft SQL Server\MSSQL.1\Reporting Services between both machines, and they were the same.

I decided to reboot the problem server while I went and downloaded the latest version of Process Monitor, which happens to be at v1.33. I wish I could say I found some whacky permission that didn't get set by the configuration tool, but, rebooting the server seems to have fixed the problem. I know I restarted the Reporting Services window service, but I don't think I tried restarting IIS and the app pool. Oh well, I'm sure my download of Process Monitor will not be in vain.

Other Notes

Overall the how to install and configure for server 2008 guide was pretty good. The registry keys that say that you should have don't seem to be all that important, as I was missing some of them on my working servers from the get go. I did follow the steps to enable my account to login to the report manager without using the Run As Administrator command.

Even though I have no intention of directly exposing reporting services to the Internet, I still felt that it made the most sense to install the web front end components for SQL RS on our web servers located in our presentation DMZ. However, this proved to be somewhat of a challenge.

Apparently, there is a check in the setup file that limits your installation options on Server 2008 web edition to the client tools only. It took awhile of searching on Google, but I finally found my first lead, and am embarrassed because I didn't think of it myself. All of the various SQL components have their own MSI installers on the install media, located in either Tools or Servers. For reporting services, you need to run the SqlRun_RS.msi located in Servers\Setup.

I was still running into a problem however, soon after the MSI was launched I was getting a cryptic error message, followed by a second error message stating I didn't have access to a directory. Even though I had launched windows explorer as an administrator, I still couldn't get it to run. I decided to turn off UAC, reboot and try again. This time, the install was successful. I followed up the Sql RS install by installing SQL SP2, and then turned UAC back on.

Microsoft has a good document on how to configure SQL RS on Windows Server 2008, http://support.microsoft.com/kb/938245, which is what I used for the rest of the install. The document does state that under More Information that  you can install SQL RS "On any edition of Windows Server 2008".

I think it's probably one of the nicest Saturday's of the year so far, but I thought it would be more fun to uninstall our Trial edition of TFS 2008 and install the work edition. Here are the steps I took:

• Using Windows Firewall block access to TFS and Sharepoint
• Backup all databases to another server
• Take a VMWare snapshot
• Uninstall TFS 2008
• Uninstall TFS Build 2008 ( I don't think this was necessary)
• Install TFS 2008 Workgroup **
• Install TFS 2008 Build
• Test Locally
• Remove firewall restrictions
• Test Remotely
• Remove snapsot

Things were going smoothly until I was installing TFS Workgroup, and during the database upgrade (not sure why my DBs were different between the Trial and Workgroup Edition) I got an awesome error:

Product: Microsoft Visual Studio 2008 Team Foundation Server - ENU -- Error 32000.The Commandline

'"E:\Program Files\Microsoft Visual Studio 2008 Team Foundation Server\Tools\TfsDb.exe" upgrade /server:"YourTFSServerName" /property:"TFS_SERVICE_ACCOUNT=DOMAIN\tfsserviceAccount;

TFS_REPORTING_ACCOUNT=Domain\tfsreportsAccount;

LCID=1033;VSTF_AS_INSTANCE=YourTFSDBInstance;

VSTF_AS_DATABASE=TFSWarehouse;VSTF_AS_ACCOUNT=" /showui:2622014' returned non-zero value: 100.

I decided to run the TFSdb tool from the command line, and it gives allot better information. According to the error, I needed to perform a backup log operation on my TfsWorkItemTracking database. So after doing that, that phase of the install process completed. The rest of the install process seemed to take forever, and the progress bar was about 97% to the end and just hung there for a good 3-4 minutes before it finally completed without error.

Don't ask....

• Shutdown your SQL Server service, from the services MMC
• Stop all services and applications from connecting to your SQL server. If they are connecting via the network, you could use the windows firewall to restrict access. The reason for this, is once you are in single user mode, another application may connect and consume the one connection.
• Open a command prompt window and navigate to the location of SqlServr, which should be %Program Files%\Microsoft SQL Server\MSSQL.1\MSSQL\Binn.
• Type sqlservr -m to start SQL server in single user mode
• Open Sql Server Management Studio (SSMS) and connect to your SQL server
• Fix your security
• Go back to the command prompt window and press ctrl+c, and then Y to stop SQL server
• Restart SQL server, and any dependent services (like SQL agent) in the services MMC.

If you have UAC enabled (Vista or Win2k8) you have to run the command prompt, and SSMS as an administrator.

Question...does it really matter if you deny local computer and domain administrators access to the SQL server, if any local administrator can restart SQL server in single user mode? The reason I ask, is there are a lot of "Best Practices" that say you should deny access to normal computer administrators. I've even heard that in some industries and sectors such as legal, healthcare, etc, you have to restrict who has access to the data. Maybe it's just a you need to make a good effort.

So I have been continuing on my new assignment of setting up servers for our new infrastructure, and it's somewhat boring and repetitive after the first one. I was hoping to knock out the last 3 SQL servers today, but I couldn't get our schedule maintenance plans to run. I kept getting an error stating that "The owner (Domain\User) of job <Job Name> does not have server access." Well, I am the owner, and I have SysAdmin permissions, and I am the one who created the jobs, so what could it be?

Originally I had imported the maintenance plans from a file share that I had exported the maintenance plans from a non-member server, and then imported those maintenance plans into two other servers. I tried creating a new job on one of the servers, thinking that was something wrong with the import process, but nope, I get the same error on all three servers. Another member server, configured exactly same, just setup the day before, works fine, with my account as the job owner.

Off to Google I go. I found some references to the error, but allot of them were for a KB article relating to SQL 2000, and it had a service pack fix. I did find a command ( exec xp_logininfo 'username' ), which is supposed to help you verify if your account is setup correctly, and apparently mine is not. I get an empty result set on the 3 servers I am having problems with, and one row with the correct information on the working server.

I was actually happy to see the empty row set on the three non-working servers, as now I can search on exec xp_logininfo instead of the error I was getting with the job, to hopefully find a solution to my problem. Unfortunatly, I didn't get many hits that applied to my situation. Running the xp_loginfo on both the working and non-working servers yielded some interesting information. I decided to add a domain group that my account belonged to, to both a working and non-working server. Re-running the xp_logininfo showed 1 row on the non-working server, and 2 rows on the working server. The permission path column on the working server showed null for the first row (which was present before adding the group), and the 2nd row shows the group I just added (which is the same as the non-working server after adding the group).

Somehow, the one working server has some extra permission set somewhere. I think this may be because I might have manually added my domain account on the working server, but I let a MS tool that auto-runs after SQL SP2 add my account. Sure enough, adding my domain account manually fixed the original problem, and the results of the xp_logininfo now match between all servers.

I've been working on setting up servers the past week, and will be continuing for the rest of may. Included in that are BizTalk and SQL servers. Part of our setup procedure is to document everything so that we have consistency between servers. It's boring and tedious but necessary.

While looking up some info on DB Mail in SQL 2005, I came across a good post by Brent Ozar on some post install steps.  It covered a few things I hadn't thought about, but have since added to our build documentation.

Brent's post also had links to the SQL 2005 Dashboard Performance Reports. One of the links was to an excellent write up of the installation and use of the reports by Brad McGehee.

Today I downloaded and installed the Sql Server 2005 Express Advanced edition for a test project I was working on. I needed to enable remote connections, so I when to the surface area configuration wizard and enabled remote connections thru tcp, and I opened port 1433 on the computer's firewall. However, I could not connect.

Running a netstat -an showed nothing listening on port 1433. Doing some searching I found an outdated post on the sql express blog that helped me fix the problem.

1. Open Sql Server Configuration Manager
2. Expand Protocols for SQLEXpress under SqlServer 2005 Network Configuration and click on Tcp/Ip
3. On the IP Addresses tab, scroll to find the IpAny entry.
4. Clear out the field for dynamic ports and put in 1433 for the TCP Port
5. Restart SQL Server.

The reason you have to do this, is by default the SqlBrowser service (port 1434) is not running by default. When clients try to connect, they must know the port to connect to. The default sql port is 1433, so once we have that setup, even if the SqlBrowser service is not running, or is blocked by the firewall, we can still connect.

Over the last couple of weeks I've been in the process of rebuilding my primary workstation at home, installing server 2008, hyper-v, creating VM's, etc. I finally got around to importing my RSS feed list and found plenty to catch up on. This post is basically just a series of links to posts that I've missed over the past couple of weeks.

• Asp.Net MVC Source Refresh posted by ScottGu - The latest source code for the upcoming MVC addition to Asp.Net has been posted on CodePlex. The official preview 3 release is due in a couple of weeks and will provide a "hassle-free" installation. Scott points out that the unit tests for the MVC project have been released, and that they are using MSTest (no surprise there) and Moq, an open source mocking framework.
• Hanselminutes 109 Dynamic Data - Scott interviews Scott Hunter, Sr Program Manager @ Microsoft about the Asp.Net dynamic data project. The most important thing I took away from this pod cast was that Dynamic Data is not a tool to create prototype web sites or scafolding. This was just the first demo, and unfortunately it has left some negative impressions.
• Building a HTPC posted by Jeff - This is an amazing post showing how cheap you can build a kick ass HTPC using the new AMD 780G platform. The 780G has a ATI HD3200 chipset which supports HDCP and decoding of blu-ray. I may just look to sell my old AMD Operton 165 parts to finance a HTPC running on the 780G platform. I decided to order the Kill-A-Watt power meter recommended by Jeff as well to see how much it's costing me to run 3 folding instances on my new box ;)
• NET Micro Framework vs. Microsoft Robotics Studio, Introduction to Port-Based Asynchronous Messaging, Phidgets Robotics Programming in C# posted by Dan Vanderboom - That's three posts from Dan, all of which hit close to home. I've been working with the Phidgets RFID reader for almost a year now and taking advantage of Robotics Studio on the Compact Framework sounds vary promising. 

Last week I ran into an issue where I needed to boot into DOS in order to update some firmware on our servers. Problem was, the servers didn't have a floppy drive, but they did have USB and CD-Rom. I had a bootable CD-Rom in the form of the Ultimate Boot CD (UBCD), which has a batch file included for turning a USB memory stick into a bootable device, complete with the contents for the UBCD.

A USB memory stick is allot easier to carrier around then a CD. In fact, I keep a 2GB USB memory stick on my key chain, and the UBCD only takes up ~120MB. The only downside is the UBCD contents are stored on the root of the USB drive. I keep things clean by creating a folder named _files in the root, which is where I stick all of my files, and this seems to work. I also wanted to add DSL, as it can be booted, or run from inside windows.

Installation - UBCD

Obtain a USB drive/stick. I picked up a 2GB San Disk Cruzer for $17 on sale at best buy. It comes with something called U3, which thankfully you can uninstall by using a program you can download from here. You have to go thru a bunch of marketing screens telling you how cool U3 is.

Next Download the ultimate boot cd and burn it to a CD. You could probably also mount it using a mounting tool but I did not try this. Use the ubcd2usb.bat file located in tools\ubcd2usb to format your usb drive, make it bootable and install the contents of the UBCD to it.

I've run into a couple of problems on this step. First, it seems to fail under Vista, but I only had one USB stick left to format at the time. It works fine on WinXP and Win2k3.

For the SanDisk U3 stick, I formatted it first from the command prompt after removing the U3 software and this seems to have helped it. I think it may have gotten corrupted when I tried using Vista after removing the U3. A co-worker of mine has the exact same USB stick, but I know he used XP and had no problems

Install DSL

The following instructions are based on this forum post which was written for DSL 3.2. My instructions work with the latest version (4.x) and allow you to boot from your USB drive using Qemu, or boot into DSL when your computer boots up.

First download the latest version of DSL. I used this link (Check the DSL download page for a list of current mirrors), which is for the embedded version (zip file, not an .iso). Then I extracted the contents of the .zip file to a temporary folder (c:\temp\dsl) and created a folder on the root of my USB drive called DSL (\DSL).

Copy KNOPPIX to the root of your USB drive, then copy the all of the extracted DSL contents except KNOPPIX to /custom/DSL. Edit the .bat files in /custom/dsl updating the path to KNOPPIX as /KNOPPIX. Finally edit \custom\custom.cfg with a text editor adding a label for choosing DSL. Your custom.cfg might look something like this:

MENU INCLUDE /menus/defaults.cfg
LABEL back
  MENU LABEL ..
  KERNEL menu.c32
  APPEND /menus/main.cfg
LABEL dsl
  MENU LABEL DSL V4.2
  KERNEL /custom/dsl/linux24
  APPEND ramdisk_size=100000 init=/etc/init lang=us apm=power-off vga=791 initrd=/custom/dsl/minirt24.gz nomce noapic quiet BOOT_IMAGE=knoppix

You should now be able to boot DSL from the Qemu emlator by using the bat files in /custom/dsl, or boot DSL from the UBCD menu (Custom Tools\DSL 4.2). I could not figure out how to get DSL to boot thru UBCD with KNOPPIX in the DSL folder, only with it in the root of the USB drive. A minor inconvenience.

Final Thoughts 

I decided to remove the autorun.inf and website folder which was installed from UBCD. I was going to remove the tools folder, but then realized that by keeping those on there, I could easily create this same setup on other USB sticks for friends.

A similar utility disk is the Ultimate Boot CD for Windows (UBCD4Win). The application you download from the UBCD4Win takes files from a WinXP (SP2 recommended) disk, and creates a bootable CD with utility applications. However, it sounds like you are limited to booting computers which have a similar version of Windows (XP, Server 2003), especially for the NTFS utilities.

Scott blogged about mutli-core builds using MSBuild from the command line, as well as a "hack" from within Visual Studio. I followed the instructions as outlined in the 2nd post and it seems to work for the most part. The solution I was trying it on was fairly small and contained a mix of Compact (CF) and Full (FF) framework projects which seem to cause some issues.

As pointed out in the 2nd post, you are not going to see much advantage to multi-core builds for small projects. I will probably revisit this when my project gets allot larger, as well as look into build configurations and targets (custom MSBuild Files) for my CF/FF project mix.