Functions/Admin/Set-RsDatabase.ps1
# Copyright (c) 2016 Microsoft Corporation. All Rights Reserved. # Licensed under the MIT License (MIT) function Set-RsDatabase { <# .SYNOPSIS This script configures the database settings used by SQL Server Reporting Services. .DESCRIPTION This script configures SQL Server Reporting Services to either create and use a new RS database or use an existing RS database. You must be an admin in RS and SQL Server in order to perform this operation successfully. There are three phases to setup: 1. Create the PBIRS database on the database server 2. Grant the run-time user access to the PBIRS database - this user must exist before running this 3. Configure the PowerBI Report Server to use the database and run-time credentials Your admin role on SQL Server can be one of: * The account under which you run this powershell (default) * A specific set of credentials for the SQL Server which has admin rights, specified via -AdminDatabaseCredential .PARAMETER ReportServerInstance Specify the name of the SQL Server Reporting Services Instance. Use the "Connect-RsReportServer" function to set/update a default value. .PARAMETER ReportServerVersion Specify the version of the SQL Server Reporting Services Instance. Use the "Connect-RsReportServer" function to set/update a default value. .PARAMETER ComputerName The Report Server to target. Use the "Connect-RsReportServer" function to set/update a default value. .PARAMETER Credential Specify the credentials to use when connecting to the Report Server. Use the "Connect-RsReportServer" function to set/update a default value. .PARAMETER DatabaseServerName Specify the database server name. (e.g. localhost, MyMachine\Sql2016, etc.) .PARAMETER IsRemoteDatabaseServer Specify this switch if the database server is on a different machine than the machine Reporting Services is running on. .PARAMETER Name Specify the name of the RS Database. .PARAMETER IsExistingDatabase Specify this switch if the database to use already exists, and prevent creation of the database. .PARAMETER DatabaseCredentialType Indicate what type of runtime credentials to use when connecting to the database: Windows, SQL, or Service Account. .PARAMETER DatabaseCredential Specify the runtime credentials to use when connecting to the SQL Server. This credential is used for *run-time* only. It is not used for initial database setup. Note: This parameter will be ignored whenever DatabaseCredentialType is set to Service Account! .PARAMETER AdminDatabaseCredentialType Indicate what type of admin setup credentials to use when connecting to the database: Windows (current user running this powershell) or SQL. Defaults to Windows. .PARAMETER AdminDatabaseCredential Specify the admin setup credentials to use when connecting to the SQL Server. This credential is used for *setup* only; it is not used for PowerBI Report Server during runtime. Note: This parameter will be ignored whenever AdminDatabaseCredentialType is set to Service Account! .EXAMPLE Set-RsDatabase -DatabaseServerName localhost -Name ReportServer -DatabaseCredentialType ServiceAccount Description ----------- This command will create a new RS database (ReportServer) and configure Reporting Services to connect to it using Service Account credentials. .EXAMPLE Set-RsDatabase -DatabaseServerName localhost -Name ExistingReportServer -IsExistingDatabase -DatabaseCredentialType Windows -DatabaseCredential $myCredentials Description ----------- This command will configure Reporting Services to connect to an existing RS database (ExistingReportServer) using Windows credentials ($myCredentials). #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = 'High')] param ( [Parameter(Mandatory = $True)] [string] $DatabaseServerName, [switch] $IsRemoteDatabaseServer, [Parameter(Mandatory = $True)] [Alias('DatabaseName')] [string] $Name, [switch] $IsExistingDatabase, [Parameter(Mandatory = $true)] [Alias('Authentication')] [Microsoft.ReportingServicesTools.SqlServerAuthenticationType] $DatabaseCredentialType, [System.Management.Automation.PSCredential] $DatabaseCredential, [Microsoft.ReportingServicesTools.SqlServerAuthenticationType] $AdminDatabaseCredentialType, [System.Management.Automation.PSCredential] $AdminDatabaseCredential, [Alias('SqlServerInstance')] [string] $ReportServerInstance, [Alias('SqlServerVersion')] [Microsoft.ReportingServicesTools.SqlServerVersion] $ReportServerVersion, [string] $ComputerName, [System.Management.Automation.PSCredential] $Credential ) if ($PSCmdlet.ShouldProcess((Get-ShouldProcessTargetWmi -BoundParameters $PSBoundParameters), "Configure to use $DatabaseServerName as database, using $DatabaseCredentialType runtime authentication and $AdminDatabaseCredentialType setup authentication")) { $rsWmiObject = New-RsConfigurationSettingObjectHelper -BoundParameters $PSBoundParameters #region Validating authentication and normalizing credentials $username = '' $password = $null if ($DatabaseCredentialType -like 'serviceaccount') { $username = $rsWmiObject.WindowsServiceIdentityActual $password = '' } else { if ($DatabaseCredential -eq $null) { throw "No Database Credential specified! Database credential must be specified when configuring $DatabaseCredentialType authentication." } $username = $DatabaseCredential.UserName $password = $DatabaseCredential.GetNetworkCredential().Password } #endregion Validating authentication and normalizing credentials #region Validating admin authentication and normalizing credentials $adminUsername = '' $adminPassword = $null # default is Windows $isSQLAdminAccount = ($AdminDatabaseCredentialType -like "SQL") # we do not allow service account - only Windows and SQL if ($AdminDatabaseCredentialType -like 'serviceaccount') { throw "Can only use Admin Database Credentials Type of 'Windows' or 'SQL'" } # must have credentials passed if ($isSQLAdminAccount) { if ($AdminDatabaseCredential -eq $null) { throw "No Admin Database Credential specified! Admin Database credential must be specified when configuring $AdminDatabaseCredentialType authentication." } $adminUsername = $AdminDatabaseCredential.UserName $adminPassword = $AdminDatabaseCredential.GetNetworkCredential().Password } #endregion Validating admin authentication and normalizing credentials #region Create Database if necessary if (-not $IsExistingDatabase) { # Step 1 - Generate Database Script Write-Verbose "Generating database creation script..." $EnglishLocaleId = 1033 $IsSharePointMode = $false $result = $rsWmiObject.GenerateDatabaseCreationScript($Name, $EnglishLocaleId, $IsSharePointMode) if ($result.HRESULT -ne 0) { Write-Verbose "Generating database creation script... Failed!" throw "Failed to generate the database creation script from the report server using WMI. Errorcode: $($result.HRESULT)" } else { $SQLScript = $result.Script Write-Verbose "Generating database creation script... Complete!" } # Step 2 - Run Database creation script Write-Verbose "Executing database creation script..." try { if ($isSQLAdminAccount) { Invoke-Sqlcmd -ServerInstance $DatabaseServerName -Query $SQLScript -ErrorAction Stop -Username $adminUsername -Password $adminPassword } else { Invoke-Sqlcmd -ServerInstance $DatabaseServerName -Query $SQLScript -ErrorAction Stop } } catch { Write-Verbose "Executing database creation script... Failed!" throw } Write-Verbose "Executing database creation script... Complete!" } #endregion Create Database if necessary #region Configuring Database rights # Step 3 - Generate database rights script Write-Verbose "Generating database rights script..." $isWindowsAccount = ($DatabaseCredentialType -like "Windows") -or ($DatabaseCredentialType -like "ServiceAccount") $result = $rsWmiObject.GenerateDatabaseRightsScript($username, $Name, $IsRemoteDatabaseServer, $isWindowsAccount) if ($result.HRESULT -ne 0) { Write-Verbose "Generating database rights script... Failed!" throw "Failed to generate the database rights script from the report server using WMI. Errorcode: $($result.HRESULT)" } else { $SQLscript = $result.Script Write-Verbose "Generating database rights script... Complete!" } # Step 4 - Run Database rights script Write-Verbose "Executing database rights script..." try { if ($isSQLAdminAccount) { Invoke-Sqlcmd -ServerInstance $DatabaseServerName -Query $SQLScript -ErrorAction Stop -Username $adminUsername -Password $adminPassword } else { Invoke-Sqlcmd -ServerInstance $DatabaseServerName -Query $SQLScript -ErrorAction Stop } } catch { Write-Verbose "Executing database rights script... Failed!" throw } Write-Verbose "Executing database rights script... Complete!" #endregion Configuring Database rights #region Update Reporting Services database configuration # Step 5 - Update Reporting Services to connect to new database now Write-Verbose "Updating Reporting Services to connect to new database..." $result = $rsWmiObject.SetDatabaseConnection($DatabaseServerName, $Name, $DatabaseCredentialType.Value__, $username, $password) if ($result.HRESULT -ne 0) { Write-Verbose "Updating Reporting Services to connect to new database... Failed!" throw "Failed to update the reporting services to connect to the new database using WMI! Errorcode: $($result.HRESULT)" } else { Write-Verbose "Updating Reporting Services to connect to new database... Complete!" } #endregion Update Reporting Services database configuration } } |