The report server cannot access the private key for the service account.

Reporting Services Error

    The report server cannot access the private key for the service account. This key is used to decrypt the symmetric key that protects content in the report server database. This condition might occur after the password is reset for the report server service account. You must either restore a backup key or delete all encrypted content. (rsKeyStateNotValid) Get Online Help
        For more information about this error navigate to the report server on the local server machine, or enable remote errors

I have read over the other post regarding this error such as

I have to ask though, as it sounds scary to loose all encrypted data, but what exactly is that data and can it be replaced?

I have a box i have had to take over and the person who set it up used the local Administrator account as the service account, but that password had to be reset to get into the box so now the Key is not working and i get the above error.

My concern is that if i delete this key to create a new one, what actual data could i lose?

Should i do a backup of data sources or anything else i could restore after?

I ran this query from stack to get the data sources and their names
    C2.Name AS Data_Source_Name,
    C.Name AS Dependent_Item_Name,
    C.Path AS Dependent_Item_Path
    ReportServer.dbo.DataSource AS DS
        INNER JOIN
    ReportServer.dbo.Catalog AS C
            DS.ItemID = C.ItemID
            DS.Link IN (SELECT ItemID FROM ReportServer.dbo.Catalog
                        WHERE Type = 5) --Type 5 identifies data sources
    ReportServer.dbo.Catalog C2
            DS.Link = C2.ItemID
    C2.Type = 5
    C2.Name ASC,
    C.Name ASC;

Open in new window

I guess my concern is if i delete and re-create this key, i could cause even more damage. or will this not cause that sort of issue?

And yes, my MSSQL knowledge is limited (can you tell!), especially when it comes to Reporting Services and i am the only person who can do this.
Who is Participating?
Nico BontenbalConnect With a Mentor Commented:
This article from MS also describes what gets deleted when you delete the encryption key:
It's in the part titled 'Deleting Unusable Encrypted Content'. So if you have all the information you need to recreate the data sources (server names, database names, passwords etc.) you won't have much trouble recreating them (unless you have a lot then it will take a lot of time).
If you want to make sure you are not going to make it worse you could migrate the report server to another machine ( and test it on that machine first.
MathiauAuthor Commented:
you must redefine all data sources and subscriptions

This is what has me worried i guess
MathiauAuthor Commented:
Well here is the good news!

I went in and reset the admin password back to an old one i had saved in my keepass, and tada! it works again so i made an immediate backup of the key

So, if you change the password by accident, but know the old one, change it back and you will get access again.

Appreciate the migration link, i may have to do that myself as we were just starting a project to move the reporting server to a new system.
MathiauAuthor Commented:
not only answered but provided links for further research.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.