Hi, I've recently setup and configured MBAM, however the Application Log on the MBAM server shows lots of the following errors: Event code: 100002 Event message: SQL error occured Event time: 05/10/2011 3:55:55 PM Event time (UTC): 05/10/2011 7:55:55 AM Event ID: 85c2614c7ff44f91b511b228aa6063a4 Event sequence: 16 Event occurrence: 15 Event detail code: 0 Application information: Application domain: /LM/W3SVC/2/ROOT/MBAMComplianceStatusService-1-129622739405401050 Trust level: Full Application Virtual Path: /MBAMComplianceStatusService Application Path: C:\inetpub\Malta BitLocker Management Solution\MBAM Compliance Status Service\ Machine name: HZL-MAN-016 Process information: Process ID: 780 Process name: w3wp.exe Account name: NT AUTHORITY\NETWORK SERVICE Exception information: Exception type: SqlException Exception message: Login failed for user 'DOMAIN\HZL-MAN-016$'. Request information: Request URL: Request path: User host address: User: Is authenticated: False Authentication Type: Thread account name: NT AUTHORITY\NETWORK SERVICE Thread information: Thread ID: 3 Thread account name: NT AUTHORITY\NETWORK SERVICE Is impersonating: False Stack trace: at System.Data.SqlClient.SqlInternalConnection.OnError(SqlException exception, Boolean breakConnection) at System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning(TdsParserStateObject stateObj) at System.Data.SqlClient.TdsParser.Run(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj) at System.Data.SqlClient.SqlInternalConnectionTds.CompleteLogin(Boolean enlistOK) at System.Data.SqlClient.SqlInternalConnectionTds.AttemptOneLogin(ServerInfo serverInfo, String newPassword, Boolean ignoreSniOpenTimeout, Int64 timerExpire, SqlConnection owningObject) at System.Data.SqlClient.SqlInternalConnectionTds.LoginNoFailover(String host, String newPassword, Boolean redirectedUserInstance, SqlConnection owningObject, SqlConnectionString connectionOptions, Int64 timerStart) at System.Data.SqlClient.SqlInternalConnectionTds.OpenLoginEnlist(SqlConnection owningObject, SqlConnectionString connectionOptions, String newPassword, Boolean redirectedUserInstance) at System.Data.SqlClient.SqlInternalConnectionTds..ctor(DbConnectionPoolIdentity identity, SqlConnectionString connectionOptions, Object providerInfo, String newPassword, SqlConnection owningObject, Boolean redirectedUserInstance) at System.Data.SqlClient.SqlConnectionFactory.CreateConnection(DbConnectionOptions options, Object poolGroupProviderInfo, DbConnectionPool pool, DbConnection owningConnection) at System.Data.ProviderBase.DbConnectionFactory.CreatePooledConnection(DbConnection owningConnection, DbConnectionPool pool, DbConnectionOptions options) at System.Data.ProviderBase.DbConnectionPool.CreateObject(DbConnection owningObject) at System.Data.ProviderBase.DbConnectionPool.UserCreateRequest(DbConnection owningObject) at System.Data.ProviderBase.DbConnectionPool.GetConnection(DbConnection owningObject) at System.Data.ProviderBase.DbConnectionFactory.GetConnection(DbConnection owningConnection) at System.Data.ProviderBase.DbConnectionClosed.OpenConnection(DbConnection outerConnection, DbConnectionFactory connectionFactory) at System.Data.SqlClient.SqlConnection.Open() at Microsoft.MBAM.ReportingService.DataProcessor.ProcessStatusReportInfo(StatusInfoType reportInfo) Custom event details: Application: MBAMComplianceStatusService Sql Server: HZLSQL05 Database: MBAM Compliance Status Sql ErrorCode: 18456 Error Message: Login failed for user 'DOMAIN\HZL-MAN-016$'. Can anyone help ? The SQL server that hosts the MBAM databases shows the following logs: Login failed for user 'DOMAIN\HZL-MAN-016$'. [CLIENT: xxx.xxx.xxx.64] Thanks

How is your MBAM setup? All MBAM roles on one server? or 3-tier model? On Win7 client, where you have MBAM client installed, can you also check the logs and see if you have any errors. Event Viewer -> Application and Services Logs -> Microsoft -> Windows -> MBAM Manoj Sehgal

I am getting the same error in a 3 tier-model. Do you have an update on the resolution?

if it a a 3-tier MBAM solution, then do this: On MBAM server where SQL db is installed, add the server name of MBAM IIS server under security --> logins. You will have to use SQL Management Studio to do this. Monitor the logs and let me know if it works or not. Manoj Sehgal

I only see that you can add users by either Windows authentication or SQL authentication not computer names. Am I missing something? In addition, when you say MBAM IIS Server I assume you mean the Admin and Monitoring Server?

Add this account HZL-MAN-016 in SQL. MBAM IIS server means MBAM Admin and Monitoring Server.Manoj Sehgal

Manoj, In my case my machine name is different but I follow your syntax. But again I can't add machine names. All I see if Built-in security principals, groups, or users. Is this a permissions issue that isn't allowing me to add computer objects?

Hi Manoj, my setup is also a 3 tier model. When I go to add the account, it asks for the password. What would this be ? Thanks !

Actually, I was wrong. I agree with the other poster, I can only add Built-in security principals, Groups, or Users from the Domain.

Can you make HZL-MAN-016$ the local admin on the SQL box? The security on SQL should have local administrators full control. Adding the machine account will allow that computer now... Please post back the results.. Regards, Vik Singh

Yes I've already tried this, but it's still not working. Do I need to restart anything ? Also, how can I check if SQL has the correct permissions set for Local Administrators ? Thanks

Also, I've added BUILTIN\Administrators as a Login in SQL, as SQL 2008 R2 doesn't have it by default. Still getting the errors.

I tried this and it did not work. I also rebooted the servers and still noting.

I figured out out to create the computer name entry in SQL. Go to Query Manager and fun the following create login [domain name\computername$] from windows go Unfortunately this did not resolve the issue

I resolved the issue Once the account is created in SQL using the above query go into SQL and add the sysadmin account role to the account you just created.

sysadmin account role has to be added, which I missed in my earlier thread. Great it is working for you now. Good Luck with MBAM. Manoj Sehgal

when i run the query it says incorrect syntac near '\' it seems it doesn't like the backslash between domain and computer name. where exactly do I go to run this query ? thanks

I added quotes around the domain\server name and it worked. have added sysadmin role, will see how it goes.

unfortunately i still have the same issue after performing the above steps. does anyone have any more ideas ? i've already rebooted bothe the SQL and MBAM servers.

just noticed in the Details view of the Event 18456 on the SQL server that it references the master database, do I need to do anything to the master database to make this work ? Error below: + System - Provider [ Name] MSSQLSERVER - EventID 18456 [ Qualifiers] 49152 Level 0 Task 4 Keywords 0x90000000000000 - TimeCreated [ SystemTime] 2011-10-18T01:12:37.000000000Z EventRecordID 1515127 Channel Application Computer HZLSQL05.int.bgc-contracting.com.au - Security [ UserID] S-1-5-21-1183060287-1205496975-829235722-104624 - EventData BGCCP\HZL-MAN-016$ [CLIENT: 172.xxx.xxx.xxx] 184800000E0000000900000048005A004C00530051004C00300035000000070000006D00610073007400650072000000 Binary data: In Words 0000: 00004818 0000000E 00000009 005A0048 0008: 0053004C 004C0051 00350030 00070000 0010: 006D0000 00730061 00650074 00000072 In Bytes 0000: 18 48 00 00 0E 00 00 00 .H...... 0008: 09 00 00 00 48 00 5A 00 ....H.Z. 0010: 4C 00 53 00 51 00 4C 00 L.S.Q.L. 0018: 30 00 35 00 00 00 07 00 0.5..... 0020: 00 00 6D 00 61 00 73 00 ..m.a.s. 0028: 74 00 65 00 72 00 00 00 t.e.r...

Did you add the account under Logins by connecting to SQL DB.? can you send the app log from SQL server to manojsehgal@hotmail.com Manoj Sehgal

It shows up in the SQL Server Management Studio under Security\Logins, is this the right place ? I'll send the log now.

Hi, did you receive the log by email ?

Hi, can anyone assist with this ? Thanks

Hi, Hi have the same issue after the update of MBAM Language pack release. I just add the machine account in Managment SQL Studio> Security > Logins like "Domain\Computername$" After that in User Mapping I have added dbo right on all my database and it works well :)