hannah Posted October 28, 2020 Report post Posted October 28, 2020 I run the script for creating a BitLocker portals. , I tried to access the portal but cannot connect it keeps prompting for the credential. Quote Share this post Link to post Share on other sites More sharing options...
anyweb Posted October 28, 2020 Report post Posted October 28, 2020 have you seen my guide here Quote Share this post Link to post Share on other sites More sharing options...
hannah Posted October 29, 2020 Report post Posted October 29, 2020 yes, i've seen your guide. and i don't what i missed in the configuration. this is my first implementation of bitlocker management. I also check the event viewer when i access the portals Event ID 1 The description for Event ID 1 from source Microsoft-Windows-MBAM-Web cannot be found. Either the component that raises this event is not installed on your local computer or the installation is corrupted. You can install or repair the component on the local computer. If the event originated on another computer, the display information had to be saved with the event. The following information was included with the event: Application: Default Web Site/HelpDesk is missing the following Service Principal Names (SPNs): http/ Register the required SPNs on the account: CHSV001012019$. The publisher has been disabled and its resource is not available. This usually occurs when the publisher is in the process of being uninstalled or upgraded Event ID 111 The description for Event ID 111 from source Microsoft-Windows-MBAM-Web cannot be found. Either the component that raises this event is not installed on your local computer or the installation is corrupted. You can install or repair the component on the local computer. If the event originated on another computer, the display information had to be saved with the event. The following information was included with the event: An error occurred while retrieving the database schema version from the Compliance database. Could not find stored procedure 'ComplianceCore.GetVersion'. The publisher has been disabled and its resource is not available. This usually occurs when the publisher is in the process of being uninstalled or upgraded Quote Share this post Link to post Share on other sites More sharing options...
anyweb Posted October 29, 2020 Report post Posted October 29, 2020 well it's hard to make out from your screenshot but it appears you had errors installing the portals, what cmdline did you use to install them ? Quote Share this post Link to post Share on other sites More sharing options...
hannah Posted October 29, 2020 Report post Posted October 29, 2020 I re-run the script. with this (changed to generic.) .\MBAMWebSiteInstaller.ps1 -SqlServerName sservername -SqlDatabaseName CM_abc -ReportWebServiceUrl http://server/ReportServer -HelpdeskUsersGroupName "abc\BitLocker HelpDesk Admins" -HelpdeskAdminsGroupName "abc\BitLocker Admin Users" -MbamReportUsersGroupName "abc\BitLocker Reporting Users" -SiteInstall Both I got no error on the powershell, then I tried to access the site again, but kept on asking for credentials. then there's this error on the event viewer The description for Event ID 1 from source Microsoft-Windows-MBAM-Web cannot be found. Either the component that raises this event is not installed on your local computer or the installation is corrupted. You can install or repair the component on the local computer. If the event originated on another computer, the display information had to be saved with the event. The following information was included with the event: Application: Default Web Site/HelpDesk is missing the following Service Principal Names (SPNs): http/ Register the required SPNs on the account: CHSV001012019$. The publisher has been disabled and its resource is not available. This usually occurs when the publisher is in the process of being uninstalled or upgraded The description for Event ID 111 from source Microsoft-Windows-MBAM-Web cannot be found. Either the component that raises this event is not installed on your local computer or the installation is corrupted. You can install or repair the component on the local computer. If the event originated on another computer, the display information had to be saved with the event. The following information was included with the event: An error occurred while retrieving the database schema version from the Compliance database. Could not find stored procedure 'ComplianceCore.GetVersion'. The publisher has been disabled and its resource is not available. This usually occurs when the publisher is in the process of being uninstalled or upgraded Quote Share this post Link to post Share on other sites More sharing options...
anyweb Posted October 29, 2020 Report post Posted October 29, 2020 ok still very hard to see the output from your powershell but if there's no errors then that's better, what type of environment do you have, is it a single primary with the helpdesks installed on the same server or something more complex, please explain... can you do a remote session so i can take a look (teamviewer ?) Quote Share this post Link to post Share on other sites More sharing options...
hannah Posted October 29, 2020 Report post Posted October 29, 2020 using 2 servers , sccm server and database server It would be nice if you can check via remote session, but actually this is a client environment so I don't have access to other servers except for sccm and DB server This is the result in PowerShell Quote Share this post Link to post Share on other sites More sharing options...
anyweb Posted October 29, 2020 Report post Posted October 29, 2020 can you confirm that you've met these prerequisites To use the self-service portal or the administration and monitoring website, you need a Windows server running IIS. You can reuse a Configuration Manager site system, or use a standalone web server that has connectivity to the site database server. Use a supported OS version for site system servers. Only install the self-service portal and the administration and monitoring website with a primary site database. In a hierarchy, install these websites for each primary site. On the web server that will host the self-service portal, install Microsoft ASP.NET MVC 4.0 and .NET Framework 3.5 feature before staring the install process. Other required Windows server roles and features will be installed automatically during the portal installation process. The user account that runs the portal installer script needs SQL Server sysadmin rights on the site database server. During the setup process, the script sets login, user, and SQL Server role rights for the web server machine account. You can remove this user account from the sysadmin role after you complete setup of the self-service portal and the administration and monitoring website. Quote Share this post Link to post Share on other sites More sharing options...
hannah Posted November 3, 2020 Report post Posted November 3, 2020 (edited) On 10/29/2020 at 6:36 PM, anyweb said: To use the self-service portal or the administration and monitoring website, you need a Windows server running IIS. You can reuse a Configuration Manager site system, or use a standalone web server that has connectivity to the site database server. Use a supported OS version for site system servers. In setting up bitlocker script, in this part -ReportWebServiceUrl https://rsp.contoso.com/ReportServer I used http://dbserver , and noticed that db server does not have the IIS role but the sccm server have IIS role. Only install the self-service portal and the administration and monitoring website with a primary site database. In a hierarchy, install these websites for each primary site. I run the script on the sccm server On the web server that will host the self-service portal, install Microsoft ASP.NET MVC 4.0 and .NET Framework 3.5 feature before staring the install process. Other required Windows server roles and features will be installed automatically during the portal installation process. I installed Microsoft ASP.NET MVC 4.0 on both sccm and db server The user account that runs the portal installer script needs SQL Server sysadmin rights on the site database server. During the setup process, the script sets login, user, and SQL Server role rights for the web server machine account. You can remove this user account from the sysadmin role after you complete setup of the self-service portal and the administration and monitoring website. the account I'm using when I run the script has the sysadmin rights on the db server Edited November 3, 2020 by hannah incomplete Quote Share this post Link to post Share on other sites More sharing options...
hannah Posted December 4, 2020 Report post Posted December 4, 2020 when using this parameter, -Uninstall: Uninstalls the BitLocker Management Help Desk/Self-Service web portal sites on a web server where they have been previously installed. how would you confirmed that the BitLocker Portals are already uninstalled? ref: https://docs.microsoft.com/en-us/mem/configmgr/protect/deploy-use/bitlocker/setup-websites Quote Share this post Link to post Share on other sites More sharing options...