NuttyBar
asked on
SQL Server 2012 Login failed for user 'NT AUTHORITY\SYSTEM'
so i installed SCOM 2012 the other day, and i was getting errors on from my SQL server that the SPN was not set.
so, i go and set the SPN..... setspn -A MSSQLsvc/servername:1433
It successfully registered the SPN.
then, no one could access the server, and SharePoint gave an error that it could not connect to the configuration database.
Removing the SPN through adsiedit, fixed the problem, but we are getting additional errors in our SQL logs,
Login failed for user 'NT AUTHORITY\SYSTEM' reason: failed to open the explicity specified database 'dbname' [client IP: which is the sqlservers ip]
the SQL trace logs, show the same type of error, but specifiy the Windows script host as the application name
this has been going on for a few days, and to my knowledge nothing has changed in AD
when i run this query
SELECT auth_scheme FROM sys.dm_exec_connections WHERE session_id = @@spid ;
the response comes back as NTLM
any ideas?
so, i go and set the SPN..... setspn -A MSSQLsvc/servername:1433
It successfully registered the SPN.
then, no one could access the server, and SharePoint gave an error that it could not connect to the configuration database.
Removing the SPN through adsiedit, fixed the problem, but we are getting additional errors in our SQL logs,
Login failed for user 'NT AUTHORITY\SYSTEM' reason: failed to open the explicity specified database 'dbname' [client IP: which is the sqlservers ip]
the SQL trace logs, show the same type of error, but specifiy the Windows script host as the application name
this has been going on for a few days, and to my knowledge nothing has changed in AD
when i run this query
SELECT auth_scheme FROM sys.dm_exec_connections WHERE session_id = @@spid ;
the response comes back as NTLM
any ideas?
Daniel Wilson
What service is believed to be trying to connect to the server and asking for that DB? Is it possible to run it as a named user rather than as SYSTEM? If you run it as a named user, e.g. MyAppUser, setting permissions for it on the DB should become simpler.
ASKER
i am not totally sure, the ip address that the login failures are coming from are all local
when i look at the "user mapping" for nt auth, it shows only a couple of DB;s that are mapped to the login,
it shows:
sharepoint admin
sharepoint config
wss content
looking at it closer, it looks like it is failing on the Masterdb, so i added that to the user mapping
the errors seem to come every 15mn, so i will check back in a little bit to see if they continue.
when i look at the "user mapping" for nt auth, it shows only a couple of DB;s that are mapped to the login,
it shows:
sharepoint admin
sharepoint config
wss content
looking at it closer, it looks like it is failing on the Masterdb, so i added that to the user mapping
the errors seem to come every 15mn, so i will check back in a little bit to see if they continue.
ASKER
this is what the errors in the trace log were
Audit Login Failed
SYSTEM NT AUTHORITY
SRV-*
5836
Microsoft ® Windows Script Host
NT AUTHORITY\SYSTEM
115 2013-10-10 11:21:11.997
1 - Nonpooled 0 0 3945
domain\SRV-*$
Login failed for user 'NT AUTHORITY\SYSTEM'. Reason: Failed to open the explicitly specified database 'DQS_MAIN'. [CLIENT: 10.*.*.*] 1
38 18456 master 1 - Non-DAC
Audit Login Failed
SYSTEM NT AUTHORITY
SRV-*
5836
Microsoft ® Windows Script Host
NT AUTHORITY\SYSTEM
115 2013-10-10 11:21:11.997
1 - Nonpooled 0 0 3945
domain\SRV-*$
Login failed for user 'NT AUTHORITY\SYSTEM'. Reason: Failed to open the explicitly specified database 'DQS_MAIN'. [CLIENT: 10.*.*.*] 1
38 18456 master 1 - Non-DAC
ASKER
Still getting the errors
ASKER
Date 10/10/2013 2:21:18 PM
Log SQL Server (Current - 10/10/2013 2:06:00 PM)
Source Logon
Message
Error: 18456, Severity: 14, State: 38.
Log SQL Server (Current - 10/10/2013 2:06:00 PM)
Source Logon
Message
Error: 18456, Severity: 14, State: 38.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I did the research and figured it out