Login failed in SQL Server implying all IIS sites down

Hello everybody.

Yesterday morning everything was working perfectly. I have a MS Server 2008 with SQL Server 2008, MS Exchange Server 2007, Sharepoint 3.0 and Dynamics CRM 4.0.

Now I get an error 503 when trying to access any website located in the server (our own website, OWA, Sharepoint, CRM....), the APPPools in IIS are "stopped due to errors".

In the Event Viewer I can see constantly the following SQL Server error:

Login failed for user 'DOMAIN\Administrador'. Specified databe cannot be opened. [CLIENT: <local machine>]

Source:  MSSQLSERVER        Event Id: 18456.

Extended info:

- System

  - Provider
   [ Name]  MSSQLSERVER
  - EventID 18456
   [ Qualifiers]  49152
   Level 0
   Task 4
   Keywords 0x90000000000000
  - TimeCreated
   [ SystemTime]  2009-06-30T07:30:00.000Z
    EventRecordID 479101
    Channel Application
    Computer servername.domain.es
   - Security
   [ UserID]  S-1-5-21-839165756-4290762602-175011524-500
- EventData
   DOMAIN\Administrador
   Motivo: no se puede abrir la base de datos explícitamente especificada.
   [CLIENTE: <local machine>]
 184800000E0000000D00000053004500520056004500520049004E0053004500520031000000070000006D00610073007400650072000000


--------------------------------------------------------------------------------

Binary data:
In words
0000: 00004818 0000000E 0000000D 00450053
0008: 00560052 00520045 004E0049 00450053
0010: 00310052 00070000 006D0000 00730061
0018: 00650074 00000072  

In bytes
0000: 18 48 00 00 0E 00 00 00   .H......
0008: 0D 00 00 00 53 00 45 00   ....S.E.
0010: 52 00 56 00 45 00 52 00   R.V.E.R.
0018: 49 00 4E 00 53 00 45 00   I.N.S.E.
0020: 52 00 31 00 00 00 07 00   R.1.....
0028: 00 00 6D 00 61 00 73 00   ..m.a.s.
0030: 74 00 65 00 72 00 00 00   t.e.r...

------------------------------------------------------------------------------------

"Administrador"  is an Active Directory user with Admin rights everywhere.

I assume it is an error connecting to the 'master' database ??    The user has admin rights in that database, and I can query on that database with MS SQL Management Studio.  

This error always comes before two other errors  of Sharepoint, which are the following error twice:

Error in LoadBalancer.RegisterLauncher: remote name: 'servername' could not be resolved.  (Source: Office Sharepoint Server, EventID: 6102, Level 2, Task: 1561)

I tried checking the admin rights of user 'Administrador' and re-starting manually all the Application Pools in IIS, but the rights seem to be OK and I still get the 503 error when browsing any website...


Any hint what could be the problem?    Thanks in advance...
McGregor09Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

RiteshShahCommented:
are you sure databases you are trying to access is mapped with the login "Administrator"?
0
McGregor09Author Commented:
The thing is that it is mapped to all necessary databases, including master, model, and all CRM and  Sharepoint-realted...

The  additional information in the SQL Server error means that the error takes place trying to connect to the 'master' database?
0
RiteshShahCommented:
may be, one of the possible reason.

can't you check what server role your "Administrator" account has? are you manually able to connect to all databases with "Adminstrator" login and execute queries?
0
Big Business Goals? Which KPIs Will Help You

The most successful MSPs rely on metrics – known as key performance indicators (KPIs) – for making informed decisions that help their businesses thrive, rather than just survive. This eBook provides an overview of the most important KPIs used by top MSPs.

McGregor09Author Commented:
It has all the server roles assigned.  I can connect through the MS SQL Server Management Studio to any database and make queries, no problem with that.
0
St3veMaxCommented:
Have you checked the SQL Server Data Directory isnt full?


>>"Administrador"  is an Active Directory user with Admin rights everywhere.
Also - slap on the wrists for running everything as a DA. Change everything to service accounts with limited permissions.
0
McGregor09Author Commented:
The drive where SQL data is stored still has 261 GB free.

I know assigning all admin rights to one user is not right, it is just testing if it is a permission problem on the applications.
0
St3veMaxCommented:
In SQL, run 'xp_readerrorlog' and what does that come back with ?
0
McGregor09Author Commented:
It contains with these two errors continuously :

LogDate      ProcessInfo      Text
2009-06-30 10:57:01.040      NULL      Error: 18456, gravedad: 14, estado: 38.
2009-06-30 10:57:01.040      NULL      Login failed for user 'INSERMEDICA\Administrador'. Motivo: no se puede abrir la base de datos explícitamente especificada. [CLIENTE: <local machine>]  

English is "Due to: the Database explicitly specified cannot be opened"
0
St3veMaxCommented:
In Management Studio, Expand Databases - They all look normal - No (Offline, etc) next to the DB Name ?

Under Security, Find your account, what role is assigned to that DB ?

I'm assuming the account isnt locked out?

0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
McGregor09Author Commented:
All databases are Online, nothing special.

It actually has all the roles (all bulkadmin,      dbcreator,       diskadmin,      processadmin,     public,     securityadmin,     serveradmin,     setupadmin,     sysadmin)

And nope, it is not blocked.
0
St3veMaxCommented:
Only needs to be one role, sysadmin - this covers all of the other roles.

What happens if you try and connect to Log into the server under that account?

Also, Log into SQL Server Management Studio, Right click on the Server Name, go to Properties, under security, what authentication mode are you in ?
0
Racim BOUDJAKDJIDatabase Architect - Dba - Data ScientistCommented:
Double check these

> In logins check/create a login for 'INSERMEDICA\Administrador'
> For that login, grant dbo on whatever database needs to be accessed

If the above does not work, that means you problem is elsewhere than in SQL Server security.  Let us know
0
Racim BOUDJAKDJIDatabase Architect - Dba - Data ScientistCommented:
<<It actually has all the roles >>
As mentionned,sysadmin is he maximum.  Your problem may be related to Kerberos.  See if you can switch to SQL based security to give you time to troubleshoot...hth
0
Racim BOUDJAKDJIDatabase Architect - Dba - Data ScientistCommented:
To make sure, I'd drop and recreate the login user but only with dbo writes on the database.
0
Racim BOUDJAKDJIDatabase Architect - Dba - Data ScientistCommented:
You may want to double check you system event log to see if you don't have Kerberos related issues.  In that case, you'd to solve these first...
0
McGregor09Author Commented:
When connecting to the SQL Server Management Studio it is through Windows Authentication.

There are no Kerberos issues  at all. And all the security events in the event viewer are correct.
0
Racim BOUDJAKDJIDatabase Architect - Dba - Data ScientistCommented:
<<There are no Kerberos issues  at all. >>
Just double checking.  Have you tried to drop recreate the login.  Also you should consider refreshing your active directory credentials.
0
McGregor09Author Commented:
At the end, while chekcing all that, I searched for the parameter of an error I saw in the WAS service, and I found the following page:

http://blogs.msdn.com/jmacleod/archive/2008/06/25/iis7-sharepoint-2007-fails-with-503-service-unavailable-errors.aspx

At the end, it seems the failure is related to the Sharepoint configuration. Regarding the Office Sharepoint Server Search, when selecting the option "Use a dedicated web front end computer for crawling" instead of  "Use all web front end for crawling", some IPv6 entries are added in the HOSTS file. These entries caused all the side effects.

So, setting that Sharepoint option back to its previous value made everything work again.

Thanks everybody for your effort!
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft SQL Server

From novice to tech pro — start learning today.