Hi,
At irregular intervals, I see status messages with the error 620 appearing in the SMS_HIERARCHY_MANAGER component.
The description of the status message is:
Microsoft SQL Server reported SQL message 15401, severity 16:[42000][15401][Microsoft][SQL Server Native Client 11.0][SQL Server]Windows NT user or group 'DOMAIN_B\NAME_GROUP'
not found. Check the name again.
Please refer to your Configuration Manager documentation, SQL Server documentation, or the Microsoft Knowledge Base for further troubleshooting information.<o:p></o:p>
My primary server is installed in domain A, the AD user group 'NAME_GROUP' is a user group in domain B. The 'NAME_GROUP' has been added to the RBAC security in Configuration Manager and linked to Full administrator scope.
I did some additional troubleshooting and found more information in the hman.log.
ERROR: AddAIUsersToAIToolsDBRole, Failed to add user [DOMAIN_B\NAME_GROUP] SMS_HIERARCHY_MANAGER 7/23/2013 3:24:02 PM 3772 (0x0EBC)
ERROR: Query < if EXISTS(select * from sys.database_principals where [name] = N'smsdbrole_AITool' and [type] = N'R') ~ BEGIN ~ IF NOT EXISTS(SELECT * FROM sys.server_principals where sid = SUSER_SID(N'DOMAIN_B\NAME_GROUP))
~ CREATE LOGIN [DOMAIN_B\NAME_GROUP]FROM
WINDOWS ~ ~ IF NOT EXISTS(SELECT * FROM sys.database_principals where sid =SUSER_SID(N'DOMAIN_B\NAME_GROUP'))
~ CREATE USER [DOMAIN_B\NAME_GROUP] FROM LOGIN [DOMAIN_B\NAME_GROUP]
~ ~ IF NOT EXISTS (SELECT * FROM
sys.database_role_members ~ where member_principal_id = USER_ID(N'DOMAIN_B\NAME_GROUP')
and ~ role_principal_id
=USER_ID(N'smsdbrole_AITool')) ~ exec sp_addrolemember N'smsdbrole_AITool', N'DOMAIN_B\NAME_GROUP'
~ END ~> SMS_HIERARCHY_MANAGER 7/23/2013 3:24:02 PM 3772 (0x0EBC)
ERROR: HandleAIPermissions : Failed to add AI user added to the role smsdbrole_AITool. SMS_HIERARCHY_MANAGER 7/23/2013 3:24:02 PM 3772 (0x0EBC)
I localized the SQL database role smsdbrole_AITOOL in the CM_XXX database on my SQL server that is installed on the same server as the primary server. I tried to add the user group from domain B manually to the SQL role, this went successfully.
Can someone assist me with this error?
Gr. Cdric