MBAM server issues connecting to SQL database
Hi,
I've recently setup and configured MBAM, however the Application Log on the MBAM server shows lots of the following errors:
Event code: 100002
Event message: SQL error occured
Event time: 05/10/2011 3:55:55 PM
Event time (UTC): 05/10/2011 7:55:55 AM
Event ID: 85c2614c7ff44f91b511b228aa6063a4
Event sequence: 16
Event occurrence: 15
Event detail code: 0
Application information:
Application domain: /LM/W3SVC/2/ROOT/MBAMComplianceStatusService-1-129622739405401050
Trust level: Full
Application Virtual Path: /MBAMComplianceStatusService
Application Path: C:\inetpub\Malta BitLocker Management Solution\MBAM Compliance Status Service\
Machine name: HZL-MAN-016
Process information:
Process ID: 780
Process name: w3wp.exe
Account name: NT AUTHORITY\NETWORK SERVICE
Exception information:
Exception type: SqlException
Exception message: Login failed for user 'DOMAIN\HZL-MAN-016$'.
Request information:
Request URL:
Request path:
User host address:
User:
Is authenticated: False
Authentication Type:
Thread account name: NT AUTHORITY\NETWORK SERVICE
Thread information:
Thread ID: 3
Thread account name: NT AUTHORITY\NETWORK SERVICE
Is impersonating: False
Stack trace: at System.Data.SqlClient.SqlInternalConnection.OnError(SqlException exception, Boolean breakConnection)
at System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning(TdsParserStateObject stateObj)
at System.Data.SqlClient.TdsParser.Run(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj)
at System.Data.SqlClient.SqlInternalConnectionTds.CompleteLogin(Boolean enlistOK)
at System.Data.SqlClient.SqlInternalConnectionTds.AttemptOneLogin(ServerInfo serverInfo, String newPassword, Boolean ignoreSniOpenTimeout, Int64 timerExpire, SqlConnection owningObject)
at System.Data.SqlClient.SqlInternalConnectionTds.LoginNoFailover(String host, String newPassword, Boolean redirectedUserInstance, SqlConnection owningObject, SqlConnectionString connectionOptions, Int64 timerStart)
at System.Data.SqlClient.SqlInternalConnectionTds.OpenLoginEnlist(SqlConnection owningObject, SqlConnectionString connectionOptions, String newPassword, Boolean redirectedUserInstance)
at System.Data.SqlClient.SqlInternalConnectionTds..ctor(DbConnectionPoolIdentity identity, SqlConnectionString connectionOptions, Object providerInfo, String newPassword, SqlConnection owningObject, Boolean redirectedUserInstance)
at System.Data.SqlClient.SqlConnectionFactory.CreateConnection(DbConnectionOptions options, Object poolGroupProviderInfo, DbConnectionPool pool, DbConnection owningConnection)
at System.Data.ProviderBase.DbConnectionFactory.CreatePooledConnection(DbConnection owningConnection, DbConnectionPool pool, DbConnectionOptions options)
at System.Data.ProviderBase.DbConnectionPool.CreateObject(DbConnection owningObject)
at System.Data.ProviderBase.DbConnectionPool.UserCreateRequest(DbConnection owningObject)
at System.Data.ProviderBase.DbConnectionPool.GetConnection(DbConnection owningObject)
at System.Data.ProviderBase.DbConnectionFactory.GetConnection(DbConnection owningConnection)
at System.Data.ProviderBase.DbConnectionClosed.OpenConnection(DbConnection outerConnection, DbConnectionFactory connectionFactory)
at System.Data.SqlClient.SqlConnection.Open()
at Microsoft.MBAM.ReportingService.DataProcessor.ProcessStatusReportInfo(StatusInfoType reportInfo)
Custom event details:
Application: MBAMComplianceStatusService
Sql Server: HZLSQL05
Database: MBAM Compliance Status
Sql ErrorCode: 18456
Error Message: Login failed for user 'DOMAIN\HZL-MAN-016$'.
Can anyone help ? The SQL server that hosts the MBAM databases shows the following logs:
Login failed for user 'DOMAIN\HZL-MAN-016$'. [CLIENT: xxx.xxx.xxx.64]
Thanks
October 5th, 2011 4:02am
How is your MBAM setup?
All MBAM roles on one server?
or
3-tier model?
On Win7 client, where you have MBAM client installed, can you also check the logs and see if you have any errors.
Event Viewer -> Application and Services
Logs -> Microsoft -> Windows -> MBAM
Manoj Sehgal
Free Windows Admin Tool Kit Click here and download it now
October 6th, 2011 12:12pm
I am getting the same error in a 3 tier-model. Do you have an update on the resolution?
October 13th, 2011 1:54pm
if it a a 3-tier MBAM solution, then do this:
On MBAM server where SQL db is installed, add the server name of MBAM IIS server under security --> logins.
You will have to use SQL Management Studio to do this.
Monitor the logs and let me know if it works or not.
Manoj Sehgal
Free Windows Admin Tool Kit Click here and download it now
October 13th, 2011 2:11pm
I only see that you can add users by either Windows authentication or SQL authentication not computer names. Am I missing something? In addition, when you say MBAM IIS Server I assume you mean the Admin and Monitoring Server?
October 13th, 2011 2:32pm
Add this account HZL-MAN-016 in SQL.
MBAM IIS server means MBAM Admin and Monitoring Server.Manoj Sehgal
Free Windows Admin Tool Kit Click here and download it now
October 13th, 2011 2:39pm
Manoj,
In my case my machine name is different but I follow your syntax. But again I can't add machine names. All I see if Built-in security principals, groups, or users. Is this a permissions issue that isn't allowing me to add computer objects?
October 13th, 2011 2:49pm
Hi Manoj,
my setup is also a 3 tier model.
When I go to add the account, it asks for the password. What would this be ?
Thanks !
Free Windows Admin Tool Kit Click here and download it now
October 13th, 2011 9:07pm
Actually, I was wrong. I agree with the other poster, I can only add Built-in security principals, Groups, or Users from the Domain.
October 13th, 2011 10:45pm
Can you make HZL-MAN-016$ the local admin on the SQL box?
The security on SQL should have local administrators full control. Adding the machine account will allow that computer now...
Please post back the results..
Regards, Vik Singh
Free Windows Admin Tool Kit Click here and download it now
October 14th, 2011 12:08am
Yes I've already tried this, but it's still not working. Do I need to restart anything ? Also, how can I check if SQL has the correct permissions set for Local Administrators ?
Thanks
October 14th, 2011 12:55am
Also, I've added BUILTIN\Administrators as a Login in SQL, as SQL 2008 R2 doesn't have it by default. Still getting the errors.
Free Windows Admin Tool Kit Click here and download it now
October 14th, 2011 1:06am
I tried this and it did not work. I also rebooted the servers and still noting.
October 14th, 2011 9:49am
I figured out out to create the computer name entry in SQL.
Go to Query Manager and fun the following
create login [domain name\computername$] from windows
go
Unfortunately this did not resolve the issue
Free Windows Admin Tool Kit Click here and download it now
October 14th, 2011 11:01am
I resolved the issue
Once the account is created in SQL using the above query go into SQL and add the sysadmin account role to the account you just created.
October 14th, 2011 11:45am
sysadmin account role has to be added, which I missed in my earlier thread.
Great it is working for you now.
Good Luck with MBAM.
Manoj Sehgal
Free Windows Admin Tool Kit Click here and download it now
October 14th, 2011 3:25pm
when i run the query it says incorrect syntac near '\'
it seems it doesn't like the backslash between domain and computer name. where exactly do I go to run this query ?
thanks
October 17th, 2011 8:29pm
I added quotes around the domain\server name and it worked. have added sysadmin role, will see how it goes.
Free Windows Admin Tool Kit Click here and download it now
October 17th, 2011 8:34pm
unfortunately i still have the same issue after performing the above steps. does anyone have any more ideas ? i've already rebooted bothe the SQL and MBAM servers.
October 17th, 2011 9:01pm
just noticed in the Details view of the Event 18456 on the SQL server that it references the master database, do I need to do anything to the master database to make this work ? Error below:
+
System
-
Provider
[ Name]
MSSQLSERVER
-
EventID
18456
[ Qualifiers]
49152
Level
0
Task
4
Keywords
0x90000000000000
-
TimeCreated
[ SystemTime]
2011-10-18T01:12:37.000000000Z
EventRecordID
1515127
Channel
Application
Computer
HZLSQL05.int.bgc-contracting.com.au
-
Security
[ UserID]
S-1-5-21-1183060287-1205496975-829235722-104624
-
EventData
BGCCP\HZL-MAN-016$
[CLIENT: 172.xxx.xxx.xxx]
184800000E0000000900000048005A004C00530051004C00300035000000070000006D00610073007400650072000000
Binary data:
In Words
0000: 00004818 0000000E 00000009 005A0048
0008: 0053004C 004C0051 00350030 00070000
0010: 006D0000 00730061 00650074 00000072
In Bytes
0000: 18 48 00 00 0E 00 00 00 .H......
0008: 09 00 00 00 48 00 5A 00 ....H.Z.
0010: 4C 00 53 00 51 00 4C 00 L.S.Q.L.
0018: 30 00 35 00 00 00 07 00 0.5.....
0020: 00 00 6D 00 61 00 73 00 ..m.a.s.
0028: 74 00 65 00 72 00 00 00 t.e.r...
Free Windows Admin Tool Kit Click here and download it now
October 17th, 2011 9:14pm
Did you add the account under Logins by connecting to SQL DB.?
can you send the app log from SQL server to
manojsehgal@hotmail.com
Manoj Sehgal
October 17th, 2011 9:26pm
It shows up in the SQL Server Management Studio under Security\Logins, is this the right place ?
I'll send the log now.
Free Windows Admin Tool Kit Click here and download it now
October 17th, 2011 9:29pm
Hi, did you receive the log by email ?
October 17th, 2011 11:28pm
Hi,
can anyone assist with this ?
Thanks
Free Windows Admin Tool Kit Click here and download it now
October 24th, 2011 3:00am
Hi,
Hi have the same issue after the update of MBAM Language pack release.
I just add the machine account in Managment SQL Studio> Security > Logins like "Domain\Computername$" After that in User Mapping I have added dbo right on all my database and it works well :)
June 14th, 2012 8:54am