删除报表服务器（2014 本机模式）加密密钥和数据 [PowerShell]

Question

从图像克隆实例后，需要执行一些手动步骤才能使报表服务器正常工作。其中包括删除所有加密数据，包括报表服务器数据库上的对称密钥实例。

此步骤要求我通过 RDP 连接到有问题的服务器，打开 Reporting Services 配置管理器并手动删除加密数据。

没有执行此步骤，我在尝试加载新服务器的报表服务器界面时出现以下错误：

The report server cannot open a connection to the report server database. A connection to the database is required for all requests and processing. (rsReportServerDatabaseUnavailable)

我正在尝试自动执行此步骤，以便它 运行 作为 PowerShell 脚本的一部分远程删除加密数据。

我知道 'rskeymgmt -d' 但这会在 运行 时提示用户输入，并且没有可用的强制标志来绕过这个额外的输入，使其无法远程用于 运行ning据我所知：

C:\>rskeymgmt -d
All data will be lost.  Are you sure you want to delete all encrypted data from
the report server database (Y/N)?

Answer 1

我找到了解决这个问题的方法。通过远程 PowerShell 会话调用 RSKeyMgmt -d 并将 Y 字符串传递给调用会传递 RSKeyMgmt 提示用户输入的参数。此方法基于Som DT's post on backing up report server encryption keys

我附上了我在环境克隆过程中使用的完整脚本。

<#
.SYNOPSIS
    Deletes encrypted content from a report server

.PARAMETER MachineName
    The name of the machine that the report server resides on

.EXAMPLE
    ./Delete-EncryptedSsrsContent.ps1 -MachineName 'dev41pc123'
    Deletes encrypted content from the 'dev41pc123' report server
 #>

param([string]$MachineName = $(throw "MachineName parameter required, for command line usage of this script, type:  'get-help ./Delete-EncryptedSSRS.ps1 -examples'"))

trap [SystemException]{Write-Output "`n`nERROR: $_";exit 1}
Set-StrictMode -Version Latest

try
{
    Write-Output "`nCreating remote session to the '$machineName' machine now..."
    $session = New-PSsession -Computername $machineName
    Invoke-Command -Session $Session -ScriptBlock {"Y" | RSKeyMgmt -d}
}
catch
{
    Write-Output "`n`nERROR: $_"
}
finally
{
    if ($Session)
    {
        Remove-PSSession $Session
    }
}

Answer 2

这是 ShaneC 解决方案的概括，支持删除非默认实例上的加密内容：

<#
.SYNOPSIS
    Deletes encrypted content from a report server

.PARAMETER MachineName
    The name of the machine that the report server resides on

.EXAMPLE
    ./Delete-EncryptedSsrsContent.ps1 -MachineName 'dev41pc123'
    Deletes encrypted content from the default instance (MSSQLSERVER) of the 'dev41pc123' report server

.EXAMPLE
    ./Delete-EncryptedSsrsContent.ps1 -MachineName 'dev41pc123' -InstanceName 'NonDefault'
    Deletes encrypted content from the specified non-default instance (e.g. NonDefault) of the 'dev41pc123' report server
 #>

param(
    [Parameter(Mandatory=$true)]
    [string]$MachineName = $(throw "MachineName parameter required, for command line usage of this script, type:  'get-help ./Delete-EncryptedSSRS.ps1 -examples'"),

    [Parameter(Mandatory=$false)]
    [string]$InstanceName)

trap [SystemException]{Write-Output "`n`nERROR: $_";exit 1}
Set-StrictMode -Version Latest

try
{
    Write-Output "`nCreating remote session to the '$MachineName' machine now..."
    $session = New-PSsession -Computername $MachineName
    if ([string]::IsNullOrEmpty($instanceName))
    {
        Invoke-Command -Session $Session -ScriptBlock {"Y" | RSKeyMgmt.exe -d}
    }
    else
    {
        Write-Output "`nDeleting all encrypted content from the $InstanceName instance on the $MachineName machine now...`n" 
        $command = """Y""| RSKeyMgmt.exe -d -i""" + $InstanceName + """"
        Invoke-Command -Session $Session -ScriptBlock { Invoke-Expression $args[0] } -ArgumentList $command
        Write-Output "`n"
    }
}
catch
{
    Write-Output "`n`nERROR: $_"
}
finally
{
    if ($Session)
    {
        Remove-PSSession $Session
    }
}