SQL Server 2012 Login failed for user 'NT AUTHORITY\SYSTEM'

Posted on 2013-10-10
Medium Priority
Last Modified: 2013-10-15
so i installed SCOM 2012 the other day, and i was getting errors on from my SQL server that the SPN was not set.

so, i go and set the SPN.....  setspn -A MSSQLsvc/servername:1433

It successfully registered the SPN.

then, no one could access the server,  and SharePoint gave an error that it could not connect to the configuration database.

Removing the SPN through adsiedit, fixed the problem,  but we are getting additional errors in our SQL logs,  

Login failed for user 'NT AUTHORITY\SYSTEM'  reason: failed to open the explicity specified database 'dbname' [client IP:  which is the sqlservers ip]

the SQL trace logs, show the same type of error,  but specifiy the Windows script host as the application name

this has been going on for a few days, and to my knowledge nothing has changed in AD

when i run this query
SELECT auth_scheme FROM sys.dm_exec_connections WHERE session_id = @@spid ;

the response comes back as NTLM

any ideas?
Question by:NuttyBar
  • 6
LVL 32

Expert Comment

by:Daniel Wilson
ID: 39563508
What service is believed to be trying to connect to the server and asking for that DB?  Is it possible to run it as a named user rather than as SYSTEM?  If you run it as a named user, e.g. MyAppUser, setting permissions for it on the DB should become simpler.

Author Comment

ID: 39563578
i am not totally sure,  the ip address that the login failures are coming from are all local

when i look at the "user mapping" for nt auth, it shows only a couple of DB;s that are mapped to the login,  

it shows:  
sharepoint admin
sharepoint config
wss content

looking at it closer, it looks like it is failing on the Masterdb,  so i added that to the user mapping

the errors seem to come every 15mn,  so i will check back in a little bit to see if they continue.

Author Comment

ID: 39563598
this is what the errors in the trace log were

Audit Login Failed      
Microsoft ® Windows Script Host      
115      2013-10-10 11:21:11.997      
1 - Nonpooled      0            0      3945            
Login failed for user 'NT AUTHORITY\SYSTEM'. Reason: Failed to open the explicitly specified database 'DQS_MAIN'. [CLIENT: 10.*.*.*]      1      
38      18456      master      1 - Non-DAC
Easily manage email signatures in Office 365

Managing email signatures in Office 365 can be a challenging task if you don't have the right tool. CodeTwo Email Signatures for Office 365 will help you implement a unified email signature look, no matter what email client is used by users. Test it for free!


Author Comment

ID: 39563634
Still getting the errors

Author Comment

ID: 39563637
Date            10/10/2013 2:21:18 PM
Log            SQL Server (Current - 10/10/2013 2:06:00 PM)

Source            Logon

Error: 18456, Severity: 14, State: 38.

Accepted Solution

NuttyBar earned 0 total points
ID: 39563744

Author Closing Comment

ID: 39573142
I did the research and figured it out

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Microsoft Access has a limit of 255 columns in a single table; SQL Server allows tables with over 255 columns, but reading that data is not necessarily simple.  The final solution for this task involved creating a custom text parser and then reading…
I’m willing to make a bet that your organization stores sensitive data in your Windows File Servers; files and folders that you really don’t want making it into the wrong hands.
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

588 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question