BitLocker Portal

Matt Dillon 1,211 Reputation points
2021-05-27T21:35:22.777+00:00

Its a rights issue and I have no idea how to correct, but when I run the .\MBAMWebSiteInstaller.ps1 script, I get the following error:

Set-MachineUserOnSql : Unable to set permissions for machine on SQL server: Exception calling "ExecuteNonQuery" wi
"0" argument(s): "User does not have permission to perform this action.
User does not have permission to perform this action.
Cannot alter the role 'smsdbrole_AUDITMBAM', because it does not exist or you do not have permission."
At E:\InstallFiles\MBAM\MBAMWebSiteInstaller.ps1:1327 char:16

  • $success = Set-MachineUserOnSql
  • ~~~~~~~~~~~~~~~~~~~~
  • CategoryInfo : NotSpecified: (:) [Write-Error], WriteErrorException
  • FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,Set-MachineUserOnSql

Install-MBAMWebSites : Failure setting machine account privileges on SQL
At E:\InstallFiles\MBAM\MBAMWebSiteInstaller.ps1:1468 char:5

  • Install-MBAMWebSites -SqlServerName $SqlServerName -SqlInstanceNa ...
  • ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  • CategoryInfo : NotSpecified: (:) [Write-Error], WriteErrorException
  • FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,Install-MBAMWebSites

I don't have the foggiest idea how to add or subtract SQL perms.

Microsoft Configuration Manager
0 comments
Accepted answer
  1. Matt Dillon 1,211 Reputation points
    2021-05-28T13:50:19.733+00:00

    "The user account that runs the portal installer script needs SQL sysadmin rights on the site database server."

    I ended up logging in using the SA account and adding sysadmin role to the account I was using to run the script.

    I now get a portal. It only works at http not https. Not sure why that is and I cannot run a recovery audit report from the portal. Getting a Refused to connect error. I'll hammer away at this. At least I got my portal and I can get recovery keys from it. - Disregard

    I got this working fully. I used Reports instead of ReportServer when running the script.

    Can someone verify if I uninstall this and rerun using https instead of http - will it only work using https?

    0 comments

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. AllenLiu-MSFT 40,551 Reputation points Microsoft Vendor
    2021-05-28T02:52:36.87+00:00

    Hi, @Matt Dillon
    Thank you for posting in Microsoft Q&A forum.
    What is the command line when you run the script MBAMWebSiteInstaller.ps1?
    Do you use the parameters -DomainName? Someone solved the same issue by using domain name instead of FQDN after -DomainName. You may try it to see if it helps.

    If the response is helpful, please click "Accept Answer" and upvote it.
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.