iidse
asked on
Failure Audit event "Login failed for user 'Recover' event ID 18456 using Oracle SQL Client Transport Gateway
I have Windows 2003 Enterprise service running MS SQL 2005. The server has replication installed but the snapthot only runs at midnight.
We also have an Oracle SQL Client transport Gateway to allow an external Oracle application to query the SQL database.
I have noticed many\failure audt events in the application at different times during the day and night.
Source MSSQLSERVER
Category 4
Type Failure Audit
Description: Login failed for user 'RECOVER'.[CLIENT: Ip Address]
Could this account be related to SQL or Oracle?
The SQL installation does not show the existance of the Recover user account.
We also have an Oracle SQL Client transport Gateway to allow an external Oracle application to query the SQL database.
I have noticed many\failure audt events in the application at different times during the day and night.
Source MSSQLSERVER
Category 4
Type Failure Audit
Description: Login failed for user 'RECOVER'.[CLIENT: Ip Address]
Could this account be related to SQL or Oracle?
The SQL installation does not show the existance of the Recover user account.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
The trace showed the Audit Login Failed as:
Login Failed for user 'Recover'/
Login name Recover.
Client Process ID 8900 and 9376.
Unfortunately it did not show the application name, but I am sure it is related to the Oracle Transparent Gateway.
Login Failed for user 'Recover'/
Login name Recover.
Client Process ID 8900 and 9376.
Unfortunately it did not show the application name, but I am sure it is related to the Oracle Transparent Gateway.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I have setup the trace, but so far it has not listed it.
I found that the Recover account might be part of the Oracle Transparent Gateway for SQL, but I am still trying to see where is that configured.
Does anybody know this gateway configuration?